aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php/database.php8
-rw-r--r--php/node.php1
-rw-r--r--php/share.php47
3 files changed, 44 insertions, 12 deletions
diff --git a/php/database.php b/php/database.php
index 57aac3d..c951576 100644
--- a/php/database.php
+++ b/php/database.php
@@ -472,11 +472,14 @@ require_once "node.php";
$prep->bindParam(':code',$code);
if($users=="")
{
- $prep->bindParam(':is_public',true);
+ $is_public=1;
}else
{
- $prep->bindParam(':is_public',false);
+ $is_public=0;
+ error_log("shared with $users is set to public=$is_public");
}
+ $prep->bindParam(':is_public',$is_public);
+
if($prep->execute()==false)
{
error_log("could not create shared node in create_shared_node");
@@ -620,6 +623,7 @@ require_once "node.php";
$nod->node_id=$ret["node_id"];
$nod->password=$ret["passcode"];
$nod->code=$ret["code"];
+ $nod->is_public=$ret["is_public"];
return $nod;
}
diff --git a/php/node.php b/php/node.php
index dfe1297..d434f1c 100644
--- a/php/node.php
+++ b/php/node.php
@@ -15,6 +15,7 @@ require_once "user.php";
public $node_id;
public $code;
public $password;
+ public $is_public;
}
/*path is in terms of the simulated filesystem*/
/*returns NULL on error*/
diff --git a/php/share.php b/php/share.php
index 10f8d25..8cc150a 100644
--- a/php/share.php
+++ b/php/share.php
@@ -9,8 +9,9 @@ session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
- if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) )
+ if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["permissions"]) )
{
+ error_log("things are not set quite right");
http_response_code(409);
exit(0);
}
@@ -22,6 +23,7 @@ if($_SERVER["REQUEST_METHOD"] == "POST")
$password=$_POST["password"];
$permissions=$_POST["permissions"];
+
if($permissions==1)
{
$can_read=true;
@@ -72,24 +74,49 @@ if($_SERVER["REQUEST_METHOD"] == "POST")
http_response_code(409);
exit(0);
}
- $permissions=$database->get_permissions($shared_node->node_id,$user->user_id);
- if($permissions["can_view"]==true)
+ if(isset($_SESSION["user_object"]))
{
- $node=$database->get_node($shared_node->node_id);
- if($node->is_directory)
+ $user=$_SESSION["user_object"];
+ $permissions=$database->get_permissions($shared_node->node_id,$user->user_id);
+ if($permissions["can_view"]==true)
{
- /*spooky stuff here*/
- http_response_code(409);
- exit(1);
+ $node=$database->get_node($shared_node->node_id);
+ if($node->is_directory)
+ {
+ /*spooky stuff here*/
+ http_response_code(409);
+ exit(1);
+ }else
+ {
+ header("Content-type: $node->type");
+ readfile("$storage_root/$node->code");
+ }
+ }
+ }else
+ {
+ if($shared_node->is_public==true)
+ {
+ $node=$database->get_node($shared_node->node_id);
+ if($node->is_directory)
+ {
+ /*spooky stuff here*/
+ http_response_code(409);
+ exit(1);
+ }else
+ {
+ header("Content-type: $node->type");
+ readfile("$storage_root/$node->code");
+ }
}else
{
- header("Content-type: $node->type");
- readfile("$storage_root/$node->code");
+ http_response_code(409);
+ exit(1);
}
}
+
}else
{
http_response_code(409);