FILEUP



LOG | FILES | OVERVIEW


F diff --git a/php/database.php b/php/database.php --- a/php/database.php +++ b/php/database.php
$prep->bindParam(':code',$code);
if($users=="")
{
- $prep->bindParam(':is_public',true);
+ $is_public=1;
}else
{
- $prep->bindParam(':is_public',false);
+ $is_public=0;
+ error_log("shared with $users is set to public=$is_public");
}
+ $prep->bindParam(':is_public',$is_public);
+
if($prep->execute()==false)
{
error_log("could not create shared node in create_shared_node");
$nod->node_id=$ret["node_id"];
$nod->password=$ret["passcode"];
$nod->code=$ret["code"];
+ $nod->is_public=$ret["is_public"];
return $nod;
}
F diff --git a/php/node.php b/php/node.php --- a/php/node.php +++ b/php/node.php
public $node_id;
public $code;
public $password;
+ public $is_public;
}
/*path is in terms of the simulated filesystem*/
/*returns NULL on error*/
F diff --git a/php/share.php b/php/share.php --- a/php/share.php +++ b/php/share.php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
- if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) )
+ if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["permissions"]) )
{
+ error_log("things are not set quite right");
http_response_code(409);
exit(0);
}
$password=$_POST["password"];
$permissions=$_POST["permissions"];
+
if($permissions==1)
{
$can_read=true;
http_response_code(409);
exit(0);
}
- $permissions=$database->get_permissions($shared_node->node_id,$user->user_id);
- if($permissions["can_view"]==true)
+ if(isset($_SESSION["user_object"]))
{
- $node=$database->get_node($shared_node->node_id);
- if($node->is_directory)
+ $user=$_SESSION["user_object"];
+ $permissions=$database->get_permissions($shared_node->node_id,$user->user_id);
+ if($permissions["can_view"]==true)
{
- /*spooky stuff here*/
- http_response_code(409);
- exit(1);
+ $node=$database->get_node($shared_node->node_id);
+ if($node->is_directory)
+ {
+ /*spooky stuff here*/
+ http_response_code(409);
+ exit(1);
+ }else
+ {
+ header("Content-type: $node->type");
+ readfile("$storage_root/$node->code");
+ }
+ }
+ }else
+ {
+ if($shared_node->is_public==true)
+ {
+ $node=$database->get_node($shared_node->node_id);
+ if($node->is_directory)
+ {
+ /*spooky stuff here*/
+ http_response_code(409);
+ exit(1);
+ }else
+ {
+ header("Content-type: $node->type");
+ readfile("$storage_root/$node->code");
+ }
}else
{
- header("Content-type: $node->type");
- readfile("$storage_root/$node->code");
+ http_response_code(409);
+ exit(1);
}
}
+
}else
{
http_response_code(409);