Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.45 - (show annotations) (download) (as text)
Wed Jan 19 10:07:53 2005 UTC (19 years, 2 months ago) by aga
Branch: MAIN
Changes since 1.44: +126 -19 lines
File MIME type: text/x-c++src 
・ゲストユーザ向けの修正.
1 /*
2 *
3 * $Revision: 1.44 $
4 * $Log: commonal.cc,v $
5 * Revision 1.44 2005/01/19 06:01:59 youi
6 * ?∽?域申??
7 * getConfigValue
8 * setConfigValue
9 * getChangeLogs
10 * insertChangeLog
11 * getItemIDByBinderID
12 * registerBinderItem
13 * unregisterBinderItem
14 * getIndexPermission
15 * freeString
16 * freeChangeLog
17 * 綣??違??riteria_t??菴遵??
18 * getItemIDByIndexID
19 * 綣??違????綺??紊???/span>
20 * getCertifyState
21 * setCertifyState
22 * getCertifyPermission
23 * sessionID2UID,querySimple,queryGetUnsignedInt??????/span>
24 * insertItem????????rivateIndex?悟?脂?蚊??茵?????
25 * getItems: getItemPermission??篏帥?c??茯??粋昭?炊┤?????с????
26 *
27 * Revision 1.43 2005/01/19 01:42:15 aga
28 * ??_xnpaccount_index??id,uid??0??????????????篆??.
29 *
30 * Revision 1.42 2005/01/19 00:51:29 aga
31 * ??nsertIndex??_xnpaccount_index.index_id??????????????篆??.
32 *
33 * Revision 1.41 2005/01/19 00:06:51 aga
34 * ??pdateIndex?с??????????????綣???????????????腥冴?с?????????????若??????.
35 * ??reateSession?с??uid??Platform???若?吟?с??????activate?????????????????????若??????.
36 *
37 * Revision 1.40 2005/01/17 00:15:05 aga
38 * ??eleteIndex, updateIndex??け????????????????????篆??.
39 *
40 * Revision 1.39 2005/01/15 05:38:10 youi
41 * insertAccount: ??絖??????????<???泣?ゃ?肴??眼????
42 * updateAccount: ??絖??????????<???泣?ゃ?肴??眼????
43 * ?≪?ゃ????膊∞???∽?違??絎?臂?????.
44 * insertItem, getItem, getItems, dumpItemID, updateItem, deleteItem????
45 * freeGID, freeUID: 綣??違??????篆??.
46 *
47 * Revision 1.38 2005/01/15 00:39:16 aga
48 * ??_xnpaccount_item_basic???????紊???
49 *
50 * Revision 1.37 2005/01/14 10:36:59 aga
51 * ??ndex?≫?????????菴遵??.
52 * ??nsertAccount??rivate index??篏???????????篆??.
53 * ??nsertGroup??roup index ??篏???????????篆??.
54 *
55 * Revision 1.36 2005/01/13 04:19:22 aga
56 * ??P??XNP?????.
57 *
58 * Revision 1.35 2005/01/06 07:20:17 youi
59 * WIN32絎?臂??????ゃ?潟?????若????申??.
60 * MySQL API???≪?????????????<?ゃ????????
61 * deleteAccount: ??絮?????Platform?違???若???????????ゃ?????泣????.
62 * insertAccount: ???若?句?脂?蚊??????????????????Platform?違???若???悟?脂?蚊????.
63 * deleteMember: ??????????Platform?違???若???????????ゃ??胼?罩≪????.
64 * deleteMemberNoLimit???臂?
65 *
66 * Revision 1.34 2004/12/28 04:38:14 aga
67 * ??ogoutUser()??信罩?
68 *
69 * Revision 1.33 2004/12/27 05:56:23 youi
70 * odbcDiagString: STMT篁ュ?????潟??????????????????????眼????.
71 * syslog?<???祉?若?吾????????菴遵??????.
72 *
73 * Revision 1.32 2004/12/25 09:46:47 youi
74 * MySQL+MyODBC?у??篏???????????信罩c????.
75 *
76 * Revision 1.31 2004/12/21 11:42:59 youi
77 * ?潟?<?潟??????逸??祉???ゃ???????????菴遵??.
78 *
79 * Revision 1.30 2004/12/18 10:24:54 youi
80 * IMPORT_MYSQLDLL??絎?臂?????????鐚?MYSQL??LL?????????潟?????????????帥?ゃ??絎h???
81 * ???鴻????????????信罩c????.
82 *
83 * Revision 1.29 2004/12/18 01:12:29 youi
84 * freeResult???∽?医????free<???若?水??>????眼????.
85 *
86 * Revision 1.28 2004/12/14 12:02:08 youi
87 * __WIN__??絎?臂???????????indows??ll篏??????荀?????????茵?????.
88 * USE_SYSLOG??絎?臂???????????yslogd?吾?<???祉?若?吾???阪??????.
89 * getAccounts: uidsLen??0??????????????菴遵??????.
90 *
91 * Revision 1.27 2004/12/06 11:34:47 aga
92 * ??ninitializeDB()??菴遵??.
93 *
94 * Revision 1.26 2004/12/06 10:17:36 youi
95 * mysql_use_result????腟?????罧??????????冴??????鐚?
96 * while( row = mysql_fetch_row(result) );???水?ワ?
97 *
98 * Revision 1.25 2004/12/06 07:24:33 youi
99 * insertAccount, insertGroup:
100 * ?域?菴遵?????????宴???綽????????若??D鐚??違???若??ID??膃??綣??違???吾??莨若??.
101 *
102 * Revision 1.24 2004/12/06 01:45:50 aga
103 * ?祉?潟?<?潟???ゃ??.
104 * ?脂???上???篆??.
105 *
106 * Revision 1.23 2004/12/04 09:21:10 aga
107 * ??np_config ?? xnpaccount_config.
108 *
109 * Revision 1.22 2004/12/03 07:17:21 youi
110 * isModerator?с?≪???祉?鴻???????若?帥???若?鴻???若????????篆??.
111 *
112 * Revision 1.21 2004/12/01 10:28:58 youi
113 * DB????????????眼??軸??篆??
114 * institute -> division
115 * organizaion -> company_name
116 *
117 * Revision 1.20 2004/12/01 04:37:04 youi
118 * freeResult: unsigned int* ?? int* ?娯信罩?
119 * ?潟?<?潟???????∽?違???????菴処?.
120 *
121 * Revision 1.19 2004/11/30 06:40:11 youi
122 * ?∽?違??菴遵??(gidExists, uidExists)
123 * getGroupCount??絎?臂?
124 * getGroupsByUid??絎?臂?
125 * isGroupAdmin??篆??.
126 * dumpGroupAdmins??絎?臂?
127 * deleteMember??絎?臂?
128 * insertMember??絎?臂?
129 * getMembers??絎?臂?
130 * isModerator??絎?臂?
131 *
132 * Revision 1.18 2004/11/30 05:46:32 aga
133 * ??ession????remoteHost??????
134 *
135 * Revision 1.17 2004/11/27 09:35:49 youi
136 * isActivated??絎?臂?
137 * activate??絎?臂?
138 * dumpUid??絎?臂?
139 *
140 * Revision 1.16 2004/11/27 06:29:29 youi
141 * getAccountCount??絎?臂?
142 * dumpGids??絎?臂?
143 * insertGroup, deleteGroup, updateGroup??絎?臂?
144 * getGroup, getGroups??絎?臂?
145 * ???若?帥???若?劫?????????弱?冴?????鐚?RES_DB_NOT_INITIALIZED??菴????????????∽?違??申??
146 * (???綽????∽?違??罧??c??????)
147 *
148 * Revision 1.15 2004/11/27 02:22:22 aga
149 * ??nitializeDB????ddSlashes()???若?吟???純?<??????篆??.
150 *
151 * Revision 1.14 2004/11/27 01:07:31 youi
152 * criteria2str: LIMIT??RDER BY?????????ャ???帥????.
153 *
154 * Revision 1.13 2004/11/27 00:35:39 youi
155 * getAccounts??絎?臂?
156 * getAccount??篆??鐚???????etAccounts???若?喝?冴??.
157 * criteria2str??絎?臂?
158 *
159 * Revision 1.12 2004/11/26 09:45:28 youi
160 * getAccount??絎?臂?
161 *
162 * Revision 1.11 2004/11/26 08:16:26 aga
163 * ??etSession, loginUser, createSession, freeResult(const session_t*) 篆??.
164 *
165 * Revision 1.10 2004/11/26 07:57:42 youi
166 * updateAccount, deleteAccount??絎?臂?
167 * mysql_query紊掩??????tderr?吾?????若?潟?若?????????若?<???祉?若?吾???阪??.
168 *
169 * Revision 1.9 2004/11/26 07:38:02 aga
170 * ??AILUE -> FAILURE.
171 *
172 * Revision 1.8 2004/11/26 06:36:55 aga
173 * ??reateSession, getSession ??篏???.
174 *
175 * Revision 1.7 2004/11/26 04:51:47 youi
176 * dbprefix??絎?臂?????.
177 * insertAccount??絎?臂?????.
178 * isValidSessionID??絎?臂?????.
179 *
180 * Revision 1.6 2004/11/26 04:35:55 aga
181 * ??oginUser(), logoutUser()??篏???.
182 *
183 * Revision 1.5 2004/11/26 01:08:25 aga
184 * ??ddSlashes()篏???.
185 *
186 * Revision 1.4 2004/11/25 12:14:29 youi
187 * getUid????????絎?臂?????.
188 *
189 * Revision 1.3 2004/11/25 11:13:59 youi
190 * getLastErrorString/setLastErrorString??絎?臂?
191 *
192 * Revision 1.2 2004/11/25 08:55:19 youi
193 * 綣??違??????篆??.
194 * freeResult??菴遵??.
195 *
196 * Revision 1.1 2004/11/25 05:14:58 youi
197 * initial version
198 *
199 *
200 */
201 #ifdef WIN32
202 #include <windows.h>
203 #endif
204
205 #ifdef USE_SYSLOG
206 #include <syslog.h>
207 #endif
208
209 #include <stdio.h>
210 #include <stdlib.h>
211 #include <string.h>
212 #include <string>
213 #include <assert.h>
214 #include <sql.h>
215 #include <sqlext.h>
216 using namespace std;
217
218 #include "common.h"
219 #include "account.h"
220 #include "group.h"
221 #include "session.h"
222 #include "item.h"
223 #include "itemtype.h"
224 #include "criteria.h"
225 #include "commonal.h"
226 #include "item.h"
227 #include "index.h"
228 #include "changelog.h"
229
230 static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX
231
232 static SQLHANDLE henv = NULL;
233 static SQLHANDLE hdbc = NULL;
234 static SQLHANDLE hstmt = NULL;
235
236 static result_t insertIndexInternal( sessionid_t sid, index_t *index, indexid_t *xid );
237
238 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
239 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
240
241 static result_t countResultRows( const char* sql, SQLINTEGER* count )
242 {
243 result_t ret = RES_ERROR;
244 SQLRETURN sqlcode;
245 SQLHANDLE hstmt = NULL;
246 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
247 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
248 *count = 0;
249 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
250 ret = RES_OK;
251 }else{
252 string s( "SQLExecDirect in countResultRows " );
253 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
254 s += "sql=";
255 s += string( sql );
256 setLastErrorString( s.c_str( ) );
257 ret = RES_DB_QUERY_ERROR;
258 }
259 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
260 }
261 return ret;
262 }
263
264
265 /**
266 *
267 * ?ゃ?潟???????合?脂?駕??≪?ゃ?????贋?違??茵????c?????????粋??倶?????????ゃ??鐚?
268 * ?激?鴻????荐???????????c??????障??鐚?/span>
269 *
270 */
271 static certify_t getInitialCertifyStateFromConfig( )
272 {
273 char* certify_item_val;
274 certify_t ret = index::NOT_CERTIFIED;
275
276 if( getConfigValue( XNP_CONFIG_CERTIFY_ITEM_KEY, &certify_item_val ) == RES_OK ){
277 if( strcmp( certify_item_val, XNP_CONFIG_CERTIFY_ITEM_AUTO ) == 0 ){
278 //certify automatic
279 ret = index::CERTIFIED;
280 }else if( strcmp( certify_item_val, XNP_CONFIG_CERTIFY_ITEM_ON ) == 0 ){
281 //certify by moderator or group admin
282 ret = index::CERTIFY_REQUIRED;
283 }
284 freeString( certify_item_val );
285 }
286 return ret;
287 }
288
289 /**
290 *
291 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚?Platform???若?吟??????ctivate??
292 * ????????????菴???
293 *
294 * @param sid ?祉???激?с??D
295 * @return true Activate??????????
296 * @return false Activate??????????鐚??障??????????/span>
297 *
298 */
299 static bool isActivatedBySession( sessionid_t sid )
300 {
301 const session_t* session;
302 if( getSession( sid, &session ) == RES_OK ){
303 userid_t sess_uid = session -> getUID( );
304 freeSession( session );
305 return isActivated( sid, sess_uid );
306 }
307 return false;
308 }
309
310 /**
311 *
312 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚??≪?????若?帥?с??????鐚?
313 *
314 *
315 * @param sid ?祉???激?с??D
316 * @return true ?≪?????若??/span>
317 * @return false ?≪?????若?帥?с????鐚??障??????????/span>
318 *
319 */
320 static bool isModeratorBySession( sessionid_t sid )
321 {
322 const session_t* session;
323 if( getSession( sid, &session ) == RES_OK ){
324 userid_t sess_uid = session -> getUID( );
325 freeSession( session );
326 return isModerator( sid, sess_uid );
327 }
328 return false;
329 }
330
331
332
333
334 /** SQL??絎?茵???????腟?????????????
335 * @param sql sql
336 * @return result_t
337 */
338 static result_t querySimple( const char *functionName, string &sql ){
339 result_t ret = RES_ERROR;
340 SQLRETURN sqlcode;
341 SQLHANDLE hstmt = NULL;
342 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
343 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
344 ret = RES_OK;
345 }else{
346 string s( "SQLExecDirect in querySimple " );
347 s += functionName;
348 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
349 s += "sql=";
350 s += sql;
351 setLastErrorString( s.c_str( ) );
352 ret = RES_DB_QUERY_ERROR;
353 }
354 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
355 }
356 else {
357 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in querySimple " );
358 ret = RES_ERROR;
359 }
360 return ret;
361 }
362
363 /** SQL??絎?茵?????1茵????????????贋?医??NULL????0???帥????)???水?????????
364 * @param sql sql
365 * @param u ?贋?医?ゃ??????????紊??違??
366 * @return result_t
367 */
368 static result_t queryGetUnsignedInt( const char *functionName, string &sql, unsigned int *u ){
369 result_t ret = RES_ERROR;
370 SQLRETURN sqlcode;
371 SQLHANDLE hstmt = NULL;
372 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
373 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
374 SQLUINTEGER sInt = 0;
375 SQLINTEGER len = 0;
376 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sInt, 0, &len );
377 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
378 if ( len == SQL_NULL_DATA )
379 sInt = 0;
380 *u = sInt;
381 ret = RES_OK;
382 }else{
383 string s( "SQLFetch in queryGetUnsignedInt " );
384 s += functionName;
385 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
386 setLastErrorString( s.c_str( ) );
387 ret = RES_ERROR;
388 }
389 }else{
390 string s( "SQLExecDirect in queryGetUnsignedInt " );
391 s += functionName;
392 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
393 s += "sql=";
394 s += sql;
395 setLastErrorString( s.c_str( ) );
396 ret = RES_DB_QUERY_ERROR;
397 }
398 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
399 }
400 else {
401 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in queryGetUnsignedInt " );
402 ret = RES_ERROR;
403 }
404 return ret;
405 }
406
407 /**
408 *
409 * ??絖????潟???種?
410 * ??絎???絖??違???潟???若??鐚????????<????緇???NULL腟?腴?????鐚?/span>
411 * ( dst???泣?ゃ? >= len + 1 )?с????????/span>
412 *
413 */
414 static char* strncpy2( char* dst, const char* src, int len )
415 {
416 strncpy( dst, src, len );
417 dst[ len ] = '\0';
418 //fprintf( stderr, "\nstrncpy2 '%s'\n", dst );
419 return dst;
420 }
421
422 /**
423 *
424 * SQL???茵?腟????????????惹??絖?????????????
425 *
426 * @param hstmt SQL??????潟????/span>
427 * @param sqlcode SQLExecDirect,SQLExecute???祉????/span>
428 * @return ?????惹??絖???
429 */
430 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
431 {
432 string s;
433 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
434 SQLCHAR SQLState[6];
435 SQLINTEGER NativeError;
436 SQLCHAR MessageText[ 1024 ];
437 SQLSMALLINT BufferLength;
438 SQLSMALLINT TextLength;
439 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
440
441 s += string( (char*)MessageText );
442 s += " SQLSTATE=";
443 s += string( (char*)SQLState );
444
445 }
446 s += " sqlcode=";
447 s += intToString( sqlcode );
448 return s;
449 }
450
451 /**
452 *
453 * ??絎??????????ゃ???????冴??????????絖?????菴???
454 *
455 */
456 string getResultCol( SQLHANDLE hstmt, int col )
457 {
458 string s;
459 SQLRETURN sqlcode;
460 SQLCHAR BinaryPtr[5000];
461 SQLUINTEGER PartID;
462 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
463 SQLRETURN rc;
464
465 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
466 &BinaryLenOrInd)) != SQL_NO_DATA) {
467 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
468 if( NumBytes >= 0 ){
469 s += string( (char*)BinaryPtr, NumBytes );
470 }
471 }
472 #ifdef USE_SYSLOG
473 // openlog( "commonal", LOG_ODELAY, LOG_USER );
474 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
475 // closelog( );
476 #endif
477 return s;
478 }
479
480
481 /**
482 *
483 * ?????若????????\荐??激?с???鴻?宴?若??????
484 *
485 * @param str addslashes???鴻????絖?????NULL??絎?筝?????
486 * @return 紊???緇?????絖???
487 */
488 string addSlashes( const char *str )
489 {
490 if ( hdbc == NULL ){
491 string s;
492 return s;
493 }else{
494 string s( str );
495 return s;
496 }
497
498 int len = strlen(str) * 3;
499 char* dst = new char[ len ];
500 const char* from = str;
501 char* to = dst;
502 while( *from != '\0' ){
503 switch( *from ){
504 case '\'':
505 case '\"':
506 case ';':
507 *to = '\\'; to++;
508 break;
509 }
510 *to = *from; to++;
511 from++;
512 }
513 *to = '\0';
514 string s( dst );
515 delete[] dst;
516 return s;
517 }
518
519 /** Xoops Module ??┃絎???茯帥?鴻??
520 * @param module ?≪?吾?ャ?若????irname
521 * @param key 荐????ey
522 * @param value 荐????菴???紊??違??
523 * @return
524 */
525 static result_t getXoopsModuleConfigValue( const char *module, const char *key, char **value ){
526 SQLRETURN sqlcode;
527 SQLHANDLE hstmt = NULL;
528 result_t result = RES_ERROR;
529
530 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
531 string sql = "SELECT conf_value "
532 " from " + dbprefix + "_config as tc, " + dbprefix + "_modules as tm "
533 " where tm.mid=tc.conf_modid and tm.dirname = ? and tc.conf_name = ? ";
534 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
535 SQLINTEGER cbModule = SQL_NTS, cbKey = SQL_NTS;
536 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_VARCHAR, strlen(module), 0, (SQLCHAR *)module, 0, &cbModule );
537 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_VARCHAR, strlen(key), 0, (SQLCHAR *)key, 0, &cbKey );
538 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
539 if ( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
540 string s = getResultCol( hstmt, 1 );
541 *value = new char[s.length()+1];
542 strcpy( *value, s.c_str() );
543 result = RES_OK;
544 }
545 else if ( sqlcode == SQL_NO_DATA ){
546 value = 0;
547 result = RES_OK;
548 }
549 else {
550 string s( "SQLFetch in getXoopsModuleConfig " );
551 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
552 s += "sql=";
553 s += sql;
554 setLastErrorString( s.c_str( ) );
555 result = RES_ERROR;
556 }
557 }else{
558 string s( "SQLExecDirect in getXoopsModuleConfig " );
559 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
560 s += "sql=";
561 s += sql;
562 setLastErrorString( s.c_str( ) );
563 result = RES_DB_QUERY_ERROR;
564 }
565 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
566 }
567 else {
568 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getXoopsModuleConfig " );
569 result = RES_ERROR;
570 }
571 return result;
572 }
573
574 /** ?蚊?鴻?????若?吟??XooNiPs??ublic???≪?ゃ??????荀??????????с??????????????菴?????
575 */
576 static bool isGuestEnabled(){
577 char *value = 0;
578 result_t result = getXoopsModuleConfigValue( "xnpaccount", "public_item_target_user", &value );
579 if ( result != RES_OK )
580 return false;
581 if ( value == 0 )
582 return false;
583 bool enabled = ( strcmp( value, "all" ) == 0 );
584 freeString( value );
585 return enabled;
586 }
587
588 /** sid????uid??緇?????
589 * @param sid session id
590 * @param uid uid??????????紊???/span>
591 * @return RES_OK
592 * sid?????鴻??essionid?с???????????翫??*uid???????鴻??id???ャ????
593 * ???????????????≪?ゃ????????XooNiPs???若?吟?????? ????id??session::SID_GUEST(=0)?с???????????翫????*uid????ccount::UID_GUEST(=0)???ャ????
594 * @return ????? ??????/span>
595 */
596 static result_t sessionID2UID( sessionid_t sid, userid_t *uid ){
597 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
598
599 SQLRETURN sqlcode;
600 SQLHANDLE hstmt = NULL;
601
602 if ( sid == session::SID_GUEST ){
603 if ( isGuestEnabled() ){
604 *uid = account::UID_GUEST;
605 return RES_OK;
606 }
607 return RES_NO_SUCH_SESSION;
608 }
609 else {
610 string sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString(sid);
611 return queryGetUnsignedInt( "sessionID2UID", sql, uid );
612 }
613 }
614
615
616
617 /**
618 *
619 * gid??????????с????
620 * DB???≪???祉?劫け????????false??????鐚?/span>
621 *
622 * @param gid ???с??????????GID
623 * @return true 絖???????
624 * @return false 絖?????????
625 *
626 */
627 static bool gidExists( groupid_t gid )
628 {
629 string sql;
630 SQLRETURN sqlcode;
631 SQLHANDLE hstmt = NULL;
632
633 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
634 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
635 return false;
636 }
637
638 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
639 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
640 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
641 setLastErrorString( "SQLExecDirect in gidExists" );
642 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
643 return false;
644 }
645
646 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
647 setLastErrorString( "SQLFetch in gidExists" );
648 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
649 return false;
650 }
651
652 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
653 return true;
654 }
655
656
657 /**
658 *
659 * Platform???若?倶???宴??id??絖??????????????с????
660 * DB???≪???祉?劫け????????false??????鐚?/span>
661 *
662 * @param uid ???с??????????UID
663 * @return true 絖???????
664 * @return false 絖?????????
665 *
666 */
667 static bool uidExists( userid_t uid )
668 {
669 bool ret = false;
670 string sql;
671 SQLRETURN sqlcode;
672 SQLINTEGER count = 0;
673
674 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
675 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
676 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
677 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
678 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
679 ret = true;
680 }else{
681 string s( "SQLFetch in uidExists ");
682 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
683 s += string( ", sql=" ) + string( sql );
684 setLastErrorString( s.c_str( ) );
685 ret = false;
686 }
687 }else{
688 string s( "SQLExecDirect in uidExists ");
689 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
690 s += string( ", sql=" ) + string( sql );
691 setLastErrorString( s.c_str( ) );
692 ret = false;
693 }
694 }else{
695 string s( "SQLAllocHandle in uidExists ");
696 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
697 setLastErrorString( s.c_str( ) );
698 ret = false;
699 }
700 return ret;
701 }
702
703
704 /**
705 *
706 * criteria ?? SQL?????????
707 *
708 *
709 *
710 */
711 string criteria2str( criteria* cri )
712 {
713 string sql;
714
715 const orderby* odrby = cri -> headOrderBy( );
716 if( odrby != 0 ){
717 sql += " ORDER BY " + string( odrby -> getColumn( ) );
718 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
719 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
720 sql += ", " + string( odrby -> getColumn( ) );
721 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
722 }
723 }
724
725 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
726 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
727 + ", " + string( intToString( cri -> getLimitRows( ) ) );
728 }
729 return sql;
730 }
731
732
733 /**
734 *
735 * ???若?帥???若?鴻????????
736 *
737 * @param dsn DSN
738 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
739 * @param password 筝?荐????若?吟?????鴻???若??
740 * @param dbname ??????/span>
741 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
742 * @return RES_OK
743 * @return RES_DB_INITIALIZE_ERROR
744 * @return RES_DB_CONNECT_ERROR
745 * @refer result_t
746 */
747 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
748 {
749 SQLRETURN sqlcode;
750
751 #ifdef USE_SYSLOG
752 openlog( "commonal", LOG_ODELAY, LOG_USER );
753 #endif
754 // ?≪??・膓?筝???????筝???????/span>
755 if ( hdbc != NULL )
756 SQLDisconnect( hdbc );
757
758 dbprefix = prefix;
759
760 // ????????・膓?
761 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
762 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
763 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
764 #ifdef USE_SYSLOG
765 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
766 closelog( );
767 #endif
768 return RES_DB_INITIALIZE_ERROR;
769 }
770 //ODBC Ver.3 ????????????????????с??荐??
771 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
772
773 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
774 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
775 #ifdef USE_SYSLOG
776 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
777 closelog( );
778 #endif
779 return RES_DB_INITIALIZE_ERROR;
780 }
781 //???違?ゃ?潟??腱?篁ヤ?荀????????帥?ゃ???≪????????荐??
782 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
783
784 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
785 string s( "SQLConnect in initializeDB " );
786 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
787 setLastErrorString( s.c_str( ) );
788 #ifdef USE_SYSLOG
789 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
790 closelog( );
791 #endif
792 return RES_DB_CONNECT_ERROR;
793 }
794 #ifdef USE_SYSLOG
795 syslog( LOG_DEBUG, "initializeDB succeed" );
796 closelog( );
797 #endif
798 return RES_OK;
799 }
800
801 /**
802 *
803 * DB?ョ????????違???????????障??????
804 *
805 * @param ????
806 * @return RES_OK
807 */
808 result_t uninitializeDB()
809 {
810 if ( hdbc != NULL ){
811 SQLDisconnect( hdbc );
812 hdbc = NULL;
813 }
814 return RES_OK;
815 }
816
817 /**
818 *
819 * Platform???若?倶?粋??倶????緇?
820 *
821 * @param sid ?祉???激?с??D
822 * @param uid ?倶??????緇??????????若?吟??ID
823 * @return true ?粋?羝???/span>
824 * @return false ???粋?
825 *
826 */
827 bool isActivated( sessionid_t sid, userid_t uid )
828 {
829 if( hdbc == NULL ) return false;
830 if( !isValidSessionID( sid ) ) return false;
831
832 bool ret = false;
833 string sql;
834 SQLRETURN sqlcode;
835 SQLHANDLE hstmt = NULL;
836
837 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
838 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
839 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
840 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
841 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
842 ret = true;
843 }else{
844 string s( "SQLFetch in isActivated " );
845 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
846 s += ", sql=" + sql;
847 setLastErrorString( s.c_str() );
848 ret = false;
849 }
850 }else{
851 string s( "SQLExecDirect in isActivated " );
852 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
853 s += ", sql=" + sql;
854 setLastErrorString( s.c_str() );
855 ret = false;
856 }
857 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
858 }else{
859 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
860 ret = false;
861 }
862 return ret;
863 }
864
865 /**
866 *
867 * Platform???若?倶?粋??倶??紊???/span>
868 *
869 * @param sid ?祉???激?с??D
870 * @param uid 紊??眼?????????若?吟??ID
871 * @param activate ?粋?(true) / ???粋?(false)????絎?
872 * @return RES_OK
873 * @return RES_DB_QUERY_ERROR
874 * @return RES_NO_SUCH_USER
875 */
876 result_t activate( sessionid_t sid, userid_t uid, bool activate )
877 {
878 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
879 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
880
881 string sql;
882 SQLRETURN sqlcode;
883 result_t ret = RES_ERROR;
884
885 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
886 sql += "SET activate=" + string( activate ? "1" : "0" );
887 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
888 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
889 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
890 SQLINTEGER count = 0;
891 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
892 ret = RES_OK;
893 }else{
894 string s( "SQLRowCount in activate ");
895 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
896 s += string( ", sql=" ) + string( sql );
897 setLastErrorString( s.c_str( ) );
898 ret = RES_NO_SUCH_USER;
899 }
900 }else{
901 string s( "SQLExecDirect in activate " );
902 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
903 s += ", sql=";
904 s += string( sql );
905 setLastErrorString( s.c_str( ) );
906 ret = RES_DB_QUERY_ERROR;
907 }
908 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
909 }else{
910 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
911 ret = RES_ERROR;
912 }
913 return ret;
914 }
915
916 /**
917 *
918 * ?≪?????潟???違????緇?????鐚?/span>
919 *
920 * @param sid ?祉???激?с??D
921 * @return ?≪?????潟????/span>
922 *
923 */
924 int getAccountCount( sessionid_t sid )
925 {
926 if( hdbc == NULL ) return 0;
927 if( !isValidSessionID( sid ) ) return 0;
928
929 int ret = 0;
930 string sql;
931 SQLRETURN sqlcode;
932 SQLHANDLE hstmt = NULL;
933
934 //?≪?????潟???違??羆?????
935 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
936 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
937 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
938 SQLUINTEGER count = 0;
939 SQLINTEGER len = 0;
940 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
941 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
942 ret = count;
943 }else {
944 string s( "SQLFetch in getAccountCount sql=" );
945 s += string( sql );
946 setLastErrorString( s.c_str( ) );
947 ret = 0;
948 }
949 }else{
950 setLastErrorString( "SQLExecDirect in getAccountCount" );
951 ret = 0;
952 }
953 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
954 }else{
955 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
956 ret = 0;
957 }
958 return ret;
959 }
960
961 /**
962 *
963 * ?≪?????潟??????/span>
964 * ?違???若???????????ゃ?????若?倶???宴?????ゃ??茵??????障??鐚?/span>
965 *
966 * @param
967 * @return RES_OK
968 * @return RES_ERROR
969 * @return RES_DB_NOT_INITIALIZED
970 * @return RES_NO_SUCH_SESSION
971 * @return RES_DB_QUERY_ERROR
972 *
973 */
974 result_t deleteAccount( sessionid_t sid, userid_t uid )
975 {
976 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
977 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
978
979 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
980 criteria_t c;
981 string sql;
982 groupid_t* gids;
983 int gidsLen;
984 SQLRETURN sqlcode;
985 SQLHANDLE hstmt = NULL;
986
987 /*
988 1. delete user from default platform group
989 2. delete user profile from xoops_users
990 3. delete platform user from xnpaccount_users
991 */
992
993 //1. delete user from platform groups
994 c.clearAll();
995 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
996 for( int i = 0; i < gidsLen; i++ )
997 deleteMemberNoLimit( sid, gids[ i ], uid );
998 freeGID( gids );
999 }
1000
1001 //2. delete user profile from xoops_users
1002 sql = "DELETE FROM " + dbprefix + "_users ";
1003 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
1004 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1005 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1006 SQLINTEGER count = 0;
1007 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1008 ret1 = RES_OK;
1009 }else{
1010 string s( "SQLRowCount in deleteAccount" );
1011 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1012 s += string( ", sql=" ) + string( sql );
1013 setLastErrorString( s.c_str( ) );
1014 ret1 = RES_NO_SUCH_USER;
1015 }
1016 }else{
1017 string s( "SQLExecDirect in deleteAccount" );
1018 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1019 s += ", sql=";
1020 s += string( sql );
1021 setLastErrorString( s.c_str( ) );
1022 ret1 = RES_DB_QUERY_ERROR;
1023 }
1024 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1025 }else{
1026 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
1027 ret1 = RES_ERROR;
1028 }
1029
1030 //3. delete platform user from xnpaccount_users
1031 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
1032 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
1033 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1034 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1035 SQLINTEGER count = 0;
1036 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1037 ret2 = RES_OK;
1038 }else{
1039 string s( "SQLRowCount in deleteAccount" );
1040 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1041 s += string( ", sql=" ) + string( sql );
1042 setLastErrorString( s.c_str( ) );
1043 ret2 = RES_NO_SUCH_USER;
1044 }
1045 }else{
1046 string s( "SQLExecDirect in deleteAccount" );
1047 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1048 s += ", sql=";
1049 s += string( sql );
1050 setLastErrorString( s.c_str( ) );
1051 ret2 = RES_DB_QUERY_ERROR;
1052 }
1053 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1054 }else{
1055 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
1056 ret2 = RES_ERROR;
1057 }
1058
1059 //筝??鴻?с???????若?????????若??菴???
1060 return ret1 != RES_OK ? ret1 : ret2;
1061 }
1062
1063 /**
1064 *
1065 * ?≪?????潟?????怨??
1066 *
1067 * @param sid ?祉???激?с??D
1068 * @param uid ??緇??????????若?吟??ID
1069 * @param acc ??緇??????≪?????潟??????account_t)?????ゃ?潟?帥???吾??莨若??綣???/span>
1070 * @return RES_OK
1071 * @return RES_DB_NOT_INITIALIZED
1072 * @return RES_NO_SUCH_USER
1073 * @return RES_NO_SUCH_SESSION
1074 * @return RES_DB_QUERY_ERROR
1075 *
1076 */
1077 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
1078 {
1079 int len;
1080 static criteria c;
1081 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
1082 if( len == 0 ) return RES_NO_SUCH_USER;
1083 return res;
1084 }
1085
1086 /**
1087 *
1088 * ?≪?????潟?????怨??
1089 *
1090 * @param sid ?祉???激?с??D
1091 * @param uids ??緇??????????若?吟??ID??????
1092 * @param uidsLen uids???????膣???/span>
1093 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1094 * @param accounts 罎?膣∝??????????????ゃ?潟?帥???吾??莨若??綣???/span>
1095 * @param accountsLen 罎?膣∝???????????*accounts???膣???
1096 * @return RES_OK
1097 * @return RES_DB_NOT_INITIALIZED
1098 * @return RES_NO_SUCH_SESSION
1099 * @return RES_DB_QUERY_ERROR
1100 *
1101 */
1102 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
1103 {
1104 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1105 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1106 if( uidsLen <= 0 ){
1107 *accounts = new account_t[ 0 ];
1108 *accountsLen = 0;
1109 #ifdef USE_SYSLOG
1110 openlog( "commonal", LOG_ODELAY, LOG_USER );
1111 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
1112 closelog( );
1113 #endif
1114 return RES_OK;
1115 }
1116
1117 #ifdef USE_SYSLOG
1118 openlog( "commonal", LOG_ODELAY, LOG_USER );
1119 syslog( LOG_DEBUG, "begin of getAccounts" );
1120 #endif
1121 result_t ret = RES_ERROR;
1122 SQLRETURN sqlcode;
1123 SQLHANDLE hstmt = NULL;
1124 string sql;
1125 account_t* dst = new account_t[ uidsLen ];
1126
1127 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since, u2.private_index_id ";
1128 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
1129 sql += "WHERE u1.uid = u2.uid ";
1130 if( uidsLen > 0 ){
1131 #ifdef USE_SYSLOG
1132 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
1133 #endif
1134 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
1135 for( int i = 1; i < uidsLen; i++ ){
1136 #ifdef USE_SYSLOG
1137 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
1138 #endif
1139 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
1140 }
1141 sql += " ) ";
1142 }
1143 sql += criteria2str( cri );
1144 #ifdef USE_SYSLOG
1145 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
1146 #endif
1147
1148 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1149 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1150 SQLINTEGER len = 0;
1151 userid_t uid = 0;
1152 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1153 *accountsLen=0;
1154 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
1155 dst[ i ].setUID( uid );
1156 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
1157 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
1158 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
1159 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
1160 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
1161 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
1162 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
1163 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
1164 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
1165 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
1166 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
1167 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
1168 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
1169 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
1170 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
1171 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
1172 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
1173 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
1174 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
1175 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
1176 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
1177 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
1178 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
1179 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
1180 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
1181 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
1182 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
1183 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
1184 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
1185 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
1186 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
1187 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
1188 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
1189 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
1190 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
1191 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
1192 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
1193 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
1194 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
1195 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
1196 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
1197 dst[ i ].setPrivateIndexID( atoi( getResultCol( hstmt, 43 ).c_str() ));
1198 #ifdef USE_SYSLOG
1199 syslog( LOG_DEBUG, "set to account_t %d", i );
1200 #endif
1201 ( *accountsLen )++;
1202 }
1203 *accounts = dst;
1204 #ifdef USE_SYSLOG
1205 syslog( LOG_DEBUG, "getAccounts succeed" );
1206 #endif
1207 ret = RES_OK;
1208 }else{
1209 string s( "SQLExecDirect in getAccounts" );
1210 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1211 s += string( ", sql=" ) + string( sql );
1212 setLastErrorString( s.c_str( ) );
1213 #ifdef USE_SYSLOG
1214 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1215 #endif
1216 ret = RES_DB_QUERY_ERROR;
1217 }
1218 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1219 }else{
1220 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
1221 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1222 setLastErrorString( s.c_str( ) );
1223 #ifdef USE_SYSLOG
1224 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1225 #endif
1226 ret = RES_DB_QUERY_ERROR;
1227 }
1228 #ifdef USE_SYSLOG
1229 closelog( );
1230 #endif
1231 return ret;
1232 }
1233
1234 /**
1235 *
1236 * ?≪?????潟???脂??
1237 *
1238 * ???若?倶???宴?????若?帥???若?鴻???脂?蚊???障??鐚?/span>
1239 * ?脂?蚊???????若?倶???宴???綽????????若??D??uid???主????障??鐚?/span>
1240 *
1241 * @param sid ?祉???激?с??/span>
1242 * @param account ?脂?蚊?????≪?????潟??????/span>
1243 * @param uid ?脂?蚊?????≪?????潟?????宴???綽????????若??D
1244 * @return RES_OK
1245 * @return RES_NO_SUCH_SESSION
1246 * @return RES_DB_QUERY_ERROR
1247 * @return RES_DB_NOT_INITIALIZED
1248 *
1249 */
1250 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
1251 {
1252 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1253 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1254
1255 string sql;
1256 string tmp;
1257 char buf[ 12 ];
1258 SQLRETURN sqlcode;
1259 result_t ret = RES_ERROR;
1260
1261 /*
1262 1. insert user profile into xoops_users
1263 2. insert platform user profile into xnpaccount_users
1264 3. add user to default platform group
1265 4. create private index
1266 5. update account set private_index_id=...
1267 */
1268
1269 //1.xoops?????若?吟???若???????吾??莨若??
1270 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1271 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1272 SQLDOUBLE timezone_offset;
1273
1274 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1275 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1276
1277 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1278 string sql;
1279 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, MD5(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
1280 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1281 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1282 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1283 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1284 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1285 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1286 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1287 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1288 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1289 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1290 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1291 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1292 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1293 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1294 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1295 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1296 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1297 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1298 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1299 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1300 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1301 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1302 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1303 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1304 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1305 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1306 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1307 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1308 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1309 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1310 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1311 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1312
1313 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1314 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1315 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1316 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1317 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1318 user_regdate = time( NULL );
1319 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1320 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1321 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1322 user_viewemail = account -> getUserViewemail( );
1323 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1324 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1325 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1326 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1327 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1328 posts = account -> getPosts( );
1329 attachsig = account -> getAttachsig( );
1330 rank = account -> getRank( );
1331 level = account -> getLevel( );
1332 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1333 timezone_offset = account -> getTimezoneOffset( );
1334 last_login = 0;
1335 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1336 uorder = account -> getUorder( );
1337 notify_method = account -> getNotifyMethod( );
1338 notify_mode = account -> getNotifyMode( );
1339 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1340 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1341 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1342 user_mailok = account -> getUserMailok( );
1343
1344 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1345 SQLINTEGER count = 0;
1346 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1347 //???若??D????緇?????
1348 sql = "SELECT LAST_INSERT_ID()";
1349 ret = queryGetUnsignedInt( "insertAccount", sql, (unsigned int*)uid );
1350 }else{
1351 string s( "SQLRowCount in insertAccount sql=" );
1352 s += string( sql );
1353 setLastErrorString( s.c_str( ) );
1354 ret = RES_DB_QUERY_ERROR;
1355 }
1356 }else{
1357 string s( "SQLExecute in insertAccount " );
1358 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1359 setLastErrorString( s.c_str( ) );
1360 ret = RES_DB_QUERY_ERROR;
1361 }
1362 }else{
1363 string s( "SQLPrepare in insertAccount " );
1364 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1365 setLastErrorString( s.c_str( ) );
1366 ret = RES_ERROR;
1367 }
1368 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1369 }else{
1370 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1371 ret = RES_ERROR;
1372 }
1373
1374 if( ret == RES_OK ){
1375 //2.xnpaccount?????若?吟???若??????????????宴???吾??莨若??
1376 SQLUINTEGER activate;
1377 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1378 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1379 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1380 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1381 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1382 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1383 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1384 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1385 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1386 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1387 SQLUINTEGER notice_mail;
1388 SQLUINTEGER notice_mail_since;
1389 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1390 string sql;
1391 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1392 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1393 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1394 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1395 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1396 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1397 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1398 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1399 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1400 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1401 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1402 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1403 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1404 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1405 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1406
1407 activate = account -> getActivate() ? 1 : 0;
1408 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1409 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1410 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1411 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1412 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1413 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1414 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1415 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1416 notice_mail = account -> getNoticeMail( );
1417 notice_mail_since = account -> getNoticeMailSince( );
1418
1419 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1420 SQLINTEGER count = 0;
1421 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1422 ret = RES_OK;
1423 if( ret == RES_OK ){
1424 //3.add new user to default group(not a group admin)
1425 ret = insertMember( sid, group_t::GID_DEFAULT, *uid, false );
1426 }else{
1427 //xoops_users??nsert???????潟?若???????ゃ????
1428 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1429 sql += unsignedIntToString( *uid );
1430 SQLHANDLE hstmt2 = NULL;
1431 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1432 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1433 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1434 }
1435 setLastErrorString( "insertMember in insertAccount" );
1436 ret = RES_DB_QUERY_ERROR;
1437 }
1438 }else{
1439 string s( "SQLRowCount in insertAccount sql=" );
1440 s += string( sql );
1441 setLastErrorString( s.c_str( ) );
1442 ret = RES_DB_QUERY_ERROR;
1443 }
1444 }else{
1445 string s( "SQLExecute in insertAccount " );
1446 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1447 setLastErrorString( s.c_str( ) );
1448 ret = RES_DB_QUERY_ERROR;
1449 }
1450 }else{
1451 //xoops_users??nsert???????潟?若???????ゃ????
1452 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1453 sql += unsignedIntToString( *uid );
1454 SQLHANDLE hstmt2 = NULL;
1455 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1456 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1457 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1458 }
1459 string s( "SQLExecDirect in insertAccount sql=" );
1460 s += string( sql );
1461 setLastErrorString( s.c_str( ) );
1462 ret = RES_DB_QUERY_ERROR;
1463 }
1464 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1465 }else{
1466 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1467 ret = RES_ERROR;
1468 }
1469 }
1470
1471 if ( ret == RES_OK ){
1472 //4.private index??篏???
1473
1474 // private index????ort_number????
1475 string sql = "select min(sort_number) from " +
1476 dbprefix + "_xnpaccount_index where parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
1477 " and open_level=" + unsignedIntToString(index::OL_PRIVATE);
1478 unsigned int sortNumber;
1479 ret = queryGetUnsignedInt( "insertAccount", sql, &sortNumber );
1480 sortNumber--;
1481 if ( ret == RES_OK ){
1482 // private index篏???
1483 index_t index;
1484 index.setItemTypeID(item::ITID_INDEX);
1485 index.setContributorUID(*uid);
1486 index.setParentIndexID(item::IID_ROOT);
1487 index.setOwnerUID(*uid);
1488 index.setOpenLevel(index::OL_PRIVATE);
1489 index.setSortNumber(sortNumber);
1490 index.setTitle(account->getUname());
1491 indexid_t privateXID;
1492 ret = insertIndexInternal( sid, &index, &privateXID );
1493 if ( ret == RES_OK ){
1494 // xnpaccuont_users??rivate_index_id???吾??????
1495 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET private_index_id="
1496 + unsignedIntToString(privateXID) + " WHERE uid=" + unsignedIntToString(*uid);
1497 ret = querySimple( "insertAccount", sql );
1498 }
1499 }
1500 }
1501
1502 return ret;
1503 }
1504
1505 /**
1506 *
1507 * ?≪?????潟?????宴??紊??眼????.
1508 *
1509 *
1510 * @param sid ?祉???激?с??D
1511 * @param account 紊??眼???????≪?????潟??????/span>
1512 * @return RES_OK
1513 * @return RES_DB_NOT_INITIALIZED
1514 * @return RES_NO_SUCH_SESSION
1515 * @return RES_DB_QUERY_ERROR
1516 * @return RES_NO_SUCH_USER
1517 * @return RES_ERROR
1518 *
1519 */
1520 result_t updateAccount( sessionid_t sid, const account_t* account )
1521 {
1522 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1523 if( account == NULL ) return RES_ERROR;
1524 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1525 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1526
1527 SQLRETURN sqlcode;
1528 result_t ret = RES_ERROR;
1529 SQLHANDLE hstmt = NULL;
1530
1531 //xoops?????若?吟???若???????吾??莨若??
1532 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1533 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1534 SQLDOUBLE timezone_offset;
1535
1536 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1537 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1538
1539 SQLUINTEGER activate;
1540 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1541 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1542 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1543 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1544 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1545 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1546 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1547 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1548 SQLINTEGER cbActivate = 0, cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1549 SQLUINTEGER notice_mail, notice_mail_since;
1550 SQLINTEGER cbNotice_mail = 0, cbNotice_mail_since = 0;
1551
1552 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1553 string sql;
1554
1555 sql = "UPDATE " + dbprefix + "_users SET ";
1556 sql += "uname=?";
1557 sql += ", name=?";
1558 sql += ", email=?";
1559 sql += ", url=?";
1560 sql += ", user_avatar=?";
1561 sql += ", user_regdate=?";
1562 sql += ", user_icq=?";
1563 sql += ", user_from=?";
1564 sql += ", user_sig=?";
1565 sql += ", user_viewemail=?";
1566 sql += ", actkey=?";
1567 sql += ", user_aim=?";
1568 sql += ", user_yim=?";
1569 sql += ", user_msnm=?";
1570 sql += ", pass=?";
1571 sql += ", posts=?";
1572 sql += ", attachsig=?";
1573 sql += ", rank=?";
1574 sql += ", level=?";
1575 sql += ", theme=?";
1576 sql += ", timezone_offset=?";
1577 sql += ", last_login=?";
1578 sql += ", umode=?";
1579 sql += ", uorder=?";
1580 sql += ", notify_method=?";
1581 sql += ", notify_mode=?";
1582 sql += ", user_occ=?";
1583 sql += ", bio=?";
1584 sql += ", user_intrest=?";
1585 sql += ", user_mailok=? ";
1586 sql += " WHERE uid = ?";
1587
1588 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1589 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1590 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1591 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1592 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1593 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1594 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1595 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1596 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1597 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1598 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1599 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1600 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1601 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1602 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1603 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1604 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1605 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1606 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1607 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1608 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1609 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1610 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1611 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1612 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1613 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1614 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1615 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1616 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1617 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1618 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1619 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1620 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1621
1622 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1623 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1624 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1625 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1626 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1627 user_regdate = time( NULL );
1628 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1629 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1630 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1631 user_viewemail = account -> getUserViewemail( );
1632 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1633 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1634 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1635 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1636 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1637 posts = account -> getPosts( );
1638 attachsig = account -> getAttachsig( );
1639 rank = account -> getRank( );
1640 level = account -> getLevel( );
1641 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1642 timezone_offset = account -> getTimezoneOffset( );
1643 last_login = 0;
1644 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1645 uorder = account -> getUorder( );
1646 notify_method = account -> getNotifyMethod( );
1647 notify_mode = account -> getNotifyMode( );
1648 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1649 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1650 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1651 user_mailok = account -> getUserMailok( );
1652 uid = account -> getUID( );
1653
1654 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1655 SQLINTEGER count = 0;
1656 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1657 ret = RES_OK;
1658 }else{
1659 string s( "SQLRowCount in updateAccount sql=" );
1660 s += string( sql );
1661 setLastErrorString( s.c_str( ) );
1662 ret = RES_DB_QUERY_ERROR;
1663 }
1664 }else{
1665 string s( "SQLExecute in updateAccount 1 " );
1666 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1667 setLastErrorString( s.c_str( ) );
1668 ret = RES_DB_QUERY_ERROR;
1669 }
1670 }else{
1671 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1672 ret = RES_ERROR;
1673 }
1674 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1675 hstmt = NULL;
1676 }else{
1677 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1678 ret = RES_ERROR;
1679 }
1680
1681 if( ret != RES_OK ){
1682 return ret;
1683 }
1684
1685 //xnpaccount?????若?吟???若??????????????宴??筝??吾??????
1686 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1687 string sql;
1688
1689 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1690 sql += "activate=?, ";
1691 sql += "address=?, ";
1692 sql += "division=?, ";
1693 sql += "tel=?, ";
1694 sql += "company_name=?, ";
1695 sql += "country=?, ";
1696 sql += "zipcode=?, ";
1697 sql += "fax=?, ";
1698 sql += "base_url=?, ";
1699 sql += "notice_mail=?, ";
1700 sql += "notice_mail_since=? ";
1701 sql += "WHERE uid=?";
1702
1703 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1704 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1705 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1706 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1707 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1708 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1709 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1710 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1711 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1712 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1713 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1714 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1715 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1716 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1717
1718 activate = account -> getActivate() ? 1 : 0;
1719 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1720 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1721 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1722 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1723 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1724 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1725 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1726 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1727 notice_mail = account -> getNoticeMail( );
1728 notice_mail_since = account -> getNoticeMailSince( );
1729 uid = account -> getUID( );
1730
1731 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1732 SQLINTEGER count = 0;
1733 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1734 ret = RES_OK;
1735 }else{
1736 string s( "SQLRowCount in updateAccount sql=" );
1737 s += string( sql );
1738 setLastErrorString( s.c_str( ) );
1739 ret = RES_DB_QUERY_ERROR;
1740 }
1741 }else{
1742 string s( "SQLExecute in updateAccount 2 " );
1743 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1744 setLastErrorString( s.c_str( ) );
1745 ret = RES_DB_QUERY_ERROR;
1746 }
1747 }else{
1748 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1749 ret = RES_ERROR;
1750 }
1751 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1752 }else{
1753 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1754 ret = RES_ERROR;
1755 }
1756 return ret;
1757 }
1758
1759 /**
1760 *
1761 * criteria_t?ф??絎???????膀??蚊?????若??D??菴???.
1762 * ???若??D????????腆坂????????????吾??莨若?随????????≪?????鴻??*uids???吾??莨若??.
1763 * ???????泣?ゃ?冴??*uidsLen???吾??莨若??
1764 *
1765 * @param sid ?祉???激?с??D
1766 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1767 * @param uids ???若?吟??ID?????????阪????
1768 * @param uidsLen uids???????膣??違???阪????
1769 * @return RES_OK
1770 * @return RES_DB_NOT_INITIALIZED
1771 * @return RES_NO_SUCH_SESSION
1772 * @return RES_DB_QUERY_ERROR
1773 *
1774 */
1775 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1776 {
1777 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1778 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1779
1780 #ifdef USE_SYSLOG
1781 openlog( "commonal", LOG_ODELAY, LOG_USER );
1782 #endif
1783
1784 result_t ret = RES_ERROR;
1785 userid_t* dst = 0;
1786 string sql;
1787 SQLRETURN sqlcode;
1788 SQLINTEGER count = 0;
1789
1790
1791 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1792 sql += criteria2str( cri );
1793 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1794 *uidsLen = count;
1795 dst = new userid_t[ *uidsLen ];
1796 *uids = dst;
1797 }else{
1798 return RES_ERROR;
1799 }
1800 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1801 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1802 userid_t uid = 0;
1803 SQLINTEGER len = 0;
1804 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1805
1806 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1807 dst[ i ] = uid;
1808 }
1809
1810 #ifdef USE_SYSLOG
1811 syslog( LOG_DEBUG, "dumpUids succeed" );
1812 #endif
1813 ret = RES_OK;
1814 }else{
1815 string s( "SQLExecDirect in dumpUids " );
1816 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1817 s += "sql=";
1818 s += string( sql );
1819 setLastErrorString( s.c_str( ) );
1820 #ifdef USE_SYSLOG
1821 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1822 #endif
1823 ret = RES_DB_QUERY_ERROR;
1824 }
1825 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1826 }else{
1827 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1828 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1829 setLastErrorString( s.c_str( ) );
1830 #ifdef USE_SYSLOG
1831 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1832 #endif
1833 ret = RES_ERROR;
1834 }
1835 return ret;
1836 }
1837
1838 /**
1839 *
1840 * ?違???若???違??菴???.
1841 * 筝?罩c???祉???激?с??D????0??菴???.
1842 *
1843 * @param sid ?祉???激?с??D
1844 * @return ?違???若????/span>
1845 *
1846 */
1847 int getGroupCount( sessionid_t sid )
1848 {
1849 if( hdbc == NULL ) return 0;
1850 if( !isValidSessionID( sid ) ) return 0;
1851
1852 SQLRETURN sqlcode;
1853 SQLHANDLE hstmt = NULL;
1854 string sql;
1855 int ret = 0;
1856
1857 //?違???若???違??羆?????
1858 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1859 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1860 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1861 SQLUINTEGER count = 0;
1862 SQLINTEGER len = 0;
1863 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1864 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1865 ret = count;
1866 }else {
1867 string s( "SQLFetch in getGroupCount sql=" );
1868 s += string( sql );
1869 setLastErrorString( s.c_str( ) );
1870 ret = 0;
1871 }
1872 }else{
1873 setLastErrorString( "SQLExecDirect in getGroupCount" );
1874 ret = 0;
1875 }
1876 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1877 }else{
1878 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1879 ret = 0;
1880 }
1881 return ret;
1882 }
1883
1884 /**
1885 *
1886 * ??絮??違???若??筝?荀у??.
1887 * ???若?吟????絮??????????違???若????D????緇?????
1888 *
1889 * @param sid ?祉???激?с??D
1890 * @param uid ???若?吟??ID
1891 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1892 * @param gids ?違???若??ID?????????阪????
1893 * @param gidsLen gids???????膣??違???阪????
1894 * @return RES_DB_NOT_INITIALIZED
1895 * @return RES_NO_SUCH_SESSION
1896 * @return RES_NO_SUCH_USER
1897 * @return RES_DB_QUERY_ERROR
1898 * @return RES_OK
1899 *
1900 */
1901 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1902 {
1903 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1904 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1905 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1906
1907 result_t ret = RES_ERROR;
1908 string sql;
1909 SQLRETURN sqlcode;
1910 SQLHANDLE hstmt = NULL;
1911 SQLINTEGER count = 0;
1912 groupid_t* dst = 0;
1913 int len = 0;
1914
1915 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1916 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1917 sql += criteria2str( cri );
1918 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1919 *gidsLen = count;
1920 dst = new groupid_t[ *gidsLen ];
1921 *gids = dst;
1922 }else{
1923 return RES_ERROR;
1924 }
1925
1926 //??絮??????違???若??????紊у???違??羆?????
1927 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1928 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1929 if( count > 0 ){
1930 SQLHANDLE hstmt2 = NULL;
1931 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1932 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1933 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1934 sql += criteria2str( cri );
1935 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1936 SQLINTEGER len = 0;
1937 groupid_t gid = 0;
1938 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1939 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1940 dst[ i ] = gid;
1941 }
1942 ret = RES_OK;
1943 }else{
1944 string s( "SQLExecDirect in getGroupsByUid " );
1945 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1946 s += string( ", sql=" ) + string( sql );
1947 ret = RES_DB_QUERY_ERROR;
1948 }
1949 }else{
1950 string s( "SQLAllocHandle in getGroupsByUid " );
1951 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1952 ret = RES_ERROR;
1953 }
1954 }else{
1955 ret = RES_OK;
1956 }
1957 }else{
1958 string s( "SQLExecDirect in getGroupsByUid " );
1959 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1960 s += string( ", sql=" ) + string( sql );
1961 ret = RES_DB_QUERY_ERROR;
1962 }
1963 }else{
1964 string s( "SQLAllocHandle in getGroupsByUid " );
1965 setLastErrorString( s.c_str( ) );
1966 ret = RES_ERROR;
1967 }
1968 return ret;
1969 }
1970
1971 /**
1972 *
1973 * ?違???若??膊∞??罔????????.
1974 * ???若?吟?????若???????罔???????????(?違???若??膊∞?????с??????)????????????.
1975 * ???若?吟???違???若????絖????????????????医幻???翫??鐚?false??菴???.
1976 *
1977 * @param sid ?祉???激?с??D
1978 * @param gid ?違???若????ID
1979 * @param uid ???若?吟??ID
1980 * @return true 膊∞??罔???????
1981 * @return false 膊∞??罔???????鐚??障???????/span>
1982 *
1983 */
1984 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1985 {
1986 if( hdbc == NULL ) return false;
1987 if( !isValidSessionID( sid ) ) return false;
1988 if( !uidExists( uid ) ) return false;
1989 if( !gidExists( gid ) ) return false;
1990
1991 bool ret = false;
1992 string sql;
1993 SQLRETURN sqlcode;
1994 SQLINTEGER count = 0;
1995
1996 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1997 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1998 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1999 sql += " AND is_admin=1";
2000 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2001 if( count > 0 ){
2002 ret = true;
2003 }else{
2004 ret = false;
2005 }
2006 }else{
2007 ret = false;
2008 }
2009 return ret;
2010 }
2011
2012 /**
2013 *
2014 * ?違???若??ID筝?荀?
2015 * ?脂?蚊???????????違???若????D筝?荀с????緇?????.
2016 *
2017 * @param sid ?祉???激?с??D
2018 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2019 * @param gids ?違???若??ID?????????阪????
2020 * @param gidsLen gids???????膣??違???阪????
2021 * @return RES_DB_NOT_INITIALIZED
2022 * @return RES_NO_SUCH_SESSION
2023 * @return RES_DB_QUERY_ERROR
2024 * @return RES_OK
2025 *
2026 */
2027 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
2028 {
2029 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2030 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2031
2032 result_t ret = RES_ERROR;
2033 groupid_t* dst = 0;
2034 string sql;
2035 SQLRETURN sqlcode;
2036 SQLINTEGER count = 0;
2037
2038 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
2039 sql += criteria2str( cri );
2040 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2041 *gidsLen = count;
2042 dst = new groupid_t[ *gidsLen ];
2043 *gids = dst;
2044 }else{
2045 return RES_ERROR;
2046 }
2047
2048 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2049 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2050 groupid_t gid = 0;
2051 SQLINTEGER len = 0;
2052 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2053 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
2054 dst[ i ] = gid;
2055 }
2056
2057 ret = RES_OK;
2058 }else{
2059 string s( "SQLExecDirect in dumpGids " );
2060 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2061 s += "sql=";
2062 s += string( sql );
2063 setLastErrorString( s.c_str( ) );
2064 ret = RES_DB_QUERY_ERROR;
2065 }
2066 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2067 }
2068 return ret;
2069 }
2070
2071 /**
2072 *
2073 * ?違???若??膊∞????ID????緇?????.
2074 * ?????違???若??????????????若??D????緇?????.
2075 *
2076 * @param sid ?祉???激?с??D
2077 * @param gid ???????????違???若????ID?ф??絎?????
2078 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2079 * @param uids 膊∞??????ID???????????????????ゃ?潟??/span>
2080 * @param uidsLen uids???????膣???/span>
2081 * @return RES_OK
2082 * @return RES_DB_NOT_INITIALIZED
2083 * @return RES_NO_SUCH_SESSION
2084 * @return RES_DB_QUERY_ERROR
2085 * @return RES_ERROR
2086 *
2087 */
2088 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2089 {
2090 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2091 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2092
2093 result_t ret = RES_ERROR;
2094 groupid_t* dst = 0;
2095 string sql;
2096 SQLRETURN sqlcode;
2097 SQLINTEGER count = 0;
2098
2099 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2100 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
2101 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2102 *uidsLen = count;
2103 *uids = new groupid_t[ *uidsLen ];
2104 }else{
2105 return RES_ERROR;
2106 }
2107 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2108 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2109 userid_t uid;
2110 SQLINTEGER len = 0;
2111 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2112 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
2113 (*uids)[ i ] = uid;
2114 }
2115 ret = RES_OK;
2116 }else{
2117 string s( "SQLExecDirect in dumpGroupAdmins " );
2118 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2119 s += "sql=";
2120 s += string( sql );
2121 setLastErrorString( s.c_str( ) );
2122 ret = RES_DB_QUERY_ERROR;
2123 }
2124 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2125 }
2126 return ret;
2127 }
2128
2129 /**
2130 *
2131 * ?違???若????絮????若?九????
2132 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2133 * ???????????違???若???????????ゃ?с??????
2134 *
2135 * @param sid ?祉???激?с??D
2136 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2137 * @param uid ???ゅ?莟<?????若?吟??D
2138 * @return RES_DB_NOT_INITIALIZED
2139 * @return RES_NO_SUCH_SESSION
2140 * @return RES_NO_SUCH_USER
2141 * @return RES_NO_SUCH_GROUP
2142 * @return RES_DB_QUERY_ERROR
2143 * @return RES_OK
2144 * @return RES_ERROR
2145 *
2146 */
2147 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
2148 {
2149 if( gid == group_t::GID_DEFAULT ) return RES_ERROR;
2150 return deleteMemberNoLimit( sid, gid, uid );
2151 }
2152
2153 /**
2154 *
2155 * ?違???若????絮????若?九????
2156 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2157 * ???????????違???若???????????ゃ?с?????鴻??鐚?deleteMember???違????
2158 *
2159 * @param sid ?祉???激?с??D
2160 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2161 * @param uid ???ゅ?莟<?????若?吟??D
2162 * @return RES_DB_NOT_INITIALIZED
2163 * @return RES_NO_SUCH_SESSION
2164 * @return RES_NO_SUCH_USER
2165 * @return RES_NO_SUCH_GROUP
2166 * @return RES_DB_QUERY_ERROR
2167 * @return RES_OK
2168 * @return RES_ERROR
2169 *
2170 */
2171 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
2172 {
2173 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2174 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2175 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2176 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2177
2178 result_t ret = RES_ERROR;
2179 string sql;
2180 SQLRETURN sqlcode;
2181 SQLHANDLE hstmt = NULL;
2182
2183 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2184 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2185 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2186 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2187 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2188 SQLINTEGER count = 0;
2189 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2190 ret = RES_OK;
2191 }else{
2192 string s( "SQLRowCount in deleteMember" );
2193 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2194 s += string( ", sql=" ) + string( sql );
2195 setLastErrorString( s.c_str( ) );
2196 ret = RES_NO_SUCH_USER;
2197 }
2198 }else{
2199 string s( "SQLExecDirect in deleteMember" );
2200 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2201 s += ", sql=";
2202 s += string( sql );
2203 setLastErrorString( s.c_str( ) );
2204 ret = RES_DB_QUERY_ERROR;
2205 }
2206 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2207 }else{
2208 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
2209 ret = RES_ERROR;
2210 }
2211 return ret;
2212 }
2213
2214 /**
2215 *
2216 * ?違???若????絮????若?区申??.
2217 * ?違???若?????<?潟???若?????若?吟??菴遵??????.
2218 *
2219 * @param sid ?祉???激?с??D
2220 * @param gid ??絮????違???若????D
2221 * @param uid ??絮??????????若?吟??D
2222 * @param admin 膊∞????罔?????筝?????????true
2223 * @return RES_OK
2224 * @return RES_DB_NOT_INITIALIZED
2225 * @return RES_NO_SUCH_SESSION
2226 * @return RES_NO_SUCH_USER
2227 * @return RES_NO_SUCH_GROUP
2228 * @return RES_DB_QUERY_ERROR
2229 *
2230 */
2231 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
2232 {
2233 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2234 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2235 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2236 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2237
2238 result_t ret = RES_ERROR;
2239 string sql;
2240 SQLRETURN sqlcode;
2241
2242 //?<?潟???若??菴遵??
2243 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2244 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
2245 sql += string( unsignedIntToString( gid ) ) + ", ";
2246 sql += string( unsignedIntToString( uid ) ) + ", ";
2247 sql += string( admin ? "1" : "0" ) + ") ";
2248 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2249 SQLINTEGER count = 0;
2250 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2251 ret = RES_OK;
2252 }else{
2253 string s( "SQLRowCount in insertMember " );
2254 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2255 s += string( ", sql=" ) + string( sql );
2256 setLastErrorString( s.c_str( ) );
2257 ret = RES_DB_QUERY_ERROR;
2258 }
2259 }else{
2260 string s( "SQLExecDirect in insertMember " );
2261 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2262 s += string( ", sql=" ) + string( sql );
2263 setLastErrorString( s.c_str( ) );
2264 ret = RES_DB_QUERY_ERROR;
2265 }
2266 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2267 }else{
2268 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
2269 ret = RES_ERROR;
2270 }
2271 return ret;
2272 }
2273
2274 /**
2275 *
2276 * ?違???若????絮????若?九??.
2277 * ?????違???若??????絮????????????若?吟?????若??D????緇?????
2278 *
2279 * @param sid ?祉???激?с??D
2280 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2281 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2282 * @param uids ??絮????若?吟??ID???????????????????ゃ?潟??/span>
2283 * @param uidsLen uids???????膣???/span>
2284 * @return RES_OK
2285 * @return RES_DB_NOT_INITIALIZED
2286 * @return RES_NO_SUCH_SESSION
2287 * @return RES_NO_SUCH_GROUP
2288 * @return RES_DB_QUERY_ERROR
2289 * @return RES_ERROR
2290 *
2291 */
2292 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2293 {
2294 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2295 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2296 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2297
2298 result_t ret = RES_ERROR;
2299 string sql;
2300 SQLRETURN sqlcode;
2301 SQLHANDLE hstmt = NULL;
2302 userid_t* dst = 0;
2303
2304 //how many members ?
2305 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2306 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2307 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2308 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2309 SQLUINTEGER count = 0;
2310 SQLINTEGER len = 0;
2311 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
2312 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2313 dst = new userid_t[ count ];
2314 *uids = dst;
2315 *uidsLen = count;
2316 if( count > 0 ){
2317 //retrieve member's IDs
2318 SQLHANDLE hstmt2 = NULL;
2319 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2320 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2321 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2322 sql += " " + string( criteria2str( cri ) );
2323 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2324 SQLUINTEGER uid = 0;
2325 SQLINTEGER len = 0;
2326 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2327 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2328 dst[ i ] = uid;
2329 }
2330 ret = RES_OK;
2331 }else{
2332 setLastErrorString( "SQLExecDirect in getMembers" );
2333 ret = RES_DB_QUERY_ERROR;
2334 }
2335 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2336 }else{
2337 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2338 ret = RES_ERROR;
2339 }
2340 }else{
2341 ret = RES_OK;
2342 }
2343 }else{
2344 string s( "SQLFetch in getMembers sql=" );
2345 s += string( sql );
2346 setLastErrorString( s.c_str( ) );
2347 ret = RES_DB_QUERY_ERROR;
2348 }
2349 }else{
2350 setLastErrorString( "SQLExecDirect in getMembers" );
2351 ret = RES_DB_QUERY_ERROR;
2352 }
2353 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2354 }else{
2355 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2356 ret = RES_ERROR;
2357 }
2358 return ret;
2359 }
2360
2361 /**
2362 *
2363 * ?違???若????????
2364 * ???若?帥???若?鴻?????違???若???????ゃ???障??.
2365 *
2366 * @param sid ?祉???激?с??D
2367 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2368 * @return RES_OK
2369 * @return RES_DB_QUERY_ERROR
2370 * @return RES_NO_SUCH_SESSION
2371 * @return RES_DB_NOT_INITIALIZED
2372 *
2373 */
2374 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2375 {
2376 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2377 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2378
2379 result_t ret = RES_ERROR;
2380 string sql;
2381 SQLRETURN sqlcode;
2382 SQLHANDLE hstmt = NULL;
2383
2384 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2385 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2386 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2387 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2388 SQLINTEGER count = 0;
2389 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2390 ret = RES_OK;
2391 }else{
2392 string s( "SQLRowCount in deleteGroup" );
2393 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2394 s += string( ", sql=" ) + string( sql );
2395 setLastErrorString( s.c_str( ) );
2396 ret = RES_NO_SUCH_USER;
2397 }
2398 }else{
2399 string s( "SQLExecDirect in deleteGroup" );
2400 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2401 s += ", sql=";
2402 s += string( sql );
2403 setLastErrorString( s.c_str( ) );
2404 ret = RES_DB_QUERY_ERROR;
2405 }
2406 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2407 }else{
2408 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2409 ret = RES_ERROR;
2410 }
2411 return ret;
2412 }
2413
2414 /**
2415 *
2416 * ?違???若???脂??
2417 * ?違???若???????宴?????若?帥???若?鴻????蚊????鐚?/span>
2418 * ?脂?蚊?????違???若?????綽??????違???若??ID??gid???主?????鐚?/span>
2419 *
2420 * @param sid ?祉???激?с??D
2421 * @param group ?脂?蚊???????違???若????????/span>
2422 * @param gid ?脂?蚊?????違???若?????綽??????違???若??ID
2423 * @return RES_OK
2424 * @return RES_DB_NOT_INITIALIZED
2425 * @return RES_NO_SUCH_SESSION
2426 * @return RES_DB_QUERY_ERROR
2427 *
2428 */
2429 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2430 {
2431 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2432 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2433
2434 result_t ret = RES_ERROR;
2435 string sql;
2436 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2437 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2438 SQLRETURN sqlcode;
2439
2440 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2441 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2442 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2443 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2444 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2445 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2446 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2447 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2448 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2449 SQLINTEGER count = 0;
2450 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2451 //?違???若??ID????緇?????
2452 sql = "SELECT LAST_INSERT_ID()";
2453 ret = queryGetUnsignedInt( "insertGroup", sql, (unsigned int*)gid );
2454 }else{
2455 string s( "SQLRowCount in insertGroup sql=" );
2456 s += string( sql );
2457 setLastErrorString( s.c_str( ) );
2458 ret = RES_DB_QUERY_ERROR;
2459 }
2460 }else{
2461 string s( "SQLExecute in insertGroup " );
2462 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2463 setLastErrorString( s.c_str( ) );
2464 ret = RES_DB_QUERY_ERROR;
2465 }
2466 }else{
2467 string s( "SQLPrepare in insertGroup " );
2468 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2469 setLastErrorString( s.c_str( ) );
2470 ret = RES_ERROR;
2471 }
2472 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2473 }else{
2474 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2475 ret = RES_ERROR;
2476 }
2477
2478 //
2479 if ( ret == RES_OK ){
2480 //group index??篏???
2481
2482 //group index????ort_num????
2483 string sql = "SELECT MAX(sort_number) FROM " +
2484 dbprefix + "_xnpaccount_index WHERE parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
2485 " AND (open_level=" + unsignedIntToString(index::OL_GROUP_ONLY) +
2486 " OR open_level=" + unsignedIntToString(index::OL_PUBLIC) + ")";
2487 unsigned int sortNumber;
2488 ret = queryGetUnsignedInt( "insertGroup", sql, &sortNumber );
2489 sortNumber++;
2490 if ( ret == RES_OK ){
2491 // group index篏???
2492 index_t index;
2493 userid_t uid;
2494 ret = sessionID2UID( sid, &uid );
2495 if ( ret == RES_OK ){
2496 index.setItemTypeID(item::ITID_INDEX);
2497 index.setContributorUID(uid);
2498 index.setParentIndexID(item::IID_ROOT);
2499 index.setOwnerGID(*gid);
2500 index.setOpenLevel(index::OL_GROUP_ONLY);
2501 index.setSortNumber(sortNumber);
2502 index.setTitle(group->getGname());
2503 indexid_t groupXID;
2504 ret = insertIndexInternal( sid, &index, &groupXID );
2505 if ( ret == RES_OK ){
2506 // xnpaccuont_groups??roup_index_id???吾??????
2507 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET group_index_id="
2508 + unsignedIntToString(groupXID) + " WHERE gid=" + unsignedIntToString(*gid);
2509 ret = querySimple( "insertGroup", sql );
2510 }
2511 }
2512 }
2513 }
2514
2515 return ret;
2516 }
2517
2518 /**
2519 *
2520 * ?違???若?????宴??紊??眼????
2521 *
2522 * @param sid ?祉???激?с??D
2523 * @param group ?違?????違???若??????/span>
2524 * @return RES_OK
2525 * @return RES_ERROR
2526 * @return RES_DB_NOT_INITIALIZED
2527 * @return RES_NO_SUCH_SESSION
2528 * @return RES_NO_SUCH_GROUP
2529 * @return RES_DB_QUERY_ERROR
2530 *
2531 */
2532 result_t updateGroup( sessionid_t sid, const group_t* group )
2533 {
2534 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2535 if( group == NULL ) return RES_ERROR;
2536 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2537 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2538
2539 result_t ret = RES_ERROR;
2540 string sql;
2541 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2542 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2543 SQLRETURN sqlcode;
2544
2545 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2546 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2547 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2548 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2549 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2550 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2551 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2552 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2553 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2554 SQLINTEGER count = 0;
2555 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2556 ret = RES_OK;
2557 }else{
2558 string s( "SQLRowCount in updateGroup sql=" );
2559 s += string( sql );
2560 setLastErrorString( s.c_str( ) );
2561 ret = RES_DB_QUERY_ERROR;
2562 }
2563 }else{
2564 string s( "SQLExecute in updateGroup " );
2565 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2566 setLastErrorString( s.c_str( ) );
2567 ret = RES_DB_QUERY_ERROR;
2568 }
2569 }else{
2570 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2571 ret = RES_ERROR;
2572 }
2573 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2574 }else{
2575 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2576 ret = RES_ERROR;
2577 }
2578 return RES_OK;
2579 }
2580
2581 /**
2582 *
2583 * ?違???若?????怨??
2584 *
2585 * @param sid ?祉???激?с??D
2586 * @param gid ??緇????????違???若????ID
2587 * @param group ??緇??????違???若?????宴???≪?????鴻???吾??莨若?????ゃ?潟??/span>
2588 * @return RES_OK
2589 * @return RES_DB_NOT_INITIALIZED
2590 * @return RES_NO_SUCH_SESSION
2591 * @return RES_NO_SUCH_GROUP
2592 * @return RES_DB_QUERY_ERROR
2593 *
2594 */
2595 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2596 {
2597 int len;
2598 static criteria c;
2599 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2600 if( len == 0 ) return RES_NO_SUCH_GROUP;
2601 return res;
2602 }
2603
2604 /**
2605 *
2606 * 茲??違???違???若?????宴??筝?綺?????????.
2607 *
2608 * @param sid ?祉???激?с??D
2609 * @param gids ??緇????????違???若????ID??????
2610 * @param gidsLen gids???????膣???/span>
2611 * @param cri 腟???????膀??駕??純?若???>散????絎?
2612 * @param groups ??緇?腟??????違???若?????宴?????????≪?????鴻???吾??莨若?????ゃ?潟??/span>
2613 * @param groupsLen ??緇?腟????????????膣???/span>
2614 * @return RES_OK
2615 * @return RES_DB_NOT_INITIALIZED
2616 * @return RES_NO_SUCH_SESSION
2617 * @return RES_DB_QUERY_ERROR
2618 *
2619 */
2620 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2621 {
2622 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2623 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2624
2625 #ifdef USE_SYSLOG
2626 openlog( "commonal", LOG_ODELAY, LOG_USER );
2627 #endif
2628
2629 SQLRETURN sqlcode;
2630 SQLHANDLE hstmt = NULL;
2631 result_t ret = RES_ERROR;
2632 string sql;
2633 group_t* dst = new group_t[ gidsLen ];
2634
2635 sql += "SELECT gid, gname, gdesc, group_index_id ";
2636 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2637 if( gidsLen > 0 ){
2638 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2639 for( int i = 1; i < gidsLen; i++ ){
2640 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2641 }
2642 }
2643 sql += criteria2str( cri );
2644
2645 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2646 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2647 SQLINTEGER len = 0;
2648 groupid_t gid = 0;
2649 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2650 *groupsLen=0;
2651 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2652 dst[ i ].setGID( gid );
2653 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2654 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2655 dst[ i ].setGroupIndexID( atoi(getResultCol( hstmt, 4 ).c_str()) );
2656 ( *groupsLen )++;
2657 }
2658 *groups = dst;
2659 #ifdef USE_SYSLOG
2660 syslog( LOG_DEBUG, "getGroups succeed" );
2661 #endif
2662 ret = RES_OK;
2663 }else{
2664 string s( "SQLExecDirect in getGroups" );
2665 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2666 s += string( ", sql=" ) + string( sql );
2667 setLastErrorString( s.c_str( ) );
2668 #ifdef USE_SYSLOG
2669 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2670 #endif
2671 ret = RES_DB_QUERY_ERROR;
2672 }
2673 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2674 }else{
2675 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2676 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2677 setLastErrorString( s.c_str( ) );
2678 #ifdef USE_SYSLOG
2679 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2680 #endif
2681 ret = RES_ERROR;
2682 }
2683 #ifdef USE_SYSLOG
2684 closelog( );
2685 #endif
2686 return ret;
2687 }
2688
2689 /**
2690 *
2691 * ?≪?????若?炊┤???????<??菴???
2692 *
2693 * @param sid ?祉???激?с??D
2694 * @param uid ???????????????若?吟??ID
2695 * @return true 罔???????
2696 * @return false 罔???????
2697 *
2698 */
2699 bool isModerator( sessionid_t sid, userid_t uid )
2700 {
2701 if( hdbc == NULL ) return false;
2702 if( !isValidSessionID( sid ) ) return false;
2703 if( !uidExists( uid ) ) return false;
2704
2705 bool ret = false;
2706 SQLRETURN sqlcode;
2707 SQLHANDLE hstmt = NULL;
2708 SQLINTEGER count = 0;
2709 string sql;
2710 groupid_t moderator_gid;
2711
2712 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2713 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2714 sql += " WHERE name='moderator_gid'";
2715 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2716 SQLINTEGER len = 0;
2717 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2718 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2719 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2720 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2721 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2722 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2723 if( count > 0 ){
2724 ret = true;
2725 }
2726 }
2727 }else{
2728 setLastErrorString( "SQLFetch in isModerator " );
2729 }
2730 }else{
2731 string s( "SQLExecDirect in isModerator " );
2732 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2733 s += ", sql=";
2734 s += string( sql );
2735 setLastErrorString( s.c_str( ) );
2736 }
2737 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2738 }else{
2739 setLastErrorString( "SQLAllocHandle in isModerator " );
2740 }
2741 return ret;
2742 }
2743
2744 /**
2745 *
2746 * ???若??D??緇?
2747 *
2748 * @param uname ID????緇??????????若?吟?弱??
2749 * @param uid ID??篁e?ャ??????紊??違?????ゃ?潟??/span>
2750 * @return RES_ERROR
2751 * @return RES_OK
2752 * @refer result_t
2753 *
2754 */
2755 result_t getUid( const char* uname, userid_t* uid )
2756 {
2757 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2758 if( uname == NULL ) return RES_ERROR;
2759
2760 result_t ret = RES_ERROR;
2761 SQLRETURN sqlcode;
2762 SQLHANDLE hstmt = NULL;
2763 string sql;
2764 string uname2 = addSlashes( uname );
2765
2766 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2767 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2768 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2769 userid_t _uid = 0;
2770 SQLINTEGER len = 0;
2771 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2772 sqlcode = SQLFetch( hstmt );
2773 if( sqlcode == SQL_SUCCESS ){
2774 *uid = _uid;
2775 ret = RES_OK;
2776 }else {
2777 string s( "SQLFetch in getUid sql=" );
2778 s += string( sql );
2779 setLastErrorString( s.c_str( ) );
2780 ret = RES_NO_SUCH_USER;
2781 }
2782 }else{
2783 setLastErrorString( "SQLExecDirect in getUid" );
2784 ret = RES_DB_QUERY_ERROR;
2785 }
2786 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2787 }else{
2788 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2789 ret = RES_ERROR;
2790 }
2791
2792 return ret;
2793 }
2794
2795 /**
2796 *
2797 * ?祉???激?с?潟??篏?????xoops_xnpaccount_session???吾??莨若???? sessionid_t??session???????
2798 *
2799 * @param uid xoops_users??id
2800 * @param session sessionid_t???????????????????ゃ?潟?帥??
2801 * @return RES_OK ????
2802 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2803 */
2804 static result_t addSession( userid_t uid, sessionid_t* session )
2805 {
2806 char *functionName = "addSession";
2807 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2808 unsignedIntToString(uid) + ")";
2809 result_t ret = querySimple( functionName, sql );
2810 if ( ret == RES_OK ){
2811 sql = "SELECT LAST_INSERT_ID()";
2812 ret = queryGetUnsignedInt( functionName, sql, (unsigned int*)session );
2813 }
2814 return ret;
2815 }
2816
2817
2818 /**
2819 *
2820 * ???違?ゃ?活?荐若???祉???激?с?割???
2821 *
2822 * @param uname ???違?ゃ?喝??
2823 * @param passwd ???鴻???若??
2824 * @param session sessionid_t???????????????????ゃ?潟?帥??
2825 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????<br>
2826 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻<br>
2827 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2828 *
2829 */
2830 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2831 {
2832 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2833
2834 result_t ret;
2835 string sql;
2836 SQLRETURN sqlcode;
2837
2838 // uname, passwd -> uid
2839 string escUname = addSlashes( uname );
2840 string escPasswd = addSlashes( passwd );
2841 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2842
2843 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2844 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2845 userid_t uid = 0;
2846 SQLINTEGER len = 0;
2847 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2848 sqlcode = SQLFetch( hstmt );
2849 if( sqlcode == SQL_SUCCESS ){
2850 ret = addSession( uid, session );
2851 }else {
2852 string s( "SQLFetch in loginUser" );
2853 setLastErrorString( s.c_str( ) );
2854 ret = RES_LOGIN_FAILURE;//illegal loginname or password
2855 }
2856 }else{
2857 setLastErrorString( "SQLExecDirect in loginUser" );
2858 ret = RES_DB_QUERY_ERROR;