Commit 0d11160e authored by jlopez's avatar jlopez
Browse files

Fix download container

parent c78db823
......@@ -5,8 +5,22 @@ define("PAGE","actionContainer");
session_start ();
$action = NULL;
if(isset($_POST['action'])) {
$action = $_POST['action'];
} else {
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = "";
}
}
if(!isset($_SESSION['username'])) {
header("Location: ../login.php");
if($action != "download") {
header("Location: ../login.php");
}
}
require_once '../dao/DBquery.php';
......@@ -15,7 +29,6 @@ $db = new DBquery();
$today = date("Y-m-d G:i:s");
$action = NULL;
$id = NULL;
$name = NULL;
......@@ -26,16 +39,6 @@ $description = NULL;
$author = 0;
$labels = array();
if(isset($_POST['action'])) {
$action = $_POST['action'];
} else {
if(isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = "";
}
}
if(isset($_POST['containerid'])) {
$id = $_POST['containerid'];
} else {
......@@ -84,10 +87,14 @@ if($action == "create") {
$contlab = new ContainerLabel(0, $last_id, $lid);
$db->create($contlab);
}
header("Location: ../container.php");
} else if ($action == "update") {
$container->escape($db);
$db->update($container);
header("Location: ../container.php");
} else if ($action == "delete") {
$cnt = $db->getContainerWithId($container->ID);
......@@ -95,12 +102,21 @@ if($action == "create") {
if($cnt->author == $author) {
$db->delete($container);
}
header("Location: ../container.php");
} else if($action == "download") {
$cnt = $db->getContainerWithId($container->ID);
if(($cnt->author == $author) || ($container->visibility == 0)) {
$down = FALSE;
if(($cnt->author == $author) || ($cnt->visibility == 1)) {
$down = TRUE;
} else if($author == "admin") {
$down = TRUE;
}
if($down) {
$content = $cnt->value;
$name = $cnt->name;
......@@ -112,7 +128,9 @@ if($action == "create") {
header("Content-disposition: attachment; filename=$name");
print $content;
} else {
header("Location: ../container.php");
}
}
//header("Location: ../container.php");
......@@ -94,8 +94,6 @@ $containers = $db->getContainers();
foreach ($containers as $container) {
$container->escape2($db);
$visibility = "private";
......@@ -109,7 +107,9 @@ $containers = $db->getContainers();
if(!$container->visibility) {
if($container->author != $_SESSION['username']) {
continue;
if($_SESSION['username'] != "admin") {
continue;
}
}
}
......@@ -144,9 +144,7 @@ $containers = $db->getContainers();
$index = 0;
} else {
$index++;
}
}
}
echo '</td>';
......@@ -155,15 +153,13 @@ $containers = $db->getContainers();
echo '<td>' . $container->description . '</td>';
echo '<td>';
//echo '<div class="btn-group" mr-3><a class="btn btn-success btn-sm" href="#" >show</a></div>';
echo '<div class="btn-group" mr-3><a class="btn btn-primary btn-sm" href="./action/action_container.php?action=download&containerid='.$container->ID.'">dowload</a></div>';
if($container->author == $_SESSION['username'] || $_SESSION['manage'] ) {
echo '<div class="btn-group mr-3"><a class="btn btn-danger btn-sm" href="./action/action_container.php?action=delete&containerid='.$container->ID.'" >delete</a></div>';
}
echo '</td>';
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment