xoonips/AL/commonal.cc

/*
 * 
 * $Revision: 1.7 $
 * $Log: commonal.cc,v $
 * Revision 1.7  2004/11/26 04:51:47  youi
 * dbprefix??絎?臂?????.
 * insertAccount??絎?臂?????.
 * isValidSessionID??絎?臂?????.
 *
 * Revision 1.6  2004/11/26 04:35:55  aga
 * ??oginUser(), logoutUser()??篏???.
 *
 * Revision 1.5  2004/11/26 01:08:25  aga
 * ??ddSlashes()篏???.
 *
 * Revision 1.4  2004/11/25 12:14:29  youi
 * getUid????????絎?臂?????.
 *
 * Revision 1.3  2004/11/25 11:13:59  youi
 * getLastErrorString/setLastErrorString??絎?臂?
 *
 * Revision 1.2  2004/11/25 08:55:19  youi
 * 綣??違??????篆??.
 * freeResult??菴遵??.
 *
 * Revision 1.1  2004/11/25 05:14:58  youi
 * initial version
 *
 * 
 */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <mysql.h>
#include <string>
using namespace std;

#include "common.h"
#include "account.h"
#include "group.h"
#include "session.h"
#include "criteria.h"
#include "commonal.h"


static MYSQL* mysql = NULL; //!< MySQL????潟????/span>
static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX

/** 
 * 
 * php??ddslashes????????
 * 
 * @param addslashes???鴻????絖?????NULL??絎?筝?????
 * @return addslashes????????絖???
 */
string addSlashes( const char *str )
{
        int len = strlen(str);
        char *buf = new char[len*2+1];
        int bufLen = mysql_real_escape_string( mysql, buf, str, len );
        string s( buf, bufLen );
        return s;
}


/**
 * 
 * ???若?帥???若?鴻????????
 * 
 * @param host ???若?帥???若?鴻?????鴻????
 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
 * @param password 筝?荐????若?吟?????鴻???若??
 * @param dbname ???若?帥???若?鴻??????
 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
 * @return result_t
 * @refer result_t
 */
result_t initializeDB( const char* host, const char* user, const char* password, const char* dbname, const char* prefix )
{
    // ?≪??･膓?筝???????筝???????/span>
    if ( mysql != NULL )
        mysql_close( mysql );
    
    dbprefix = prefix;
    
    // ????????･膓?
    mysql = mysql_init(NULL);
    if ( mysql == NULL ){
        return RES_DB_INITIALIZE_ERROR;
    }
    char *unix_socket = NULL; // ?
    uint flag = 0;       // ?
    if ( NULL == mysql_real_connect( mysql, host, user, password, dbname, 3306, unix_socket, flag ) ){
        return RES_DB_CONNECT_ERROR;
    }
    
    return RES_OK;
}


/**
 * 
 * Platform???若?倶?粋??倶????緇?
 * 
 * @param 
 * @return 
 * 
 */
bool isActivated( sessionid_t sid, userid_t uid )
{
    return false;
}

/**
 * 
 * Platform???若?倶?粋??倶??紊???/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t activate( sessionid_t sid, userid_t uid, bool activate )
{
    return RES_ERROR;
}

/**
 * 
 * ?≪?????潟????/span>
 * 
 * @param 
 * @return 
 * 
 */
int getAccountCount( sessionid_t sid )
{
    return 0;
}

/**
 * 
 * ?≪?????潟??????/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t deleteAccount( sessionid_t sid, userid_t uid )
{
    return RES_ERROR;
}

/**
 * 
 * ?≪?????潟?????怨??
 * 
 * @param 
 * @return 
 * 
 */
result_t getAccount( sessionid_t sid, userid_t uid, const account_t** )
{
    return RES_ERROR;
}

/**
 * 
 * ?≪?????潟?????怨??
 * 
 * @param 
 * @return 
 * 
 */
result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, const criteria_t* cri, const account_t** accounts, int* accountsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?≪?????潟???脂??/span>
 * 
 * @param sid ?祉???激?с??/span>
 * @param 
 * @return 
 * 
 */
result_t insertAccount( sessionid_t sid, const account_t* account )
{
//    if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
    string sql;
    string tmp;
    char buf[ 12 ];
    
    //xoops?????若?吟???若???????吾??莨若??
    sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (";
    sql += "'" + string( addSlashes( account -> getUname( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getName( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getEmail( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getURL( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserAvatar( ) ) ) + "', ";
    snprintf( buf, 12, "%d", time( NULL ) );
    sql += string( buf ) + ", ";
    sql += "'" + string( addSlashes( account -> getUserIcq( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserFrom( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserSig( ) ) ) + "', ";
    snprintf( buf, 12, "%d", account -> getUserViewemail( ) );
    sql += string( buf ) + ", ";
    sql += "'" + string( addSlashes( account -> getActkey( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserAim( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserYim( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserMsnm( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getPass( ) ) ) + "', ";
    snprintf( buf, 12, "%d", account -> getPosts( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getAttachsig( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getRank( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getLevel( ) );
    sql += string( buf ) + ", ";
    sql += "'" + string( addSlashes( account -> getTheme( ) ) ) + "', ";
    snprintf( buf, 12, "%lf", account -> getTimezoneOffset( ) );
    sql += string( buf ) + ", ";
    sql += "0, "; //last login
    sql += "'" + string( addSlashes( account -> getUmode( ) ) ) + "', ";
    snprintf( buf, 12, "%d", account -> getUorder( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getNotifyMethod( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getNotifyMode( ) );
    sql += string( buf ) + ", ";
    sql += "'" + string( addSlashes( account -> getUserOcc( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getBio( ) ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getUserIntrest( ) ) ) + "', ";
    snprintf( buf, 12, "%d", account -> getUserMailok( ) );
    sql += string( buf ) + ")";
    fprintf( stderr, "%s\n", sql.c_str( ) );
    if( mysql_query( mysql, sql.c_str( ) ) ){
        return RES_DB_QUERY_ERROR;
    }
    
    //???若??D????緇?????
    userid_t uid;
    if( getUid( account -> getUname( ), &uid ) != RES_OK ){
        return RES_ERROR;
    }
    
    //vpaccount?????若?吟???若??????????????宴???吾??莨若??
    sql = "INSERT INTO " + dbprefix + "_vpaccount_users (uid, activate, address, institute, tel, organization, country, zipcode, fax, base_url, notice_mail, datetime) VALUES (";
    snprintf( buf, 12, "%d", uid );
    sql += string( buf ) + ", ";
    if( account -> getActivate() ){
        sql += "1, ";
    }else{
        sql += "0, ";
    }
    sql += "'" + string( addSlashes( account -> getAddress() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getInstitute() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getTel() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getOrganization() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getCountry() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getZipcode() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getFax() ) ) + "', ";
    sql += "'" + string( addSlashes( account -> getBaseURL() ) ) + "', ";
    snprintf( buf, 12, "%d", account -> getNoticeMail( ) );
    sql += string( buf ) + ", ";
    snprintf( buf, 12, "%d", account -> getNoticeMailSince( ) );
    sql += string( buf ) + ")";
    fprintf( stderr, "%s\n", sql.c_str( ) );
    if( mysql_query( mysql, sql.c_str( ) ) ){
        //xoops_users??nsert???????潟?若???????ゃ????
        sql = "DELETE FROM " + dbprefix + "_users where uid=";
        snprintf( buf, 12, "%d", uid );
        sql += string( buf );
        return RES_DB_QUERY_ERROR;
    }
    
    return RES_OK;
}

/**
 * 
 * ?≪?????潟??紊???/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t updateAccount( sessionid_t sid, const account_t* account )
{
    return RES_ERROR;
}

/**
 * 
 * ???若??D筝?荀?/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t dumpUids( sessionid_t sid, const criteria_t* cri, userid_t** uids, int* uidsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若????/span>
 * 
 * @param 
 * @return 
 * 
 */
int getGroupCount( sessionid_t sid )
{
    return 0;
}

/**
 * 
 * ??絮??違???若??筝?荀у??
 * 
 * @param 
 * @return 
 * 
 */
result_t getGroupsByUid( sessionid_t sid, userid_t uid, const criteria_t* cri, groupid_t** gids, int* gidsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若??膊∞??罔????????
 * 
 * @param 
 * @return 
 * 
 */
bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若??ID筝?荀?/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t dumpGids( sessionid_t sid, const criteria_t* cri, groupid_t** gids, int* gidsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若??膊∞????ID??緇?
 * 
 * @param 
 * @return 
 * 
 */
result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, const criteria_t* cri, userid_t** uids, int* uidsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若????絮????若?九????/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若????絮????若?区申??
 * 
 * @param 
 * @return 
 * 
 */
result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若????絮????若?九??
 * 
 * @param 
 * @return 
 * 
 */
result_t getMembers( sessionid_t sid, groupid_t gid, const criteria_t* cri, userid_t** uids, int* uidsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若????????/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t deleteGroup( sessionid_t sid, groupid_t gid )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若?????脂??/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t insertGroup( sessionid_t sid, const group_t* group )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若???????/span>
 * 
 * @param 
 * @return 
 * 
 */
result_t updateGroup( sessionid_t sid, const group_t* group )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若?????怨??
 * 
 * @param 
 * @return 
 * 
 */
result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
{
    return RES_ERROR;
}

/**
 * 
 * ?違???若?????怨??
 * 
 * @param 
 * @return 
 * 
 */
result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, const criteria_t* cri, const group_t** groups, int* groupsLen )
{
    return RES_ERROR;
}

/**
 * 
 * ?≪?????若?炊┤???????
 * 
 * @param 
 * @return 
 * 
 */
bool isModerator( sessionid_t sid, userid_t uid )
{
    return RES_ERROR;
}

/**
 * 
 * ???若??D??緇?
 * 
 * @param uname ID????緇??????????若?吟?弱??
 * @param uid ID??篁ｅ?ャ??????紊??違?????ゃ?潟??/span>
 * @return RES_ERROR | RES_OK 
 * @refer result_t
 * 
 */
result_t getUid( const char* uname, userid_t* uid )
{
    string sql;
    
    if( uname == NULL ) return RES_ERROR;
    
    string uname2 = addSlashes( uname );
    sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "'";
    if( mysql_query( mysql, sql.c_str( ) ) ){
        return RES_DB_QUERY_ERROR;
    }
    MYSQL_RES* result = mysql_use_result( mysql ) ;
    MYSQL_ROW row = mysql_fetch_row(result);
    if( row ){
        *uid = atoi( row[0] );
        mysql_free_result( result );
        return RES_OK;
    }else{
        mysql_free_result( result );
        return RES_NO_SUCH_USER;
    }
}

/**
 * 
 * ?祉???激?с?潟??篏?????xoops_vpaccount_session???吾??莨若???? sessionid_t??session???????
 * 
 * @param uid xoops_users??id
 * @param remoteHost remote ip (host order)
 * @param session sessionid_t???????????????????ゃ?潟?帥??
 * @return RES_OK ????
 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
 */
static result_t addSession( userid_t uid, unsigned long remoteHost, sessionid_t* session )
{
    result_t ret;
    string sql = "INSERT INTO " + dbprefix + "_vpaccount_session (uid,remote_host) values (" + 
      unsignedIntToString(uid) + "," + unsignedIntToString((unsigned int)remoteHost) + ")";
    if ( 0 == mysql_query( mysql, sql.c_str() ) ){
        *session = (int)mysql_insert_id(mysql);
        ret = RES_OK;
    }
    else {
        ret = RES_DB_QUERY_ERROR;
    }
    return ret;
}


/**
 * 
 * ???違?ゃ?活?荐若???祉???激?с?割???
 * 
 * @param uname ???違?ゃ?喝??
 * @param passwd ???鴻???若??
 * @param session sessionid_t???????????????????ゃ?潟?帥??
 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????
 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻
 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
 * 
 */
result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
{
    result_t ret;
    string sql;
    
    // uname, passwd -> uid
    string escUname = addSlashes( uname );
    string escPasswd = addSlashes( passwd );
    sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and paswd=md5('" + escPasswd + "')";
    if( 0 == mysql_query( mysql, sql.c_str( ) ) ){
        MYSQL_RES* result = mysql_store_result( mysql );
        if( result ){
            MYSQL_ROW row = mysql_fetch_row(result);
            if( row ){
                userid_t uid = atoi(row[0]);
                ret = addSession( uid, 0, session );
            }else{
                ret = RES_LOGIN_FAILUE;
            }
            mysql_free_result( result );
        }else {
            ret = RES_DB_QUERY_ERROR;
        }
    }else{
        ret = RES_DB_QUERY_ERROR;
    }
    
    return ret;
}

/**
 * 
 * ???違?≪???????祉???激?с?括?篋?
 * 
 * @param sid session id
 * @return ????
 * 
 */
void logoutUser( sessionid_t sid ){
    result_t ret;
    string sql;
    sql = "DELETE FROM " + dbprefix + "_vpaccount_session WHERE sid=" + intToString((int)sid);
    if ( 0 == mysql_query( mysql, sql.c_str() ) ){
        if ( mysql_affected_rows(mysql) == 1 ){
            // ???違?≪????????
        }
        else {
            // sid???≦??/span>
        }
    }
    else {
        // DB????????筝?????????/span>
    }
}

/**
 * 
 * ?祉???激?с?潟?????.<br>
 * XOOPS??ession???若????????蚊??????sess_id?????essionid??膈???????
 * ?逸?session_t??篏?????????
 * ???若?帥???若?鴻???祉???激?с?潟????違?????宴??荐??蚊????
 * 
 * @param sessionid xoops??ession_id
 * @param uid  xoops_users??id
 * @param remoteHost remote ip (host order)
 * @param session sessionid_t???????????????????ゃ?潟?帥??
 * @return RES_OK
 * @return RES_ERROR
 * @return RES_DB_QUERY_ERROR
 *
 */
result_t createSession( const char* sessionid, userid_t uid, unsigned long remoteHost, sessionid_t* session )
{
    result_t ret;
    string sql;
    
    string escSessionid = addSlashes(sessionid);
    sql = "SELECT sess_id from " + dbprefix + "_session where sess_id='" + escSessionid + "'";
    if( 0 == mysql_query( mysql, sql.c_str( ) ) ){
        MYSQL_RES* result = mysql_store_result( mysql );
        if( result ){
            MYSQL_ROW row = mysql_fetch_row(result);
            if( row ){
                ret = addSession( uid, remoteHost, session );
            }else{
                ret = RES_ERROR;
            }
            mysql_free_result( result );
        }else {
            ret = RES_DB_QUERY_ERROR;
        }
    }else{
        ret = RES_DB_QUERY_ERROR;
    }
    

    return RES_ERROR;
}

/**
 * 
 * ?祉???激?с?潟???膣違??session_t?у??????.<br>
 * 
 * @param sess_id
 * @param session
 * @return 
 *
 */
result_t getSession( sessionid_t sess_id, const session_t** ppsession )
{
    result_t ret;
    string sql;
    
    sql = "SELECT sid, uid, unix_timestamp(timestamp), remote_host from " + dbprefix + 
      "_vpaccount_session where sid=" + unsignedIntToString((unsigned int)sess_id);
    if( 0 == mysql_query( mysql, sql.c_str( ) ) ){
        MYSQL_RES* result = mysql_store_result( mysql );
        if( result ){
            MYSQL_ROW row = mysql_fetch_row(result);
            if( row ){
                session_t *p = new session();
                p->setSessionID(sess_id);
                p->setUserID(atoi(row[1]));
                p->setDate(atoi(row[2]));
                p->setRemoteHost(atoi(row[3]));
                *ppsession = p;
                ret = RES_OK;
            }else{
                ret = RES_NO_SUCH_SESSION;
            }
            mysql_free_result( result );
        }else {
            ret = RES_DB_QUERY_ERROR;
        }
    }else{
        ret = RES_DB_QUERY_ERROR;
    }
    
    return RES_ERROR;
}

/**
 * 
 * ?祉???激?с?潟???綵??с?????с????????.
 * 
 * @param sid ???с??????????session
 * @return true 罩ｅ?
 * @return false 筝?罩?/span>
 *
 */
bool isValidSessionID( sessionid_t sid )
{
    string sql;
    string sidstr;
    char buf[ 12 ];
    snprintf( buf, 12, "%d", sid );
    
    sql = "SELECT * FROM " + dbprefix + "_vpaccount_session WHERE session_id=" + string( buf );
    if( mysql_query( mysql, sql.c_str( ) ) ){
        return false;
    }
    MYSQL_RES* result = mysql_use_result( mysql ) ;
    MYSQL_ROW row = mysql_fetch_row(result);
    if( row ){
        return true;
    }else{
        return false;
    }
}

void freeResult( account_t* ptr ){ delete[] ptr; }

void freeResult( group_t* ptr ){ delete[] ptr; }

void freeResult( session_t* ptr ){ delete[] ptr; }

void freeResult( int* ptr ){ delete[] ptr; }

static string errstr;
const char* getLastErrorString()
{
    return errstr.c_str( );
}

void setLastErrorString( const char* str )
{
    errstr = str;
}