Example #1
0
 public function page($id_file = 0, $action = "")
 {
     $this->login_control();
     if (!is_numeric($id_file)) {
         $error_msg[] = "Файла не существует";
         $this->session->set_flashdata('info', json_encode($error_msg));
         header("Location: /files");
         die;
     }
     if ($action == "") {
         $query = $this->db->query("SELECT filename,pass,hash,description,counter_downloads,id_user FROM md_files WHERE id={$id_file}");
         $filename_array = $query->row_array();
         if ($filename_array) {
             $filename = $filename_array['filename'];
             $full_filename = "uploads/" . $id_file . "/" . $filename;
             //папка хранения требуемого файла на диске
             if (preg_match('/win/', strtolower(PHP_OS))) {
                 $full_filename = iconv("UTF-8", "Windows-1251", $full_filename);
             }
         } else {
             $error_msg[] = "Такого файла нет";
             $this->session->set_flashdata('info', json_encode($error_msg));
             header("Location: /files");
             die;
         }
         // получим размер файла
         $filesize = filesize($full_filename);
         $this->db->select('login');
         $this->db->where('id_user', $filename_array['id_user']);
         $user = $this->db->get('users')->row_array();
         //данные для отображения вида "просмотр страницы файла"
         $file_info = array('filename' => $filename_array['filename'], 'description' => $filename_array['description'], 'counter' => $filename_array['counter_downloads'], 'pass' => $filename_array['pass'], 'filesize' => $filesize, 'id_file' => $id_file, 'user' => $user['login'], 'id' => $id_file, 'id_user' => $filename_array['id_user']);
         $this->load->view('files/page_file_view', $file_info);
     }
     if ($action == "edit") {
         if ($this->input->post()) {
             $query = $this->db->query("SELECT filename,pass,hash,description,hidden,id_user FROM md_files WHERE id={$id_file}");
             $filename_array = $query->row_array();
             if ($this->session->userdata('id_user') == $filename_array['id_user']) {
                 if (strlen($this->input->post('description')) > 1000) {
                     $error_msg[] = "Максимальная длина описания 1000 символов";
                 }
                 if ($this->input->post('pass')) {
                     $hash = _generated();
                     $pass = sha1(md5(trim($this->input->post('pass')) . $hash));
                 } else {
                     $hash = $pass = "";
                 }
                 if ($this->input->post('hidden') == "on") {
                     $hidden = true;
                 }
                 if (!isset($error_msg)) {
                     $data = array('description' => htmlspecialchars($this->input->post('description')), 'hidden' => $hidden, 'hash' => $hash, 'pass' => $pass);
                     $this->db->where('id', $id_file);
                     $this->db->update('files', $data);
                     header("Location: /files/{$id_file}");
                     die;
                 } else {
                     $this->session->set_flashdata('info', json_encode($error_msg));
                     header("Location: /files/{$id_file}/edit");
                     die;
                 }
             } else {
                 $error_msg[] = "Этот файл не принадлежит вам";
                 $this->session->set_flashdata('info', json_encode($error_msg));
                 header("Location: /files/{$id_file}");
                 die;
             }
         } else {
             $query = $this->db->query("SELECT filename,pass,hash,description,hidden,id_user FROM md_files WHERE id={$id_file}");
             $filename_array = $query->row_array();
             if (count($filename_array) != 0) {
                 if ($this->session->userdata('id_user') == $filename_array['id_user']) {
                     $this->load->view('files/file_edit_view', $filename_array);
                 } else {
                     $error_msg[] = "Этот файл не принадлежит вам";
                     $this->session->set_flashdata('info', json_encode($error_msg));
                     header("Location: /files/{$id_file}");
                     die;
                 }
             } else {
                 $error_msg[] = "Такого файла нет";
                 $this->session->set_flashdata('info', json_encode($error_msg));
                 header("Location: /files");
                 die;
             }
         }
     }
     if ($action == "delete") {
         $query = $this->db->query("SELECT id_user,filename FROM md_files WHERE id={$id_file}");
         $filename_array = $query->row_array();
         if (count($filename_array) != 0) {
             if ($this->session->userdata('id_user') == $filename_array['id_user']) {
                 if ($this->db->delete('files', array('id' => $id_file))) {
                     $filename = $filename_array['filename'];
                     if (is_file("uploads/{$id_file}/{$filename}")) {
                         unlink("uploads/{$id_file}/{$filename}");
                         rmdir("uploads/{$id_file}");
                         $info_msg[] = "Файл удален";
                         $this->session->set_flashdata('info', json_encode($info_msg));
                         header("Location: /files");
                         die;
                     } else {
                         echo "Ошибка доступа к файлу";
                     }
                 } else {
                     echo "Не смог удалить из БД";
                 }
             } else {
                 $error_msg[] = "Этот файл не принадлежит вам";
                 $this->session->set_flashdata('info', json_encode($error_msg));
                 header("Location: /files/{$id_file}");
                 die;
             }
         } else {
             $error_msg[] = "Такого файла нет";
             $this->session->set_flashdata('info', json_encode($error_msg));
             header("Location: /files");
             die;
         }
     }
 }
Example #2
0
 public function registration()
 {
     $info_msg = null;
     if ($this->input->post()) {
         if ($this->input->post('login')) {
             if (preg_match("/^[a-z0-9A-Z-_]+\$/", $this->input->post('login'))) {
                 $this->db->where('login', $this->input->post('login'));
                 $query = $this->db->get('users');
                 if ($query->num_rows() > 0) {
                     $info_msg[] = "Пользователь с таким логином уже существует";
                 }
             } else {
                 $info_msg[] = "Логин может состоять только из цифр и латинских символов и символов \"_\" и \"-\"";
             }
         } else {
             $info_msg[] = "Введите логин";
         }
         if ($this->input->post('email')) {
             if (filter_var($this->input->post('email'), FILTER_VALIDATE_EMAIL) != $this->input->post('email')) {
                 $info_msg[] = "Неверный email";
             } else {
                 $this->db->where('email', $this->input->post('email'));
                 $query = $this->db->get('users');
                 if ($query->num_rows() > 0) {
                     $info_msg[] = "Пользователь с таким email уже существует";
                 }
             }
         } else {
             $info_msg[] = "Введите email";
         }
         if ($this->input->post('name')) {
             if (strlen($this->input->post('name')) > 255) {
                 $info_msg[] = "Длина имени более 255 символов";
             }
         } else {
             $info_msg[] = "Введите имя";
         }
         if ($this->input->post('surname')) {
             if (strlen($this->input->post('surname')) > 255) {
                 $info_msg[] = "Длина фамилии более 255 символов";
             }
         } else {
             $info_msg[] = "Введите фамилию";
         }
         if ($this->input->post('pass')) {
             if ($this->input->post('pass') != $this->input->post('pass2')) {
                 $info_msg[] = "Пароль и подтверждение не совпадают";
             }
         } else {
             $info_msg[] = "Введите пароль";
         }
         if (!$this->input->post('pass2')) {
             $info_msg[] = "Введите подтверждение пароля";
         }
         if ($info_msg == null) {
             $info_msg = "ok";
         }
     }
     if (!$this->input->post() or is_array($info_msg)) {
         $data = array('login' => $this->input->post('login'), 'name' => $this->input->post('name'), 'surname' => $this->input->post('surname'), 'email' => $this->input->post('email'), 'info_msg' => $info_msg);
         $this->load->view('index_page/registration_view', $data);
     }
     if ($info_msg == "ok") {
         $hash = _generated();
         $sha1_pass = sha1(md5(trim($this->input->post('pass')) . $hash));
         $user_data = array('login' => $this->input->post('login'), 'name' => $this->input->post('name'), 'surname' => $this->input->post('surname'), 'email' => $this->input->post('email'), 'password' => $sha1_pass, 'hash' => $hash);
         if ($this->db->insert('users', $user_data)) {
             echo "ok";
         }
     }
 }