function delete_list($info)
{
global $dbh;
if (!can_modify_list($info['luser'])) {
echo "You do not have the privileges to delete this dataset";
exit(0);
}
rrmdir($info["ldir"]);
$query = sprintf("DELETE FROM lists WHERE rec_id=%u", $info["lid"]);
if ($dbh->exec($query) != 1) {
echo "internal error, could not delete list on database" . '<br />';
echo '<br />';
}
}
function delete_lists($delete_array, $user)
{
global $dbh;
// Delete the directories
$query = sprintf("SELECT lists.directory, users.user FROM lists\n INNER JOIN users ON lists.user_id = users.rec_id\n WHERE users.user=%s AND (0", $dbh->quote($user));
for ($i = 0; $i < count($delete_array); $i++) {
if ($u === "guest") {
$query .= sprintf(' OR (lists.code=%s AND lists.sid = %s)', $dbh->quote($delete_array[$i]), $dbh->quote($session['sid']));
} else {
$query .= sprintf(" OR lists.code=%s", $dbh->quote($delete_array[$i]));
}
}
$query .= ")";
$result = $dbh->query($query);
if ($result == FALSE) {
return -1;
}
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$dir = $row["directory"];
$user = $row["user"];
// check for permissions
if (!can_modify_list($user)) {
return -3;
}
rrmdir($dir);
}
// Expunge the records from the database
$query = sprintf("DELETE FROM lists\n WHERE user_id IN (\n SELECT rec_id FROM users WHERE users.user=%s\n ) AND (0", $dbh->quote($user));
for ($i = 0; $i < count($delete_array); $i++) {
$query .= sprintf(" OR lists.code=%s", $dbh->quote($delete_array[$i]));
}
$query .= ")";
if ($dbh->exec($query) === FALSE) {
return -4;
}
return 0;
}
function create_list_from_merge($info1, $info2, $user)
{
global $dbh;
global $session;
$genes = get_merge($info1, $info2);
$genome = $info1["gcode"];
if (!isset($_POST["title"]) || $_POST["title"] === "") {
$title = "No title";
} else {
$title = $_POST["title"];
}
$sessid = $session['sid'];
if (!isset($_POST["dir"]) || $_POST["dir"] === "") {
$direc = "No directory";
} else {
$direc = $_POST["dir"];
}
if (strpos($title, "&") || strpos($title, "\\") || strpos($title, "'") || strpos($title, '"') || strpos($direc, "&") || strpos($direc, "\\") || strpos($direc, "'") || strpos($direc, '"')) {
echo <<<EOF
\t<script language="javascript" type="text/javascript">
\tparent.doneUpload(-7);
</script>
EOF;
exit(0);
}
if (!can_modify_list($user)) {
echo <<<EOF
\t <script language="javascript" type="text/javascript">
\t parent.doneUpload(-6);
\t</script>
EOF;
exit(0);
}
$usrdir = "data/lists/{$user}";
if (!is_dir($usrdir)) {
mkdir($usrdir);
chmod($usrdir, 0770);
}
exec("mktemp -d {$usrdir}/XXXXXXXX", $tmparray);
$dir = $tmparray[0];
$code = end(explode("/", $dir));
chmod($dir, 0770);
foreach ($genes as $k => $i) {
$genes[$k] .= "\n";
}
file_put_contents($dir . "/" . "list.txt", $genes, LOCK_EX);
exec("fromdos {$_FILES['readme']['tmp_name']}");
move_uploaded_file($_FILES["readme"]["tmp_name"], $dir . "/" . "readme.txt");
move_uploaded_file($_FILES["original"]["tmp_name"], $dir . "/" . "original.dat");
$query = sprintf("\n INSERT INTO lists\n (code, directory, title, dir, genome, user_id, sid)\n SELECT %s, %s, %s, %s,\n genomes.rec_id,\n users.rec_id,\n %s\n FROM genomes, users\n WHERE genomes.code = %s\n AND users.user = %s", $dbh->quote($code), $dbh->quote($dir), $dbh->quote($title), $dbh->quote($direc), $dbh->quote($sessid), $dbh->quote($genome), $dbh->quote($user));
if ($dbh->exec($query) != 1) {
echo <<<EOF
\t <script language="javascript" type="text/javascript">
\t parent.doneUpload(-5);
\t </script>
EOF;
exit(0);
}
$query = sprintf("SELECT COUNT(lists.rec_id) FROM lists\n INNER JOIN users ON users.user=%s\n WHERE code=%s", $dbh->quote($user), $dbh->quote($code));
$result = $dbh->query($query);
if ($result->fetchColumn() != 1) {
echo <<<EOF
\t <script language="javascript" type="text/javascript">
\t parent.doneUpload(-5);
\t </script>
EOF;
exit(0);
}
echo <<<EOF
<script language="javascript" type="text/javascript">
parent.doneUpload(101, "{$code}", "{$user}");
</script>
EOF;
}
}
$sessid = $session['sid'];
if (!isset($_POST["dir"]) || $_POST["dir"] === "") {
$direc = "No directory";
} else {
$direc = $_POST["dir"];
}
if (strpos($title, "&") || strpos($title, "\\") || strpos($title, "'") || strpos($title, '"') || strpos($direc, "&") || strpos($direc, "\\") || strpos($direc, "'") || strpos($direc, '"')) {
echo <<<EOF
\t\t <script language="javascript" type="text/javascript">
\t\t parent.doneUpload(-7);
\t </script>
EOF;
exit(0);
}
if (!can_modify_list($user)) {
echo <<<EOF
\t\t <script language="javascript" type="text/javascript">
\t\t parent.doneUpload(-6);
\t </script>
EOF;
clus_end();
exit(0);
}
$usrdir = "data/lists/{$user}";
if (!is_dir($usrdir)) {
mkdir($usrdir);
chmod($usrdir, 0770);
}
exec("mktemp -d {$usrdir}/XXXXXXXX", $tmparray);
$dir = $tmparray[0];
