From 458078b50b26105b8147b4d492c9d4f2796da4eb Mon Sep 17 00:00:00 2001 From: adam Date: Sun, 14 Feb 2021 12:22:13 +0200 Subject: trash code and hacks --- php/share.php | 47 +++++++++++++++++++++++++++++++++++++---------- 1 file changed, 37 insertions(+), 10 deletions(-) (limited to 'php/share.php') diff --git a/php/share.php b/php/share.php index 10f8d25..8cc150a 100644 --- a/php/share.php +++ b/php/share.php @@ -9,8 +9,9 @@ session_start(); if($_SERVER["REQUEST_METHOD"] == "POST") { - if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) ) + if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["permissions"]) ) { + error_log("things are not set quite right"); http_response_code(409); exit(0); } @@ -22,6 +23,7 @@ if($_SERVER["REQUEST_METHOD"] == "POST") $password=$_POST["password"]; $permissions=$_POST["permissions"]; + if($permissions==1) { $can_read=true; @@ -72,24 +74,49 @@ if($_SERVER["REQUEST_METHOD"] == "POST") http_response_code(409); exit(0); } - $permissions=$database->get_permissions($shared_node->node_id,$user->user_id); - if($permissions["can_view"]==true) + if(isset($_SESSION["user_object"])) { - $node=$database->get_node($shared_node->node_id); - if($node->is_directory) + $user=$_SESSION["user_object"]; + $permissions=$database->get_permissions($shared_node->node_id,$user->user_id); + if($permissions["can_view"]==true) { - /*spooky stuff here*/ - http_response_code(409); - exit(1); + $node=$database->get_node($shared_node->node_id); + if($node->is_directory) + { + /*spooky stuff here*/ + http_response_code(409); + exit(1); + }else + { + header("Content-type: $node->type"); + readfile("$storage_root/$node->code"); + } + } + }else + { + if($shared_node->is_public==true) + { + $node=$database->get_node($shared_node->node_id); + if($node->is_directory) + { + /*spooky stuff here*/ + http_response_code(409); + exit(1); + }else + { + header("Content-type: $node->type"); + readfile("$storage_root/$node->code"); + } }else { - header("Content-type: $node->type"); - readfile("$storage_root/$node->code"); + http_response_code(409); + exit(1); } } + }else { http_response_code(409); -- cgit v1.2.3