aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoradam <adam@>2021-02-12 20:47:42 +0200
committeradam <adam@>2021-02-12 20:47:42 +0200
commitfea0178c85cca6c95cdd8a92fe24c3fd81fec742 (patch)
treebc18fe7c1dc9581d95c3e1cacf41bb07bd5d7328
parent369de870ef6dbcd67ac9316bf714a6ded892eadc (diff)
downloadfileup-fea0178c85cca6c95cdd8a92fe24c3fd81fec742.tar.gz
checks if filename exists in the directory before creating the filenode
-rw-r--r--php/database.php21
-rw-r--r--php/upload.php5
2 files changed, 20 insertions, 6 deletions
diff --git a/php/database.php b/php/database.php
index 789ea86..23ff602 100644
--- a/php/database.php
+++ b/php/database.php
@@ -135,12 +135,15 @@ require_once "node.php";
}
/*if both are not null returns the id of the node with the name name in the directory_id node*/
- function get_node_id($name,$directory_id)
+ function get_node_id(string $name,int $directory_id)
{
- $statement=$this->pdo->prepare(
- "select nl.node_id as id from node_links nl
- inner join nodes n on n.node_id=nl.node_id
- where name=:name and directory_id=:directory_id)");
+ $statement=$this->pdo->prepare("
+ select node_links.node_id as id
+ from node_links
+ inner join nodes on
+ nodes.node_id=node_links.node_id
+ where node_links.name=:name and node_links.directory_id=:directory_id
+ ");
$statement->bindParam(':name',$name);
$statement->bindParam(':directory_id',$directory_id);
if($statement->execute()==false)
@@ -149,7 +152,7 @@ require_once "node.php";
return NULL;
}
$hold=$statement->fetch(PDO::FETCH_ASSOC);
- if($hold==false)
+ if(gettype($hold)!="array")
{
return NULL;
}else
@@ -344,6 +347,12 @@ require_once "node.php";
return "error";
}
+ /*check if node with given name exists*/
+ if($this->get_node_id($filename,$dir_id)!=NULL)
+ {
+ error_log("filename taken");
+ return "filename taken";
+ }
/*generate the node*/
$code=$this->get_random_node_name("");
if($filename==NULL)return "error";
diff --git a/php/upload.php b/php/upload.php
index ee5d1ae..1672e9e 100644
--- a/php/upload.php
+++ b/php/upload.php
@@ -25,6 +25,11 @@ if($codename=="error")
http_response_code(400);
exit(0);
}
+if($codename=="filename taken")
+{
+ http_response_code(409);
+ exit(0);
+}
move_uploaded_file($file['tmp_name'], "$storage_root/$codename");
http_response_code(200);