function scan($dir)
{
$accessableFiles = dbClass::getAccessableFiles($_COOKIE['userId']);
$folder = [];
foreach ($accessableFiles as $index => $code) {
if (strpos($code['file'], '/') !== false) {
$code['file'] = explode('/', $code['file'])[1];
}
$folder[] = $code['file'];
}
$files = array();
// Is there actually such a folder/file?
if (file_exists($dir)) {
$allowedFolder = $accessableFiles[0]['file'];
foreach (scandir($dir) as $f) {
if (!$f || $f[0] == '.') {
continue;
// Ignore hidden files
}
if (is_dir($dir . '/' . $f)) {
// The path is a folder
for ($i = 0; $i < count($folder); $i++) {
if ($f == $folder[$i]) {
$files[] = array("name" => $f, "type" => "folder", 'checked' => false, "path" => $dir . '/' . $f, "items" => scan($dir . '/' . $f));
}
}
} else {
// It is a file
$files[] = array("name" => $f, "type" => "file", 'checked' => false, "path" => $dir . '/' . $f, "size" => filesize($dir . '/' . $f));
}
}
}
return $files;
}
function create_tree()
{
if (count($this->files) > 2) {
/* First 2 entries are . and .. -skip them */
natcasesort($this->files);
$list = '<ul class="filetree" style="display: none;">';
if (isset(explode('=', $_SERVER['HTTP_REFERER'])[1])) {
$id = explode('=', $_SERVER['HTTP_REFERER'])[1];
$files = dbClass::getAccessableFiles($id);
$filesNeedsToBeChecked = [];
foreach ($files as $fl) {
$filesNeedsToBeChecked[] .= $fl['file'];
}
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && is_dir($this->folder . $file)) {
$fls = str_replace('/', '', explode('../../files/', $this->folder)[1]);
if (in_array($file, $filesNeedsToBeChecked)) {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" checked name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
} else {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
}
}
}
// Group all files
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && !is_dir($this->folder . $file)) {
$ext = preg_replace('/^.*\\./', '', $file);
$fls = $this->folder . $file;
$fls = explode('../../files/', $fls)[1];
if (in_array($fls, $filesNeedsToBeChecked)) {
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
} else {
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
}
}
}
} else {
// Group folders first
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && is_dir($this->folder . $file)) {
$list .= '<li class="folder collapsed checkAll"><input type="checkbox" name="file[]" value="' . $this->folder . $file . '" class="left"><a href="#" rel="' . htmlentities($this->folder . $file) . '/">' . htmlentities($file) . '</a></li>';
}
}
// Group all files
foreach ($this->files as $file) {
if (file_exists($this->folder . $file) && $file != '.' && $file != '..' && !is_dir($this->folder . $file)) {
$ext = preg_replace('/^.*\\./', '', $file);
$list .= '<li class="file ext_' . $ext . '"><a for="' . $file . '" rel="' . htmlentities($this->folder . $file) . '">' . htmlentities($file) . '</a></li>';
}
}
}
$list .= '</ul>';
return $list;
}
}
<?php
require_once '../../classes/dbClass.php';
require_once '../../helpers/security.php';
if (isset($_GET['id'])) {
$id = $_GET['id'];
$values = dbClass::getPasswordById($id);
$folders = dbClass::getAccessableFiles($values['id']);
if (dbClass::savePassword($values['name'], $values['password'])) {
$pwdId = dbClass::getLastPasswordId()['id'];
foreach ($folders as $fl) {
$filename = array_pop(explode('/', $fl['file']));
if (dbClass::query('INSERT INTO files (password_id, file) VALUES ("' . $pwdId . '", "' . $filename . '")')) {
header('Location: index.php');
} else {
header('Location: index.php');
}
}
} else {
header('Location: index.php');
}
var_dump($values);
}
