function delete_list($info) { global $dbh; if (!can_modify_list($info['luser'])) { echo "You do not have the privileges to delete this dataset"; exit(0); } rrmdir($info["ldir"]); $query = sprintf("DELETE FROM lists WHERE rec_id=%u", $info["lid"]); if ($dbh->exec($query) != 1) { echo "internal error, could not delete list on database" . '<br />'; echo '<br />'; } }
function delete_lists($delete_array, $user) { global $dbh; // Delete the directories $query = sprintf("SELECT lists.directory, users.user FROM lists\n INNER JOIN users ON lists.user_id = users.rec_id\n WHERE users.user=%s AND (0", $dbh->quote($user)); for ($i = 0; $i < count($delete_array); $i++) { if ($u === "guest") { $query .= sprintf(' OR (lists.code=%s AND lists.sid = %s)', $dbh->quote($delete_array[$i]), $dbh->quote($session['sid'])); } else { $query .= sprintf(" OR lists.code=%s", $dbh->quote($delete_array[$i])); } } $query .= ")"; $result = $dbh->query($query); if ($result == FALSE) { return -1; } while ($row = $result->fetch(PDO::FETCH_ASSOC)) { $dir = $row["directory"]; $user = $row["user"]; // check for permissions if (!can_modify_list($user)) { return -3; } rrmdir($dir); } // Expunge the records from the database $query = sprintf("DELETE FROM lists\n WHERE user_id IN (\n SELECT rec_id FROM users WHERE users.user=%s\n ) AND (0", $dbh->quote($user)); for ($i = 0; $i < count($delete_array); $i++) { $query .= sprintf(" OR lists.code=%s", $dbh->quote($delete_array[$i])); } $query .= ")"; if ($dbh->exec($query) === FALSE) { return -4; } return 0; }
function create_list_from_merge($info1, $info2, $user) { global $dbh; global $session; $genes = get_merge($info1, $info2); $genome = $info1["gcode"]; if (!isset($_POST["title"]) || $_POST["title"] === "") { $title = "No title"; } else { $title = $_POST["title"]; } $sessid = $session['sid']; if (!isset($_POST["dir"]) || $_POST["dir"] === "") { $direc = "No directory"; } else { $direc = $_POST["dir"]; } if (strpos($title, "&") || strpos($title, "\\") || strpos($title, "'") || strpos($title, '"') || strpos($direc, "&") || strpos($direc, "\\") || strpos($direc, "'") || strpos($direc, '"')) { echo <<<EOF \t<script language="javascript" type="text/javascript"> \tparent.doneUpload(-7); </script> EOF; exit(0); } if (!can_modify_list($user)) { echo <<<EOF \t <script language="javascript" type="text/javascript"> \t parent.doneUpload(-6); \t</script> EOF; exit(0); } $usrdir = "data/lists/{$user}"; if (!is_dir($usrdir)) { mkdir($usrdir); chmod($usrdir, 0770); } exec("mktemp -d {$usrdir}/XXXXXXXX", $tmparray); $dir = $tmparray[0]; $code = end(explode("/", $dir)); chmod($dir, 0770); foreach ($genes as $k => $i) { $genes[$k] .= "\n"; } file_put_contents($dir . "/" . "list.txt", $genes, LOCK_EX); exec("fromdos {$_FILES['readme']['tmp_name']}"); move_uploaded_file($_FILES["readme"]["tmp_name"], $dir . "/" . "readme.txt"); move_uploaded_file($_FILES["original"]["tmp_name"], $dir . "/" . "original.dat"); $query = sprintf("\n INSERT INTO lists\n (code, directory, title, dir, genome, user_id, sid)\n SELECT %s, %s, %s, %s,\n genomes.rec_id,\n users.rec_id,\n %s\n FROM genomes, users\n WHERE genomes.code = %s\n AND users.user = %s", $dbh->quote($code), $dbh->quote($dir), $dbh->quote($title), $dbh->quote($direc), $dbh->quote($sessid), $dbh->quote($genome), $dbh->quote($user)); if ($dbh->exec($query) != 1) { echo <<<EOF \t <script language="javascript" type="text/javascript"> \t parent.doneUpload(-5); \t </script> EOF; exit(0); } $query = sprintf("SELECT COUNT(lists.rec_id) FROM lists\n INNER JOIN users ON users.user=%s\n WHERE code=%s", $dbh->quote($user), $dbh->quote($code)); $result = $dbh->query($query); if ($result->fetchColumn() != 1) { echo <<<EOF \t <script language="javascript" type="text/javascript"> \t parent.doneUpload(-5); \t </script> EOF; exit(0); } echo <<<EOF <script language="javascript" type="text/javascript"> parent.doneUpload(101, "{$code}", "{$user}"); </script> EOF; }
} $sessid = $session['sid']; if (!isset($_POST["dir"]) || $_POST["dir"] === "") { $direc = "No directory"; } else { $direc = $_POST["dir"]; } if (strpos($title, "&") || strpos($title, "\\") || strpos($title, "'") || strpos($title, '"') || strpos($direc, "&") || strpos($direc, "\\") || strpos($direc, "'") || strpos($direc, '"')) { echo <<<EOF \t\t <script language="javascript" type="text/javascript"> \t\t parent.doneUpload(-7); \t </script> EOF; exit(0); } if (!can_modify_list($user)) { echo <<<EOF \t\t <script language="javascript" type="text/javascript"> \t\t parent.doneUpload(-6); \t </script> EOF; clus_end(); exit(0); } $usrdir = "data/lists/{$user}"; if (!is_dir($usrdir)) { mkdir($usrdir); chmod($usrdir, 0770); } exec("mktemp -d {$usrdir}/XXXXXXXX", $tmparray); $dir = $tmparray[0];