From 3f01ddce9dff69a49493541882de85854cbcebe5 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Sun, 8 Apr 2012 23:13:15 +0200
Subject: start working on users

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/models/file_mod.php | 38 +++++++++++---------------------------
 1 file changed, 11 insertions(+), 27 deletions(-)

(limited to 'application/models/file_mod.php')

diff --git a/application/models/file_mod.php b/application/models/file_mod.php
index 51557396a..08f43853c 100644
--- a/application/models/file_mod.php
+++ b/application/models/file_mod.php
@@ -20,7 +20,7 @@ class File_mod extends CI_Model {
 	{
 		$id = $this->random_id(3,6);
 
-		if ($this->id_exists($id) || $id == 'file') {
+		if ($this->id_exists($id) || $id == 'file' || $id == 'user') {
 			return $this->new_id();
 		} else {
 			return $id;
@@ -74,32 +74,19 @@ class File_mod extends CI_Model {
 		return $this->folder($hash).'/'.$hash;
 	}
 
-	function hash_password($password)
-	{
-		return sha1($this->config->item('passwordsalt').$password);
-	}
-
-	// Returns the password submitted by the user
-	function get_password()
-	{
-		$password = $this->input->post('password');
-		if ($password !== false && $password !== "") {
-			return $this->hash_password($password);
-		} elseif (isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] !== '') {
-			return $this->hash_password($_SERVER['PHP_AUTH_PW']);
-		}
-		return 'NULL';
-	}
-
 	// Add a hash to the DB
 	// TODO: Should only update not insert; see new_id()
 	function add_file($hash, $id, $filename)
 	{
+		$this->muser->require_access();
+
+		$userid = $this->muser->get_userid();
+
 		$mimetype = exec("perl ".FCPATH.'scripts/mimetype '.escapeshellarg($filename).' '.escapeshellarg($this->file($hash)));
 		$query = $this->db->query('
-			INSERT INTO `files` (`hash`, `id`, `filename`, `password`, `date`, `mimetype`)
+			INSERT INTO `files` (`hash`, `id`, `filename`, `user`, `date`, `mimetype`)
 			VALUES (?, ?, ?, ?, ?, ?)',
-			array($hash, $id, $filename, $this->get_password(), time(), $mimetype));
+			array($hash, $id, $filename, $userid, time(), $mimetype));
 	}
 
 	function show_url($id, $mode)
@@ -338,12 +325,9 @@ class File_mod extends CI_Model {
 
 	function delete_id($id)
 	{
+		$this->muser->require_access();
 		$filedata = $this->get_filedata($id);
-		$password = $this->get_password();
-
-		if ($password == "NULL") {
-			return false;
-		}
+		$userid = $this->muser->get_userid();
 
 		if(!$this->id_exists($id)) {
 			return false;
@@ -353,9 +337,9 @@ class File_mod extends CI_Model {
 			DELETE
 			FROM `files`
 			WHERE `id` = ?
-			AND password = ?
+			AND user = ?
 			LIMIT 1';
-		$this->db->query($sql, array($id, $password));
+		$this->db->query($sql, array($id, $userid));
 
 		if($this->id_exists($id))  {
 			return false;
-- 
cgit v1.2.3-24-g4f1b