Skip to content

S
sfcode
Commit 8ac1e61f authored by Paarth's avatar Paarth
Browse files
Options

minor

parent 6d28acec
Show whitespace changes
Inline Side-by-side
Showing with 33 additions and 19 deletions
backend/filedelete.php
View file @ 8ac1e61f
...@@ -35,7 +35,9 @@ if (isset($postData) && !empty($postData)) { ...@@ -35,7 +35,9 @@ if (isset($postData) && !empty($postData)) {
mysqli_query($mysqli,$sql); mysqli_query($mysqli,$sql);
$msg = "file successfully deleted"; $msg = "file successfully deleted";
echo json_encode($msg); echo json_encode($msg);
if (file_exists($exec_path)) unlink($exec_path); if (file_exists($exec_path)){
unlink($exec_path);
}
} }
else{ else{
http_response_code(404); http_response_code(404);
......
backend/filesave.php
View file @ 8ac1e61f
...@@ -14,17 +14,13 @@ include_once("database.php"); ...@@ -14,17 +14,13 @@ include_once("database.php");
$postData = file_get_contents("php://input"); $postData = file_get_contents("php://input");
if (isset($postData) && !empty($postData)) { if (isset($postData) && !empty($postData)) {
$request = json_decode($postData); $request = json_decode($postData,true);
$username = trim($request->username); $username = mysqli_real_escape_string($mysqli, trim($request['file']['username']));
$data = trim($request->text); $data = trim($request['file']['text']);
$filename = trim($request->filename); $filename = trim($request['file']['filename']);
$lang = trim($request->language); $lang = trim($request['file']['language']);
$path = '../users/' . $username . '/' . trim($request->path) . '/' . $filename . $lang; $path = '../users/' . $username . '/' . trim($request['file']['path']) . '/' . $filename . $lang;
$isAttempt = trim($request['isAttempt']);
$sql1 = "SELECT n_files from users where username = '$username'";
$sql2 = "UPDATE users SET n_files = n_files+1 WHERE username = '$username'";
$result = mysqli_query($mysqli, $sql1)->fetch_all()[0];
if (file_exists($path)) { if (file_exists($path)) {
$myfile = fopen($path, "w"); $myfile = fopen($path, "w");
fwrite($myfile, $data); fwrite($myfile, $data);
...@@ -35,8 +31,13 @@ if (isset($postData) && !empty($postData)) { ...@@ -35,8 +31,13 @@ if (isset($postData) && !empty($postData)) {
echo json_encode($msg); echo json_encode($msg);
exit; exit;
} }
if ($result[0] >= 3) { if(!$isAttempt){
$msg = "maximum limit(3) reached"; $sql1 = "SELECT n_files from users where username = '$username'";
$sql2 = "UPDATE users SET n_files = n_files+1 WHERE username = '$username'";
$result = mysqli_query($mysqli, $sql1)->fetch_all()[0];
if ($result[0] >= 10) {
$msg = "maximum limit(10) reached";
echo json_encode($msg); echo json_encode($msg);
} else { } else {
if (mysqli_query($mysqli, $sql2)) { if (mysqli_query($mysqli, $sql2)) {
...@@ -52,6 +53,17 @@ if (isset($postData) && !empty($postData)) { ...@@ -52,6 +53,17 @@ if (isset($postData) && !empty($postData)) {
http_response_code(404); http_response_code(404);
} }
} }
else{
$myfile = fopen($path, "w");
fwrite($myfile, $data);
fclose($myfile);
$msg = "file successfully uploaded";
clearstatcache();
echo json_encode($msg);
}
}
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment