aboutsummaryrefslogtreecommitdiffstats
path: root/php
diff options
context:
space:
mode:
Diffstat (limited to 'php')
-rw-r--r--php/database.php125
-rw-r--r--php/node.php9
-rw-r--r--php/readdir.php8
-rw-r--r--php/upload.php9
4 files changed, 129 insertions, 22 deletions
diff --git a/php/database.php b/php/database.php
index 66f2efb..98946ce 100644
--- a/php/database.php
+++ b/php/database.php
@@ -26,7 +26,7 @@ require_once "node.php";
{
$ret=new User;
- $prep=$this->pdo->prepare("select user_id,username,email from users where username=:username");
+ $prep=$this->pdo->prepare("select user_id,username,email,home_directory from users where username=:username");
$prep->bindParam(':username',$user);
$prep->execute();
@@ -106,12 +106,13 @@ require_once "node.php";
error_log("there was a problem with the sql statement at get_nodes_with_code");
return [];
}
- return $statement->fetchAll(PDO::FETCH_ASSOC);
+ return $statement->fetch(PDO::FETCH_ASSOC);
}
/* I think this only makes sense if node is a dir*/
/* returns assoc array of nodes*/
function get_links_of(int $node_id)
{
+ error_log("in get_links_of with argument {$node_id}");
$statement=$this->pdo->prepare("
select node_links.node_id as id,
node_links.name as name,
@@ -121,7 +122,7 @@ require_once "node.php";
from node_links
inner join nodes on
nodes.node_id=node_links.node_id
- where nodes.node_id=:id
+ where node_links.directory_id=:id
");
$statement->bindParam(':id',$node_id);
if($statement->execute()==false)
@@ -171,24 +172,111 @@ require_once "node.php";
}
+ function get_premissions(int $node_id,int $user_id)
+ {
+ $prep=$this->pdo->prepare("
+ select can_view,can_edit
+ from node_access
+ where node_id=:node and user_id=:user
+ ");
+ $prep->bindParam(':node',$node_id);
+ $prep->bindParam(':user',$user_id);
+ if($prep->execute()==false)
+ {
+ error_log("there is an error with the sql statemtent at get_premissions");
+ return NULL;
+ }
+ $ret=$prep->fetch(PDO::FETCH_ASSOC);
+ if(gettype($ret)=="boolean")
+ {
+ $prep=$this->pdo->prepare("insert into
+ node_access(node_id,user_id,can_view,can_edit)
+ values(:node,:user,false,false)");
+ $prep->bindParam(':node',$node_id);
+ $prep->bindParam(':user',$user_id);
+ if($prep->execute()==false)
+ {
+ error_log("couldnt create access entry in get_premissions2");
+ return NULL;
+ }
+
+ $prep=$this->pdo->prepare("
+ select can_view,can_edit
+ from node_access
+ where node_id=:node and user_id=:user
+ ");
+ $prep->bindParam(':node',$node_id);
+ $prep->bindParam(':user',$user_id);
+ if($prep->execute()==false)
+ {
+ error_log("there is an error with the sql statemtent at get_premissions3");
+ return NULL;
+ }
+ $ret=$prep->fetch(PDO::FETCH_ASSOC);
+ }
+ return $ret;
+ }
+
+ function give_view_access(int $node_id,int $user_id)
+ {
+ $premissions=$this->get_premissions($node_id,$user_id);
+ /*this isn't futile because we create access entries in get_premission if there are none*/
+ if($premissions["can_view"]==false)
+ {
+ $prep=$this->pdo->prepare("update node_access
+ set can_view=true
+ where node_id=:node and user_id=:user
+ ");
+ $prep->bindParam(':node',$node_id);
+ $prep->bindParam(':user',$user_id);
+ if($prep->execute()==false)
+ {
+ error_log("could not execute sql statement in guve_view_access");
+ }
+
+ }
+ }
+
+ function give_edit_access(int $node_id,int $user_id)
+ {
+ $premissions=$this->get_premissions($node_id,$user_id);
+ /*this isn't futile because we create access entries in get_premission if there are none*/
+ if($premissions["can_edit"]==false)
+ {
+ $prep=$this->pdo->prepare("update node_access
+ set can_edit=true
+ where node_id=:node and user_id=:user
+ ");
+ $prep->bindParam(':node',$node_id);
+ $prep->bindParam(':user',$user_id);
+ if($prep->execute()==false)
+ {
+ error_log("could not execute sql statement in give_edit_access");
+ }
+
+ }
+ }
+
/*this is used to create seperate roots for the users*/
function create_dangling_directory(): int
{
$code_name=$this->get_random_node_name("");
global $storage_root;
+ /*create directory node*/
$prep=$this->pdo->prepare("insert into nodes(is_directory,relative_path,code) values(true,:root,:code)");
$prep->bindParam(':code',$code_name);
- $prep->bindParam(':root',$storage_root);
+ $prep->bindParam(':root',$code_name);
if($prep->execute()==false)
{
error_log("tried to create a dangling directory but sql statement failed. Fatal error!");
exit(1);
}
-
+ /*give premissions*/
+
$id=$this->get_node_with_code($code_name);
if(count($id)!=1)
{
@@ -197,7 +285,7 @@ require_once "node.php";
}
//print count($id);
- return $id[0]["id"];
+ return $id["id"];
}
/*links source to target*/
@@ -217,7 +305,7 @@ require_once "node.php";
}
}
/*returns the file name as it must be in the filesystem relative to the storage root*/
- function create_file_node(string $filename,string $note,int $dir_id): string
+ function create_file_node(string $filename,string $note,int $dir_id,User $user): string
{
global $storage_root;
/*checkout the directory*/
@@ -236,14 +324,22 @@ require_once "node.php";
error_log("could not exedude dir sql statement in create_file_node");
return "error";
}
- $dir=$dir_prep->fetch(PDO::FETCH_ASSOC);
+ if(($dir=$dir_prep->fetch(PDO::FETCH_ASSOC))==false)
+ {
+ error_log("create_file_node dir isnt a directory");
+ return "error";
+ }
if($dir["is_directory"]==false)
{
+ /*remove this TODO*/
+ error_log("create_file_node: dir is not a directory directory=".print_r($dir).gettype($dir));
return "error";
}
if($dir["can_edit"]==false)
{
/*TODO*/
+ /*remove this TODO*/
+ error_log("create_file_node: dir is not modifiable");
return "error";
}
@@ -253,7 +349,7 @@ require_once "node.php";
$prep=$this->pdo->prepare("insert into nodes(is_directory,relative_path,code)
values(false,:root,:code)
");
- $prep->bindParam(':root',"/".$code);
+ $prep->bindParam(':root',$code);
$prep->bindParam(':code',$code);
if($prep->execute()==false)
@@ -262,9 +358,13 @@ require_once "node.php";
/*not so quiet error*/
return "error";
}
- $new_id=get_node_with_code($code);
+ $new_id=$this->get_node_with_code($code)["id"];
/*link the node to the directory*/
- link_nodes($dir_id,$new_id,$filename,$note);
+ $this->link_nodes($dir_id,$new_id,$filename,$note);
+ /*give premissions to the creator*/
+
+ $this->give_view_access($new_id,$user->user_id);
+ $this->give_edit_access($new_id,$user->user_id);
return $code;
}
/*checks if there is a link between two node_id-s*/
@@ -323,6 +423,9 @@ require_once "node.php";
/*todo make an error page*/
exit(1);
}
+ $user_id=$this->get_user($user)->user_id;
+ $this->give_view_access($home_dir,$user_id);
+ $this->give_edit_access($home_dir,$user_id);
}
return true;
}
diff --git a/php/node.php b/php/node.php
index 62b9ad2..3d56d99 100644
--- a/php/node.php
+++ b/php/node.php
@@ -7,25 +7,26 @@ require_once "user.php";
/*path is in terms of the simulated filesystem*/
function get_directory(string $abstract_path,User $user)
{
+ global $database;
if($abstract_path[0]!="/")
{
return NULL;
}
if($component=strtok($abstract_path,"/")==false)
{
- return NULL;
+ return $database->get_links_of($user->home_directory);
}
- $current_dir=$database->get_node($component,$user->home_directory);
+ $current_dir=$database->get_node_id($component,$user->home_directory);
if($current_dir==NULL)
return NULL;
/*traverse path*/
while($component=strtok("/"))
{
- $current_dir=get_node($component,$current_dir);
+ $current_dir=$database->get_node_id($component,$current_dir);
if($current_dir==NULL)
return NULL;
}
- return get_links_of(NULL,$current_dir);
+ return $database->get_links_of($current_dir);
}
?>
diff --git a/php/readdir.php b/php/readdir.php
index b6a1916..b913cb1 100644
--- a/php/readdir.php
+++ b/php/readdir.php
@@ -1,3 +1,9 @@
<?php
-echo '[ { "name": "file1.txt", "mimetype": "text/plain", "is_directory": false }, { "name": "file2.pdf", "mimetype": "application/pdf", "is_directory": false }, { "name": "dir", "mimetype": "", "is_directory": true } ] ';
+ require_once "node.php";
+ session_start();
+ $user=$_SESSION["user_object"];
+
+//echo '[ { "name": "file1.txt", "mimetype": "text/plain", "is_directory": false }, { "name": "file2.pdf", "mimetype": "application/pdf", "is_directory": false }, { "name": "dir", "mimetype": "", "is_directory": true } ] ';
+ echo get_directory("/",$user);
+ error_log(print_r(get_directory("/",$user)).gettype(get_directory("/",$user)));
?>
diff --git a/php/upload.php b/php/upload.php
index b36a0f1..b22c3a8 100644
--- a/php/upload.php
+++ b/php/upload.php
@@ -3,23 +3,20 @@ require_once "database.php";
require_once "configuration.php";
session_start();
-echo 1;
if (!isset( $_POST["filename"]) || !isset($_FILES["the_file"]))
{
error_log("someone tried to upload something impropperly");
http_response_code(400);
exit(1);
}
-echo 2;
$file=$_FILES["the_file"];
$filename=$_POST["filename"];
-$homedir=$_SESSION['user_object'];
+$user=$_SESSION['user_object'];
+$homedir=$user->home_directory;
-echo 3;
-$codename=$database->create_file_node($filename,"",$_SESSION['user_object']->home_directory);
-echo $codename;
+$codename=$database->create_file_node($filename,"",$homedir,$user);
if($codename=="error")
{
error_log("could not create file_node in upload.php");