From 458078b50b26105b8147b4d492c9d4f2796da4eb Mon Sep 17 00:00:00 2001 From: adam Date: Sun, 14 Feb 2021 12:22:13 +0200 Subject: trash code and hacks --- php/database.php | 8 ++++++-- php/node.php | 1 + php/share.php | 47 +++++++++++++++++++++++++++++++++++++---------- 3 files changed, 44 insertions(+), 12 deletions(-) diff --git a/php/database.php b/php/database.php index 57aac3d..c951576 100644 --- a/php/database.php +++ b/php/database.php @@ -472,11 +472,14 @@ require_once "node.php"; $prep->bindParam(':code',$code); if($users=="") { - $prep->bindParam(':is_public',true); + $is_public=1; }else { - $prep->bindParam(':is_public',false); + $is_public=0; + error_log("shared with $users is set to public=$is_public"); } + $prep->bindParam(':is_public',$is_public); + if($prep->execute()==false) { error_log("could not create shared node in create_shared_node"); @@ -620,6 +623,7 @@ require_once "node.php"; $nod->node_id=$ret["node_id"]; $nod->password=$ret["passcode"]; $nod->code=$ret["code"]; + $nod->is_public=$ret["is_public"]; return $nod; } diff --git a/php/node.php b/php/node.php index dfe1297..d434f1c 100644 --- a/php/node.php +++ b/php/node.php @@ -15,6 +15,7 @@ require_once "user.php"; public $node_id; public $code; public $password; + public $is_public; } /*path is in terms of the simulated filesystem*/ /*returns NULL on error*/ diff --git a/php/share.php b/php/share.php index 10f8d25..8cc150a 100644 --- a/php/share.php +++ b/php/share.php @@ -9,8 +9,9 @@ session_start(); if($_SERVER["REQUEST_METHOD"] == "POST") { - if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) ) + if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["permissions"]) ) { + error_log("things are not set quite right"); http_response_code(409); exit(0); } @@ -22,6 +23,7 @@ if($_SERVER["REQUEST_METHOD"] == "POST") $password=$_POST["password"]; $permissions=$_POST["permissions"]; + if($permissions==1) { $can_read=true; @@ -72,24 +74,49 @@ if($_SERVER["REQUEST_METHOD"] == "POST") http_response_code(409); exit(0); } - $permissions=$database->get_permissions($shared_node->node_id,$user->user_id); - if($permissions["can_view"]==true) + if(isset($_SESSION["user_object"])) { - $node=$database->get_node($shared_node->node_id); - if($node->is_directory) + $user=$_SESSION["user_object"]; + $permissions=$database->get_permissions($shared_node->node_id,$user->user_id); + if($permissions["can_view"]==true) { - /*spooky stuff here*/ - http_response_code(409); - exit(1); + $node=$database->get_node($shared_node->node_id); + if($node->is_directory) + { + /*spooky stuff here*/ + http_response_code(409); + exit(1); + }else + { + header("Content-type: $node->type"); + readfile("$storage_root/$node->code"); + } + } + }else + { + if($shared_node->is_public==true) + { + $node=$database->get_node($shared_node->node_id); + if($node->is_directory) + { + /*spooky stuff here*/ + http_response_code(409); + exit(1); + }else + { + header("Content-type: $node->type"); + readfile("$storage_root/$node->code"); + } }else { - header("Content-type: $node->type"); - readfile("$storage_root/$node->code"); + http_response_code(409); + exit(1); } } + }else { http_response_code(409); -- cgit v1.2.3