Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.36 - (show annotations) (download) (as text)
Thu Jan 13 04:19:22 2005 UTC (19 years, 2 months ago) by aga
Branch: MAIN
Changes since 1.35: +104 -96 lines
File MIME type: text/x-c++src 
・VPをXNPに変換.
1 /*
2 *
3 * $Revision: 1.35 $
4 * $Log: commonal.cc,v $
5 * Revision 1.35 2005/01/06 07:20:17 youi
6 * WIN32絎?臂??????ゃ?潟?????若????申??.
7 * MySQL API???≪?????????????<?ゃ????????
8 * deleteAccount: ??絮?????Platform?違???若???????????ゃ?????泣????.
9 * insertAccount: ???若?句?脂?蚊??????????????????Platform?違???若???悟?脂?蚊????.
10 * deleteMember: ??????????Platform?違???若???????????ゃ??胼?罩≪????.
11 * deleteMemberNoLimit???臂?
12 *
13 * Revision 1.34 2004/12/28 04:38:14 aga
14 * ??ogoutUser()??信罩?
15 *
16 * Revision 1.33 2004/12/27 05:56:23 youi
17 * odbcDiagString: STMT篁ュ?????潟??????????????????????眼????.
18 * syslog?<???祉?若?吾????????菴遵??????.
19 *
20 * Revision 1.32 2004/12/25 09:46:47 youi
21 * MySQL+MyODBC?у??篏???????????信罩c????.
22 *
23 * Revision 1.31 2004/12/21 11:42:59 youi
24 * ?潟?<?潟??????逸??祉???ゃ???????????菴遵??.
25 *
26 * Revision 1.30 2004/12/18 10:24:54 youi
27 * IMPORT_MYSQLDLL??絎?臂?????????鐚?MYSQL??LL?????????潟?????????????帥?ゃ??絎h???
28 * ???鴻????????????信罩c????.
29 *
30 * Revision 1.29 2004/12/18 01:12:29 youi
31 * freeResult???∽?医????free<???若?水??>????眼????.
32 *
33 * Revision 1.28 2004/12/14 12:02:08 youi
34 * __WIN__??絎?臂???????????indows??ll篏??????荀?????????茵?????.
35 * USE_SYSLOG??絎?臂???????????yslogd?吾?<???祉?若?吾???阪??????.
36 * getAccounts: uidsLen??0??????????????菴遵??????.
37 *
38 * Revision 1.27 2004/12/06 11:34:47 aga
39 * ??ninitializeDB()??菴遵??.
40 *
41 * Revision 1.26 2004/12/06 10:17:36 youi
42 * mysql_use_result????腟?????罧??????????冴??????鐚?
43 * while( row = mysql_fetch_row(result) );???水?ワ?
44 *
45 * Revision 1.25 2004/12/06 07:24:33 youi
46 * insertAccount, insertGroup:
47 * ?域?菴遵?????????宴???綽????????若??D鐚??違???若??ID??膃??綣??違???吾??莨若??.
48 *
49 * Revision 1.24 2004/12/06 01:45:50 aga
50 * ?祉?潟?<?潟???ゃ??.
51 * ?脂???上???篆??.
52 *
53 * Revision 1.23 2004/12/04 09:21:10 aga
54 * ??np_config ?? xnpaccount_config.
55 *
56 * Revision 1.22 2004/12/03 07:17:21 youi
57 * isModerator?с?≪???祉?鴻???????若?帥???若?鴻???若????????篆??.
58 *
59 * Revision 1.21 2004/12/01 10:28:58 youi
60 * DB????????????眼??軸??篆??
61 * institute -> division
62 * organizaion -> company_name
63 *
64 * Revision 1.20 2004/12/01 04:37:04 youi
65 * freeResult: unsigned int* ?? int* ?娯信罩?
66 * ?潟?<?潟???????∽?違???????菴処?.
67 *
68 * Revision 1.19 2004/11/30 06:40:11 youi
69 * ?∽?違??菴遵??(gidExists, uidExists)
70 * getGroupCount??絎?臂?
71 * getGroupsByUid??絎?臂?
72 * isGroupAdmin??篆??.
73 * dumpGroupAdmins??絎?臂?
74 * deleteMember??絎?臂?
75 * insertMember??絎?臂?
76 * getMembers??絎?臂?
77 * isModerator??絎?臂?
78 *
79 * Revision 1.18 2004/11/30 05:46:32 aga
80 * ??ession????remoteHost??????
81 *
82 * Revision 1.17 2004/11/27 09:35:49 youi
83 * isActivated??絎?臂?
84 * activate??絎?臂?
85 * dumpUid??絎?臂?
86 *
87 * Revision 1.16 2004/11/27 06:29:29 youi
88 * getAccountCount??絎?臂?
89 * dumpGids??絎?臂?
90 * insertGroup, deleteGroup, updateGroup??絎?臂?
91 * getGroup, getGroups??絎?臂?
92 * ???若?帥???若?劫?????????弱?冴?????鐚?RES_DB_NOT_INITIALIZED??菴????????????∽?違??申??
93 * (???綽????∽?違??罧??c??????)
94 *
95 * Revision 1.15 2004/11/27 02:22:22 aga
96 * ??nitializeDB????ddSlashes()???若?吟???純?<??????篆??.
97 *
98 * Revision 1.14 2004/11/27 01:07:31 youi
99 * criteria2str: LIMIT??RDER BY?????????ャ???帥????.
100 *
101 * Revision 1.13 2004/11/27 00:35:39 youi
102 * getAccounts??絎?臂?
103 * getAccount??篆??鐚???????etAccounts???若?喝?冴??.
104 * criteria2str??絎?臂?
105 *
106 * Revision 1.12 2004/11/26 09:45:28 youi
107 * getAccount??絎?臂?
108 *
109 * Revision 1.11 2004/11/26 08:16:26 aga
110 * ??etSession, loginUser, createSession, freeResult(const session_t*) 篆??.
111 *
112 * Revision 1.10 2004/11/26 07:57:42 youi
113 * updateAccount, deleteAccount??絎?臂?
114 * mysql_query紊掩??????tderr?吾?????若?潟?若?????????若?<???祉?若?吾???阪??.
115 *
116 * Revision 1.9 2004/11/26 07:38:02 aga
117 * ??AILUE -> FAILURE.
118 *
119 * Revision 1.8 2004/11/26 06:36:55 aga
120 * ??reateSession, getSession ??篏???.
121 *
122 * Revision 1.7 2004/11/26 04:51:47 youi
123 * dbprefix??絎?臂?????.
124 * insertAccount??絎?臂?????.
125 * isValidSessionID??絎?臂?????.
126 *
127 * Revision 1.6 2004/11/26 04:35:55 aga
128 * ??oginUser(), logoutUser()??篏???.
129 *
130 * Revision 1.5 2004/11/26 01:08:25 aga
131 * ??ddSlashes()篏???.
132 *
133 * Revision 1.4 2004/11/25 12:14:29 youi
134 * getUid????????絎?臂?????.
135 *
136 * Revision 1.3 2004/11/25 11:13:59 youi
137 * getLastErrorString/setLastErrorString??絎?臂?
138 *
139 * Revision 1.2 2004/11/25 08:55:19 youi
140 * 綣??違??????篆??.
141 * freeResult??菴遵??.
142 *
143 * Revision 1.1 2004/11/25 05:14:58 youi
144 * initial version
145 *
146 *
147 */
148 #ifdef WIN32
149 #include <windows.h>
150 #endif
151
152 #ifdef USE_SYSLOG
153 #include <syslog.h>
154 #endif
155
156 #include <stdio.h>
157 #include <stdlib.h>
158 #include <string.h>
159 #include <string>
160 #include <assert.h>
161 #include <sql.h>
162 #include <sqlext.h>
163 using namespace std;
164
165 #include "common.h"
166 #include "account.h"
167 #include "group.h"
168 #include "session.h"
169 #include "criteria.h"
170 #include "commonal.h"
171
172 static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX
173
174 static SQLHANDLE henv = NULL;
175 static SQLHANDLE hdbc = NULL;
176 static SQLHANDLE hstmt = NULL;
177
178 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
179 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
180
181 static result_t countResultRows( const char* sql, SQLINTEGER* count )
182 {
183 result_t ret = RES_ERROR;
184 SQLRETURN sqlcode;
185 SQLHANDLE hstmt = NULL;
186 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
187 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
188 *count = 0;
189 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
190 ret = RES_OK;
191 }else{
192 string s( "SQLExecDirect in countResultRows " );
193 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
194 s += "sql=";
195 s += string( sql );
196 setLastErrorString( s.c_str( ) );
197 ret = RES_DB_QUERY_ERROR;
198 }
199 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
200 }
201 return ret;
202 }
203
204 /**
205 *
206 * ??絖????潟???種?
207 * ??絎???絖??違???潟???若??鐚????????<????緇???NULL腟?腴?????鐚?/span>
208 * ( dst???泣?ゃ? >= len + 1 )?с????????/span>
209 *
210 */
211 static char* strncpy2( char* dst, const char* src, int len )
212 {
213 strncpy( dst, src, len );
214 dst[ len ] = '\0';
215 // fprintf( stderr, "strncpy2 '%s'\n", dst );
216 return dst;
217 }
218
219 /**
220 *
221 * SQL???茵?腟????????????惹??絖?????????????
222 *
223 * @param hstmt SQL??????潟????/span>
224 * @param sqlcode SQLExecDirect,SQLExecute???祉????/span>
225 * @return ?????惹??絖???
226 */
227 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
228 {
229 string s;
230 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
231 SQLCHAR SQLState[6];
232 SQLINTEGER NativeError;
233 SQLCHAR MessageText[ 1024 ];
234 SQLSMALLINT BufferLength;
235 SQLSMALLINT TextLength;
236 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
237
238 s += string( (char*)MessageText );
239 s += " SQLSTATE=";
240 s += string( (char*)SQLState );
241
242 }
243 s += " sqlcode=";
244 s += intToString( sqlcode );
245 return s;
246 }
247
248 /**
249 *
250 * ??絎??????????ゃ???????冴??????????絖?????菴???
251 *
252 */
253 string getResultCol( SQLHANDLE hstmt, int col )
254 {
255 string s;
256 SQLRETURN sqlcode;
257 SQLCHAR BinaryPtr[5000];
258 SQLUINTEGER PartID;
259 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
260 SQLRETURN rc;
261
262 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
263 &BinaryLenOrInd)) != SQL_NO_DATA) {
264 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
265 if( NumBytes >= 0 ){
266 s += string( (char*)BinaryPtr, NumBytes );
267 }
268 }
269 #ifdef USE_SYSLOG
270 // openlog( "commonal", LOG_ODELAY, LOG_USER );
271 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
272 // closelog( );
273 #endif
274 return s;
275 }
276
277
278 /**
279 *
280 * ?????若????????\荐??激?с???鴻?宴?若??????
281 *
282 * @param str addslashes???鴻????絖?????NULL??絎?筝?????
283 * @return 紊???緇?????絖???
284 */
285 string addSlashes( const char *str )
286 {
287 if ( hdbc == NULL ){
288 string s;
289 return s;
290 }else{
291 string s( str );
292 return s;
293 }
294
295 int len = strlen(str) * 3;
296 char* dst = new char[ len ];
297 const char* from = str;
298 char* to = dst;
299 while( *from != '\0' ){
300 switch( *from ){
301 case '\'':
302 case '\"':
303 case ';':
304 *to = '\\'; to++;
305 break;
306 }
307 *to = *from; to++;
308 from++;
309 }
310 *to = '\0';
311 string s( dst );
312 delete[] dst;
313 return s;
314 }
315
316 /**
317 *
318 * gid??????????с????
319 * DB???≪???祉?劫け????????false??????鐚?/span>
320 *
321 * @param gid ???с??????????GID
322 * @return true 絖???????
323 * @return false 絖?????????
324 *
325 */
326 static bool gidExists( groupid_t gid )
327 {
328 string sql;
329 SQLRETURN sqlcode;
330 SQLHANDLE hstmt = NULL;
331
332 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
333 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
334 return false;
335 }
336
337 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
338 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
339 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
340 setLastErrorString( "SQLExecDirect in gidExists" );
341 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
342 return false;
343 }
344
345 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
346 setLastErrorString( "SQLFetch in gidExists" );
347 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
348 return false;
349 }
350
351 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
352 return true;
353 }
354
355
356 /**
357 *
358 * Platform???若?倶???宴??id??絖??????????????с????
359 * DB???≪???祉?劫け????????false??????鐚?/span>
360 *
361 * @param uid ???с??????????UID
362 * @return true 絖???????
363 * @return false 絖?????????
364 *
365 */
366 static bool uidExists( userid_t uid )
367 {
368 bool ret = false;
369 string sql;
370 SQLRETURN sqlcode;
371 SQLINTEGER count = 0;
372
373 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
374 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
375 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
376 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
377 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
378 ret = true;
379 }else{
380 string s( "SQLFetch in uidExists ");
381 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
382 s += string( ", sql=" ) + string( sql );
383 setLastErrorString( s.c_str( ) );
384 ret = false;
385 }
386 }else{
387 string s( "SQLExecDirect in uidExists ");
388 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
389 s += string( ", sql=" ) + string( sql );
390 setLastErrorString( s.c_str( ) );
391 ret = false;
392 }
393 }else{
394 string s( "SQLAllocHandle in uidExists ");
395 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
396 setLastErrorString( s.c_str( ) );
397 ret = false;
398 }
399 return ret;
400 }
401
402
403 /**
404 *
405 * criteria ?? SQL?????????
406 *
407 *
408 *
409 */
410 string criteria2str( criteria* cri )
411 {
412 string sql;
413
414 const orderby* odrby = cri -> headOrderBy( );
415 if( odrby != 0 ){
416 sql += " ORDER BY " + string( odrby -> getColumn( ) );
417 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
418 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
419 sql += ", " + string( odrby -> getColumn( ) );
420 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
421 }
422 }
423
424 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
425 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
426 + ", " + string( intToString( cri -> getLimitRows( ) ) );
427 }
428 return sql;
429 }
430
431
432 /**
433 *
434 * ???若?帥???若?鴻????????
435 *
436 * @param dsn DSN
437 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
438 * @param password 筝?荐????若?吟?????鴻???若??
439 * @param dbname ??????/span>
440 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
441 * @return RES_OK
442 * @return RES_DB_INITIALIZE_ERROR
443 * @return RES_DB_CONNECT_ERROR
444 * @refer result_t
445 */
446 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
447 {
448 SQLRETURN sqlcode;
449
450 #ifdef USE_SYSLOG
451 openlog( "commonal", LOG_ODELAY, LOG_USER );
452 #endif
453 // ?≪??・膓?筝???????筝???????/span>
454 if ( hdbc != NULL )
455 SQLDisconnect( hdbc );
456
457 dbprefix = prefix;
458
459 // ????????・膓?
460 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
461 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
462 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
463 #ifdef USE_SYSLOG
464 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
465 closelog( );
466 #endif
467 return RES_DB_INITIALIZE_ERROR;
468 }
469 //ODBC Ver.3 ????????????????????с??荐??
470 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
471
472 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
473 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
474 #ifdef USE_SYSLOG
475 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
476 closelog( );
477 #endif
478 return RES_DB_INITIALIZE_ERROR;
479 }
480 //???違?ゃ?潟??腱?篁ヤ?荀????????帥?ゃ???≪????????荐??
481 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
482
483 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
484 string s( "SQLConnect in initializeDB " );
485 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
486 setLastErrorString( s.c_str( ) );
487 #ifdef USE_SYSLOG
488 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
489 closelog( );
490 #endif
491 return RES_DB_CONNECT_ERROR;
492 }
493 #ifdef USE_SYSLOG
494 syslog( LOG_DEBUG, "initializeDB succeed" );
495 closelog( );
496 #endif
497 return RES_OK;
498 }
499
500 /**
501 *
502 * DB?ョ????????違???????????障??????
503 *
504 * @param ????
505 * @return RES_OK
506 */
507 result_t uninitializeDB()
508 {
509 if ( hdbc != NULL ){
510 SQLDisconnect( hdbc );
511 hdbc = NULL;
512 }
513 return RES_OK;
514 }
515
516 /**
517 *
518 * Platform???若?倶?粋??倶????緇?
519 *
520 * @param sid ?祉???激?с??D
521 * @param uid ?倶??????緇??????????若?吟??ID
522 * @return true ?粋?羝???/span>
523 * @return false ???粋?
524 *
525 */
526 bool isActivated( sessionid_t sid, userid_t uid )
527 {
528 if( hdbc == NULL ) return false;
529 if( !isValidSessionID( sid ) ) return false;
530
531 bool ret = false;
532 string sql;
533 SQLRETURN sqlcode;
534 SQLHANDLE hstmt = NULL;
535
536 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
537 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
538 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
539 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
540 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
541 ret = true;
542 }else{
543 string s( "SQLFetch in isActivated " );
544 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
545 s += ", sql=" + sql;
546 setLastErrorString( s.c_str() );
547 ret = false;
548 }
549 }else{
550 string s( "SQLExecDirect in isActivated " );
551 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
552 s += ", sql=" + sql;
553 setLastErrorString( s.c_str() );
554 ret = false;
555 }
556 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
557 }else{
558 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
559 ret = false;
560 }
561 return ret;
562 }
563
564 /**
565 *
566 * Platform???若?倶?粋??倶??紊???/span>
567 *
568 * @param sid ?祉???激?с??D
569 * @param uid 紊??眼?????????若?吟??ID
570 * @param activate ?粋?(true) / ???粋?(false)????絎?
571 * @return RES_OK
572 * @return RES_DB_QUERY_ERROR
573 * @return RES_NO_SUCH_USER
574 */
575 result_t activate( sessionid_t sid, userid_t uid, bool activate )
576 {
577 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
578 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
579
580 string sql;
581 SQLRETURN sqlcode;
582 result_t ret = RES_ERROR;
583
584 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
585 sql += "SET activate=" + string( activate ? "1" : "0" );
586 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
587 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
588 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
589 SQLINTEGER count = 0;
590 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
591 ret = RES_OK;
592 }else{
593 string s( "SQLRowCount in activate ");
594 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
595 s += string( ", sql=" ) + string( sql );
596 setLastErrorString( s.c_str( ) );
597 ret = RES_NO_SUCH_USER;
598 }
599 }else{
600 string s( "SQLExecDirect in activate " );
601 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
602 s += ", sql=";
603 s += string( sql );
604 setLastErrorString( s.c_str( ) );
605 ret = RES_DB_QUERY_ERROR;
606 }
607 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
608 }else{
609 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
610 ret = RES_ERROR;
611 }
612 return ret;
613 }
614
615 /**
616 *
617 * ?≪?????潟???違????緇?????鐚?/span>
618 *
619 * @param sid ?祉???激?с??D
620 * @return ?≪?????潟????/span>
621 *
622 */
623 int getAccountCount( sessionid_t sid )
624 {
625 if( hdbc == NULL ) return 0;
626 if( !isValidSessionID( sid ) ) return 0;
627
628 int ret = 0;
629 string sql;
630 SQLRETURN sqlcode;
631 SQLHANDLE hstmt = NULL;
632
633 //?≪?????潟???違??羆?????
634 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
635 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
636 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
637 SQLUINTEGER count = 0;
638 SQLINTEGER len;
639 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
640 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
641 ret = count;
642 }else {
643 string s( "SQLFetch in getAccountCount sql=" );
644 s += string( sql );
645 setLastErrorString( s.c_str( ) );
646 ret = 0;
647 }
648 }else{
649 setLastErrorString( "SQLExecDirect in getAccountCount" );
650 ret = 0;
651 }
652 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
653 }else{
654 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
655 ret = 0;
656 }
657 return ret;
658 }
659
660 /**
661 *
662 * ?≪?????潟??????/span>
663 * ?違???若???????????ゃ?????若?倶???宴?????ゃ??茵??????障??鐚?/span>
664 *
665 * @param
666 * @return RES_OK
667 * @return RES_ERROR
668 * @return RES_DB_NOT_INITIALIZED
669 * @return RES_NO_SUCH_SESSION
670 * @return RES_DB_QUERY_ERROR
671 *
672 */
673 result_t deleteAccount( sessionid_t sid, userid_t uid )
674 {
675 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
676 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
677
678 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
679 criteria_t c;
680 string sql;
681 groupid_t* gids;
682 int gidsLen;
683 SQLRETURN sqlcode;
684 SQLHANDLE hstmt = NULL;
685
686 /*
687 1. delete user from default platform group
688 2. delete user profile from xoops_users
689 3. delete platform user from xnpaccount_users
690 */
691
692 //1. delete user from platform groups
693 c.clearAll();
694 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
695 for( int i = 0; i < gidsLen; i++ )
696 deleteMemberNoLimit( sid, gids[ i ], uid );
697 freeGID( gids );
698 }
699
700 //2. delete user profile from xoops_users
701 sql = "DELETE FROM " + dbprefix + "_users ";
702 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
703 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
704 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
705 SQLINTEGER count = 0;
706 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
707 ret1 = RES_OK;
708 }else{
709 string s( "SQLRowCount in deleteAccount" );
710 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
711 s += string( ", sql=" ) + string( sql );
712 setLastErrorString( s.c_str( ) );
713 ret1 = RES_NO_SUCH_USER;
714 }
715 }else{
716 string s( "SQLExecDirect in deleteAccount" );
717 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
718 s += ", sql=";
719 s += string( sql );
720 setLastErrorString( s.c_str( ) );
721 ret1 = RES_DB_QUERY_ERROR;
722 }
723 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
724 }else{
725 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
726 ret1 = RES_ERROR;
727 }
728
729 //3. delete platform user from xnpaccount_users
730 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
731 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
732 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
733 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
734 SQLINTEGER count = 0;
735 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
736 ret2 = RES_OK;
737 }else{
738 string s( "SQLRowCount in deleteAccount" );
739 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
740 s += string( ", sql=" ) + string( sql );
741 setLastErrorString( s.c_str( ) );
742 ret2 = RES_NO_SUCH_USER;
743 }
744 }else{
745 string s( "SQLExecDirect in deleteAccount" );
746 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
747 s += ", sql=";
748 s += string( sql );
749 setLastErrorString( s.c_str( ) );
750 ret2 = RES_DB_QUERY_ERROR;
751 }
752 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
753 }else{
754 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
755 ret2 = RES_ERROR;
756 }
757
758 //筝??鴻?с???????若?????????若??菴???
759 return ret1 != RES_OK ? ret1 : ret2;
760 }
761
762 /**
763 *
764 * ?≪?????潟?????怨??
765 *
766 * @param sid ?祉???激?с??D
767 * @param uid ??緇??????????若?吟??ID
768 * @param acc ??緇??????≪?????潟??????account_t)?????ゃ?潟?帥???吾??莨若??綣???/span>
769 * @return RES_OK
770 * @return RES_DB_NOT_INITIALIZED
771 * @return RES_NO_SUCH_USER
772 * @return RES_NO_SUCH_SESSION
773 * @return RES_DB_QUERY_ERROR
774 *
775 */
776 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
777 {
778 int len;
779 static criteria c;
780 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
781 if( len == 0 ) return RES_NO_SUCH_USER;
782 return res;
783 }
784
785 /**
786 *
787 * ?≪?????潟?????怨??
788 *
789 * @param sid ?祉???激?с??D
790 * @param uids ??緇??????????若?吟??ID??????
791 * @param uidsLen uids???????膣???/span>
792 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
793 * @param accounts 罎?膣∝??????????????ゃ?潟?帥???吾??莨若??綣???/span>
794 * @param accountsLen 罎?膣∝???????????*accounts???膣???
795 * @return RES_OK
796 * @return RES_DB_NOT_INITIALIZED
797 * @return RES_NO_SUCH_SESSION
798 * @return RES_DB_QUERY_ERROR
799 *
800 */
801 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
802 {
803 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
804 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
805 if( uidsLen <= 0 ){
806 *accounts = new account_t[ 0 ];
807 *accountsLen = 0;
808 #ifdef USE_SYSLOG
809 openlog( "commonal", LOG_ODELAY, LOG_USER );
810 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
811 closelog( );
812 #endif
813 return RES_OK;
814 }
815
816 #ifdef USE_SYSLOG
817 openlog( "commonal", LOG_ODELAY, LOG_USER );
818 syslog( LOG_DEBUG, "begin of getAccounts" );
819 #endif
820 result_t ret = RES_ERROR;
821 SQLRETURN sqlcode;
822 SQLHANDLE hstmt = NULL;
823 string sql;
824 account_t* dst = new account_t[ uidsLen ];
825
826 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since ";
827 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
828 sql += "WHERE u1.uid = u2.uid ";
829 if( uidsLen > 0 ){
830 #ifdef USE_SYSLOG
831 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
832 #endif
833 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
834 for( int i = 1; i < uidsLen; i++ ){
835 #ifdef USE_SYSLOG
836 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
837 #endif
838 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
839 }
840 sql += " ) ";
841 }
842 sql += criteria2str( cri );
843 #ifdef USE_SYSLOG
844 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
845 #endif
846
847 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
848 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
849 SQLINTEGER len;
850 userid_t uid = 0;
851 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
852 *accountsLen=0;
853 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
854 dst[ i ].setUID( uid );
855 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
856 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
857 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
858 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
859 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
860 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
861 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
862 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
863 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
864 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
865 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
866 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
867 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
868 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
869 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
870 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
871 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
872 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
873 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
874 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
875 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
876 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
877 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
878 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
879 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
880 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
881 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
882 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
883 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
884 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
885 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
886 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
887 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
888 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
889 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
890 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
891 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
892 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
893 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
894 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
895 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
896 #ifdef USE_SYSLOG
897 syslog( LOG_DEBUG, "set to account_t %d", i );
898 #endif
899 ( *accountsLen )++;
900 }
901 *accounts = dst;
902 #ifdef USE_SYSLOG
903 syslog( LOG_DEBUG, "getAccounts succeed" );
904 #endif
905 ret = RES_OK;
906 }else{
907 string s( "SQLExecDirect in getAccounts" );
908 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
909 s += string( ", sql=" ) + string( sql );
910 setLastErrorString( s.c_str( ) );
911 #ifdef USE_SYSLOG
912 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
913 #endif
914 ret = RES_DB_QUERY_ERROR;
915 }
916 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
917 }else{
918 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
919 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
920 setLastErrorString( s.c_str( ) );
921 #ifdef USE_SYSLOG
922 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
923 #endif
924 ret = RES_DB_QUERY_ERROR;
925 }
926 #ifdef USE_SYSLOG
927 closelog( );
928 #endif
929 return ret;
930 }
931
932 /**
933 *
934 * ?≪?????潟???脂??
935 *
936 * ???若?倶???宴?????若?帥???若?鴻???脂?蚊???障??鐚?/span>
937 * ?脂?蚊???????若?倶???宴???綽????????若??D??uid???主????障??鐚?/span>
938 *
939 * @param sid ?祉???激?с??/span>
940 * @param account ?脂?蚊?????≪?????潟??????/span>
941 * @param uid ?脂?蚊?????≪?????潟?????宴???綽????????若??D
942 * @return RES_OK
943 * @return RES_NO_SUCH_SESSION
944 * @return RES_DB_QUERY_ERROR
945 * @return RES_DB_NOT_INITIALIZED
946 *
947 */
948 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
949 {
950 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
951 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
952
953 string sql;
954 string tmp;
955 char buf[ 12 ];
956 SQLRETURN sqlcode;
957 result_t ret = RES_ERROR;
958
959 /*
960 1. insert user profile into xoops_users
961 2. insert platform user profile into xnpaccount_users
962 3. add user to default platform group
963 */
964
965 //1.xoops?????若?吟???若???????吾??莨若??
966 SQLCHAR uname[ACCOUNT_UNAME_LEN], name[ACCOUNT_NAME_LEN], email[ACCOUNT_EMAIL_LEN], url[ACCOUNT_URL_LEN], user_avatar[ACCOUNT_USER_AVATAR_LEN], user_icq[ACCOUNT_USER_ICQ_LEN], user_from[ACCOUNT_USER_FROM_LEN], user_sig[ACCOUNT_USER_SIG_LEN], actkey[ACCOUNT_ACTKEY_LEN], user_aim[ACCOUNT_USER_AIM_LEN], user_yim[ACCOUNT_USER_YIM_LEN], user_msnm[ACCOUNT_USER_MSNM_LEN], pass[ACCOUNT_PASS_LEN], theme[ACCOUNT_THEME_LEN], umode[ACCOUNT_UMODE_LEN], user_occ[ACCOUNT_USER_OCC_LEN], bio[ACCOUNT_BIO_LEN], user_intrest[ACCOUNT_USER_INTREST_LEN];
967 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
968 SQLDOUBLE timezone_offset;
969
970 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
971 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
972
973 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
974 string sql;
975 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
976 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
977 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
978 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
979 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
980 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
981 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
982 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
983 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
984 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
985 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
986 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
987 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
988 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
989 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
990 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
991 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
992 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
993 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
994 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
995 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
996 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
997 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
998 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
999 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1000 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1001 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1002 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1003 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1004 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1005 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1006 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1007 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1008
1009 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1010 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1011 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1012 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1013 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1014 user_regdate = time( NULL );
1015 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1016 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1017 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1018 user_viewemail = account -> getUserViewemail( );
1019 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1020 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1021 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1022 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1023 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1024 posts = account -> getPosts( );
1025 attachsig = account -> getAttachsig( );
1026 rank = account -> getRank( );
1027 level = account -> getLevel( );
1028 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1029 timezone_offset = account -> getTimezoneOffset( );
1030 last_login = 0;
1031 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1032 uorder = account -> getUorder( );
1033 notify_method = account -> getNotifyMethod( );
1034 notify_mode = account -> getNotifyMode( );
1035 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1036 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1037 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1038 user_mailok = account -> getUserMailok( );
1039
1040 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1041 SQLINTEGER count = 0;
1042 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1043 //???若??D????緇?????
1044 SQLHANDLE hstmt2 = NULL;
1045 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1046 sql = "SELECT LAST_INSERT_ID()"; // MySQL
1047 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
1048 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1049 SQLUINTEGER last_insert_id;
1050 SQLINTEGER len;
1051 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
1052 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
1053 *uid = last_insert_id;
1054 ret = RES_OK;
1055 }else{
1056 ret = RES_DB_QUERY_ERROR;
1057 string s( "SQLFetch in insertAccount " );
1058 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1059 setLastErrorString( s.c_str( ) );
1060 }
1061 }else{
1062 string s( "SQLExecDirect in insertAccount " );
1063 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1064 setLastErrorString( s.c_str( ) );
1065 ret = RES_DB_QUERY_ERROR;
1066 }
1067 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1068 }
1069 }else{
1070 string s( "SQLRowCount in insertAccount sql=" );
1071 s += string( sql );
1072 setLastErrorString( s.c_str( ) );
1073 ret = RES_DB_QUERY_ERROR;
1074 }
1075 }else{
1076 string s( "SQLExecute in insertAccount " );
1077 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1078 setLastErrorString( s.c_str( ) );
1079 ret = RES_DB_QUERY_ERROR;
1080 }
1081 }else{
1082 string s( "SQLPrepare in insertAccount " );
1083 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1084 setLastErrorString( s.c_str( ) );
1085 ret = RES_ERROR;
1086 }
1087 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1088 }else{
1089 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1090 ret = RES_ERROR;
1091 }
1092
1093 if( ret == RES_OK ){
1094 //2.xnpaccount?????若?吟???若??????????????宴???吾??莨若??
1095 SQLUINTEGER activate;
1096 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1097 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1098 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1099 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1100 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1101 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1102 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1103 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1104 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1105 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1106 SQLUINTEGER notice_mail;
1107 SQLUINTEGER notice_mail_since;
1108 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1109 string sql;
1110 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1111 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1112 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1113 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1114 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1115 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1116 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1117 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1118 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1119 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1120 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1121 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1122 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1123 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1124 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1125
1126 activate = account -> getActivate() ? 1 : 0;
1127 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1128 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1129 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1130 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1131 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1132 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1133 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1134 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1135 notice_mail = account -> getNoticeMail( );
1136 notice_mail_since = account -> getNoticeMailSince( );
1137
1138 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1139 SQLINTEGER count = 0;
1140 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1141 ret = RES_OK;
1142 if( ret == RES_OK ){
1143 //3.add new user to default group(not a group admin)
1144 ret = insertMember( sid, DEFAULT_PLATFORM_GROUP_ID, *uid, false );
1145 }else{
1146 //xoops_users??nsert???????潟?若???????ゃ????
1147 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1148 sql += unsignedIntToString( *uid );
1149 SQLHANDLE hstmt2 = NULL;
1150 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1151 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1152 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1153 }
1154 setLastErrorString( "insertMember in insertAccount" );
1155 ret = RES_DB_QUERY_ERROR;
1156 }
1157 }else{
1158 string s( "SQLRowCount in insertAccount sql=" );
1159 s += string( sql );
1160 setLastErrorString( s.c_str( ) );
1161 ret = RES_DB_QUERY_ERROR;
1162 }
1163 }else{
1164 string s( "SQLExecute in insertAccount " );
1165 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1166 setLastErrorString( s.c_str( ) );
1167 ret = RES_DB_QUERY_ERROR;
1168 }
1169 }else{
1170 //xoops_users??nsert???????潟?若???????ゃ????
1171 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1172 sql += unsignedIntToString( *uid );
1173 SQLHANDLE hstmt2 = NULL;
1174 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1175 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1176 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1177 }
1178 string s( "SQLExecDirect in insertAccount sql=" );
1179 s += string( sql );
1180 setLastErrorString( s.c_str( ) );
1181 ret = RES_DB_QUERY_ERROR;
1182 }
1183 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1184 }else{
1185 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1186 ret = RES_ERROR;
1187 }
1188 }
1189 return ret;
1190 }
1191
1192 /**
1193 *
1194 * ?≪?????潟?????宴??紊??眼????.
1195 *
1196 *
1197 * @param sid ?祉???激?с??D
1198 * @param account 紊??眼???????≪?????潟??????/span>
1199 * @return RES_OK
1200 * @return RES_DB_NOT_INITIALIZED
1201 * @return RES_NO_SUCH_SESSION
1202 * @return RES_DB_QUERY_ERROR
1203 * @return RES_NO_SUCH_USER
1204 * @return RES_ERROR
1205 *
1206 */
1207 result_t updateAccount( sessionid_t sid, const account_t* account )
1208 {
1209 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1210 if( account == NULL ) return RES_ERROR;
1211 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1212 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1213 SQLRETURN sqlcode;
1214 result_t ret = RES_ERROR;
1215
1216 //xoops?????若?吟???若???????吾??莨若??
1217 SQLCHAR uname[ACCOUNT_UNAME_LEN], name[ACCOUNT_NAME_LEN], email[ACCOUNT_EMAIL_LEN], url[ACCOUNT_URL_LEN], user_avatar[ACCOUNT_USER_AVATAR_LEN], user_icq[ACCOUNT_USER_ICQ_LEN], user_from[ACCOUNT_USER_FROM_LEN], user_sig[ACCOUNT_USER_SIG_LEN], actkey[ACCOUNT_ACTKEY_LEN], user_aim[ACCOUNT_USER_AIM_LEN], user_yim[ACCOUNT_USER_YIM_LEN], user_msnm[ACCOUNT_USER_MSNM_LEN], pass[ACCOUNT_PASS_LEN], theme[ACCOUNT_THEME_LEN], umode[ACCOUNT_UMODE_LEN], user_occ[ACCOUNT_USER_OCC_LEN], bio[ACCOUNT_BIO_LEN], user_intrest[ACCOUNT_USER_INTREST_LEN];
1218 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1219 SQLDOUBLE timezone_offset;
1220
1221 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1222 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode, cbUser_mailok = 0, cbTimezone_offset = 0;
1223
1224 SQLUINTEGER activate;
1225 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1226 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1227 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1228 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1229 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1230 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1231 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1232 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1233 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1234 SQLUINTEGER notice_mail;
1235 SQLUINTEGER notice_mail_since;
1236 SQLINTEGER len = 0;
1237
1238 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1239 string sql;
1240
1241 sql = "UPDATE " + dbprefix + "_users SET ";
1242 sql += "uname=?, ";
1243 sql += "name=?, ";
1244 sql += "email=?, ";
1245 sql += "url=?, ";
1246 sql += "user_avatar=?, ";
1247 sql += "user_regdate=?, ";
1248 sql += "user_icq=?, ";
1249 sql += "user_from=?, ";
1250 sql += "user_sig=?, ";
1251 sql += "user_viewemail=?, ";
1252 sql += "actkey=?, ";
1253 sql += "user_aim=?, ";
1254 sql += "user_yim=?, ";
1255 sql += "user_msnm=?, ";
1256 sql += "pass=?, ";
1257 sql += "posts=?, ";
1258 sql += "attachsig=?, ";
1259 sql += "rank=?, ";
1260 sql += "level=?, ";
1261 sql += "theme=?, ";
1262 sql += "timezone_offset=?, ";
1263 sql += "last_login=?, ";
1264 sql += "umode=?, ";
1265 sql += "uorder=?, ";
1266 sql += "notify_method=?, ";
1267 sql += "notify_mode=?, ";
1268 sql += "user_occ=?, ";
1269 sql += "bio=?, ";
1270 sql += "user_intrest=?, ";
1271 sql += "user_mailok=? ";
1272 sql += " WHERE uid = ?";
1273
1274 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1275 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1276 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1277 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1278 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1279 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1280 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1281 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1282 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1283 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1284 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1285 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1286 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1287 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1288 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1289 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1290 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1291 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1292 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1293 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1294 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1295 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1296 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1297 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1298 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1299 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1300 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1301 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1302 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1303 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1304 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1305 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1306 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1307
1308 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1309 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1310 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1311 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1312 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1313 user_regdate = time( NULL );
1314 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1315 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1316 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1317 user_viewemail = account -> getUserViewemail( );
1318 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1319 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1320 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1321 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1322 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1323 posts = account -> getPosts( );
1324 attachsig = account -> getAttachsig( );
1325 rank = account -> getRank( );
1326 level = account -> getLevel( );
1327 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1328 timezone_offset = account -> getTimezoneOffset( );
1329 last_login = 0;
1330 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1331 uorder = account -> getUorder( );
1332 notify_method = account -> getNotifyMethod( );
1333 notify_mode = account -> getNotifyMode( );
1334 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1335 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1336 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1337 user_mailok = account -> getUserMailok( );
1338 uid = account -> getUID( );
1339
1340 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1341 SQLINTEGER count = 0;
1342 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1343 ret = RES_OK;
1344 }else{
1345 string s( "SQLRowCount in updateAccount sql=" );
1346 s += string( sql );
1347 setLastErrorString( s.c_str( ) );
1348 ret = RES_DB_QUERY_ERROR;
1349 }
1350 }else{
1351 string s( "SQLExecute in updateAccount " );
1352 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1353 setLastErrorString( s.c_str( ) );
1354 ret = RES_DB_QUERY_ERROR;
1355 }
1356 }else{
1357 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1358 ret = RES_ERROR;
1359 }
1360 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1361 }else{
1362 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1363 ret = RES_ERROR;
1364 }
1365
1366 //xnpaccount?????若?吟???若??????????????宴??筝??吾??????
1367 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1368 string sql;
1369
1370 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1371 sql += "activate=?, ";
1372 sql += "address=?, ";
1373 sql += "division=?, ";
1374 sql += "tel=?, ";
1375 sql += "company_name=?, ";
1376 sql += "country=?, ";
1377 sql += "zipcode=?, ";
1378 sql += "fax=?, ";
1379 sql += "base_url=?, ";
1380 sql += "notice_mail=?, ";
1381 sql += "notice_mail_since=? ";
1382 sql += "WHERE uid=?";
1383
1384 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1385 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1386 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &len);
1387 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1388 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1389 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1390 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1391 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1392 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1393 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1394 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1395 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &len);
1396 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &len);
1397 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1398
1399 activate = account -> getActivate() ? 1 : 0;
1400 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1401 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1402 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1403 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1404 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1405 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1406 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1407 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1408 notice_mail = account -> getNoticeMail( );
1409 notice_mail_since = account -> getNoticeMailSince( );
1410 uid = account -> getUID( );
1411
1412 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1413 SQLINTEGER count = 0;
1414 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1415 ret = RES_OK;
1416 }else{
1417 string s( "SQLRowCount in updateAccount sql=" );
1418 s += string( sql );
1419 setLastErrorString( s.c_str( ) );
1420 ret = RES_DB_QUERY_ERROR;
1421 }
1422 }else{
1423 string s( "SQLExecute in updateAccount " );
1424 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1425 setLastErrorString( s.c_str( ) );
1426 ret = RES_DB_QUERY_ERROR;
1427 }
1428 }else{
1429 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1430 ret = RES_ERROR;
1431 }
1432 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1433 }else{
1434 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1435 ret = RES_ERROR;
1436 }
1437 return ret;
1438 }
1439
1440 /**
1441 *
1442 * criteria_t?ф??絎???????膀??蚊?????若??D??菴???.
1443 * ???若??D????????腆坂????????????吾??莨若?随????????≪?????鴻??*uids???吾??莨若??.
1444 * ???????泣?ゃ?冴??*uidsLen???吾??莨若??
1445 *
1446 * @param sid ?祉???激?с??D
1447 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1448 * @param uids ???若?吟??ID?????????阪????
1449 * @param uidsLen uids???????膣??違???阪????
1450 * @return RES_OK
1451 * @return RES_DB_NOT_INITIALIZED
1452 * @return RES_NO_SUCH_SESSION
1453 * @return RES_DB_QUERY_ERROR
1454 *
1455 */
1456 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1457 {
1458 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1459 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1460
1461 #ifdef USE_SYSLOG
1462 openlog( "commonal", LOG_ODELAY, LOG_USER );
1463 #endif
1464
1465 result_t ret = RES_ERROR;
1466 userid_t* dst = 0;
1467 string sql;
1468 SQLRETURN sqlcode;
1469 SQLINTEGER count = 0;
1470
1471
1472 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1473 sql += criteria2str( cri );
1474 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1475 *uidsLen = count;
1476 dst = new userid_t[ *uidsLen ];
1477 *uids = dst;
1478 }else{
1479 return RES_ERROR;
1480 }
1481 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1482 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1483 userid_t uid;
1484 SQLINTEGER len = 0;
1485 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1486
1487 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1488 dst[ i ] = uid;
1489 }
1490
1491 #ifdef USE_SYSLOG
1492 syslog( LOG_DEBUG, "dumpUids succeed" );
1493 #endif
1494 ret = RES_OK;
1495 }else{
1496 string s( "SQLExecDirect in dumpUids " );
1497 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1498 s += "sql=";
1499 s += string( sql );
1500 setLastErrorString( s.c_str( ) );
1501 #ifdef USE_SYSLOG
1502 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1503 #endif
1504 ret = RES_DB_QUERY_ERROR;
1505 }
1506 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1507 }else{
1508 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1509 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1510 setLastErrorString( s.c_str( ) );
1511 #ifdef USE_SYSLOG
1512 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1513 #endif
1514 ret = RES_DB_QUERY_ERROR;
1515 }
1516 return ret;
1517 }
1518
1519 /**
1520 *
1521 * ?違???若???違??菴???.
1522 * 筝?罩c???祉???激?с??D????0??菴???.
1523 *
1524 * @param sid ?祉???激?с??D
1525 * @return ?違???若????/span>
1526 *
1527 */
1528 int getGroupCount( sessionid_t sid )
1529 {
1530 if( hdbc == NULL ) return 0;
1531 if( !isValidSessionID( sid ) ) return 0;
1532
1533 SQLRETURN sqlcode;
1534 SQLHANDLE hstmt = NULL;
1535 string sql;
1536 int ret = 0;
1537
1538 //?違???若???違??羆?????
1539 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1540 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1541 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1542 SQLUINTEGER count = 0;
1543 SQLINTEGER len;
1544 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1545 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1546 ret = count;
1547 }else {
1548 string s( "SQLFetch in getGroupCount sql=" );
1549 s += string( sql );
1550 setLastErrorString( s.c_str( ) );
1551 ret = 0;
1552 }
1553 }else{
1554 setLastErrorString( "SQLExecDirect in getGroupCount" );
1555 ret = 0;
1556 }
1557 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1558 }else{
1559 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1560 ret = 0;
1561 }
1562 return ret;
1563 }
1564
1565 /**
1566 *
1567 * ??絮??違???若??筝?荀у??.
1568 * ???若?吟????絮??????????違???若????D????緇?????
1569 *
1570 * @param sid ?祉???激?с??D
1571 * @param uid ???若?吟??ID
1572 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1573 * @param gids ?違???若??ID?????????阪????
1574 * @param gidsLen gids???????膣??違???阪????
1575 * @return RES_DB_NOT_INITIALIZED
1576 * @return RES_NO_SUCH_SESSION
1577 * @return RES_NO_SUCH_USER
1578 * @return RES_DB_QUERY_ERROR
1579 * @return RES_OK
1580 *
1581 */
1582 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1583 {
1584 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1585 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1586 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1587
1588 result_t ret = RES_ERROR;
1589 string sql;
1590 SQLRETURN sqlcode;
1591 SQLHANDLE hstmt = NULL;
1592 SQLINTEGER count = 0;
1593 groupid_t* dst = 0;
1594 int len = 0;
1595
1596 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1597 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1598 sql += criteria2str( cri );
1599 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1600 *gidsLen = count;
1601 dst = new groupid_t[ *gidsLen ];
1602 *gids = dst;
1603 }else{
1604 return RES_ERROR;
1605 }
1606
1607 //??絮??????違???若??????紊у???違??羆?????
1608 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1609 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1610 if( count > 0 ){
1611 SQLHANDLE hstmt2 = NULL;
1612 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1613 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1614 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1615 sql += criteria2str( cri );
1616 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1617 SQLINTEGER len;
1618 groupid_t gid = 0;
1619 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1620 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1621 dst[ i ] = gid;
1622 }
1623 ret = RES_OK;
1624 }else{
1625 string s( "SQLExecDirect in getGroupsByUid " );
1626 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1627 s += string( ", sql=" ) + string( sql );
1628 ret = RES_DB_QUERY_ERROR;
1629 }
1630 }else{
1631 string s( "SQLAllocHandle in getGroupsByUid " );
1632 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1633 ret = RES_DB_QUERY_ERROR;
1634 }
1635 }else{
1636 ret = RES_OK;
1637 }
1638 }else{
1639 string s( "SQLExecDirect in getGroupsByUid " );
1640 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1641 s += string( ", sql=" ) + string( sql );
1642 ret = RES_DB_QUERY_ERROR;
1643 }
1644 }else{
1645 string s( "SQLAllocHandle in getGroupsByUid " );
1646 setLastErrorString( s.c_str( ) );
1647 ret = RES_DB_QUERY_ERROR;
1648 }
1649 return ret;
1650 }
1651
1652 /**
1653 *
1654 * ?違???若??膊∞??罔????????.
1655 * ???若?吟?????若???????罔???????????(?違???若??膊∞?????с??????)????????????.
1656 * ???若?吟???違???若????絖????????????????医幻???翫??鐚?false??菴???.
1657 *
1658 * @param sid ?祉???激?с??D
1659 * @param gid ?違???若????ID
1660 * @param uid ???若?吟??ID
1661 * @return true 膊∞??罔???????
1662 * @return false 膊∞??罔???????鐚??障???????/span>
1663 *
1664 */
1665 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1666 {
1667 if( hdbc == NULL ) return false;
1668 if( !isValidSessionID( sid ) ) return false;
1669 if( !uidExists( uid ) ) return false;
1670 if( !gidExists( gid ) ) return false;
1671
1672 bool ret = false;
1673 string sql;
1674 SQLRETURN sqlcode;
1675 SQLINTEGER count = 0;
1676
1677 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1678 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1679 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1680 sql += " AND is_admin=1";
1681 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1682 if( count > 0 ){
1683 ret = true;
1684 }else{
1685 ret = false;
1686 }
1687 }else{
1688 ret = false;
1689 }
1690 return ret;
1691 }
1692
1693 /**
1694 *
1695 * ?違???若??ID筝?荀?
1696 * ?脂?蚊???????????違???若????D筝?荀с????緇?????.
1697 *
1698 * @param sid ?祉???激?с??D
1699 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1700 * @param gids ?違???若??ID?????????阪????
1701 * @param gidsLen gids???????膣??違???阪????
1702 * @return RES_DB_NOT_INITIALIZED
1703 * @return RES_NO_SUCH_SESSION
1704 * @return RES_DB_QUERY_ERROR
1705 * @return RES_OK
1706 *
1707 */
1708 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1709 {
1710 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1711 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1712
1713 result_t ret = RES_ERROR;
1714 groupid_t* dst = 0;
1715 string sql;
1716 SQLRETURN sqlcode;
1717 SQLINTEGER count = 0;
1718
1719 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
1720 sql += criteria2str( cri );
1721 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1722 *gidsLen = count;
1723 dst = new groupid_t[ *gidsLen ];
1724 *gids = dst;
1725 }else{
1726 return RES_ERROR;
1727 }
1728
1729 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1730 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1731 groupid_t gid;
1732 SQLINTEGER len = 0;
1733 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1734 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1735 dst[ i ] = gid;
1736 }
1737
1738 ret = RES_OK;
1739 }else{
1740 string s( "SQLExecDirect in dumpGids " );
1741 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1742 s += "sql=";
1743 s += string( sql );
1744 setLastErrorString( s.c_str( ) );
1745 ret = RES_DB_QUERY_ERROR;
1746 }
1747 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1748 }
1749 return ret;
1750 }
1751
1752 /**
1753 *
1754 * ?違???若??膊∞????ID????緇?????.
1755 * ?????違???若??????????????若??D????緇?????.
1756 *
1757 * @param sid ?祉???激?с??D
1758 * @param gid ???????????違???若????ID?ф??絎?????
1759 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1760 * @param uids 膊∞??????ID???????????????????ゃ?潟??/span>
1761 * @param uidsLen uids???????膣???/span>
1762 * @return RES_OK
1763 * @return RES_DB_NOT_INITIALIZED
1764 * @return RES_NO_SUCH_SESSION
1765 * @return RES_DB_QUERY_ERROR
1766 * @return RES_ERROR
1767 *
1768 */
1769 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
1770 {
1771 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1772 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1773
1774 result_t ret = RES_ERROR;
1775 groupid_t* dst = 0;
1776 string sql;
1777 SQLRETURN sqlcode;
1778 SQLINTEGER count = 0;
1779
1780 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1781 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
1782 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1783 *uidsLen = count;
1784 *uids = new groupid_t[ *uidsLen ];
1785 }else{
1786 return RES_ERROR;
1787 }
1788 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1789 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1790 userid_t uid;
1791 SQLINTEGER len = 0;
1792 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1793 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1794 (*uids)[ i ] = uid;
1795 }
1796 ret = RES_OK;
1797 }else{
1798 string s( "SQLExecDirect in dumpGroupAdmins " );
1799 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1800 s += "sql=";
1801 s += string( sql );
1802 setLastErrorString( s.c_str( ) );
1803 ret = RES_DB_QUERY_ERROR;
1804 }
1805 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1806 }
1807 return ret;
1808 }
1809
1810 /**
1811 *
1812 * ?違???若????絮????若?九????
1813 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
1814 * ???????????違???若???????????ゃ?с??????
1815 *
1816 * @param sid ?祉???激?с??D
1817 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
1818 * @param uid ???ゅ?莟<?????若?吟??D
1819 * @return RES_DB_NOT_INITIALIZED
1820 * @return RES_NO_SUCH_SESSION
1821 * @return RES_NO_SUCH_USER
1822 * @return RES_NO_SUCH_GROUP
1823 * @return RES_DB_QUERY_ERROR
1824 * @return RES_OK
1825 * @return RES_ERROR
1826 *
1827 */
1828 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
1829 {
1830 if( gid == DEFAULT_PLATFORM_GROUP_ID ) return RES_ERROR;
1831 return deleteMemberNoLimit( sid, gid, uid );
1832 }
1833
1834 /**
1835 *
1836 * ?違???若????絮????若?九????
1837 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
1838 * ???????????違???若???????????ゃ?с?????鴻??鐚?deleteMember???違????
1839 *
1840 * @param sid ?祉???激?с??D
1841 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
1842 * @param uid ???ゅ?莟<?????若?吟??D
1843 * @return RES_DB_NOT_INITIALIZED
1844 * @return RES_NO_SUCH_SESSION
1845 * @return RES_NO_SUCH_USER
1846 * @return RES_NO_SUCH_GROUP
1847 * @return RES_DB_QUERY_ERROR
1848 * @return RES_OK
1849 * @return RES_ERROR
1850 *
1851 */
1852 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
1853 {
1854 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1855 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1856 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1857 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
1858
1859 result_t ret = RES_ERROR;
1860 string sql;
1861 SQLRETURN sqlcode;
1862 SQLHANDLE hstmt = NULL;
1863
1864 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1865 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1866 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1867 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1868 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1869 SQLINTEGER count = 0;
1870 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1871 ret = RES_OK;
1872 }else{
1873 string s( "SQLRowCount in deleteMember" );
1874 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1875 s += string( ", sql=" ) + string( sql );
1876 setLastErrorString( s.c_str( ) );
1877 ret = RES_NO_SUCH_USER;
1878 }
1879 }else{
1880 string s( "SQLExecDirect in deleteMember" );
1881 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1882 s += ", sql=";
1883 s += string( sql );
1884 setLastErrorString( s.c_str( ) );
1885 ret = RES_DB_QUERY_ERROR;
1886 }
1887 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1888 }else{
1889 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
1890 ret = RES_ERROR;
1891 }
1892 return ret;
1893 }
1894
1895 /**
1896 *
1897 * ?違???若????絮????若?区申??.
1898 * ?違???若?????<?潟???若?????若?吟??菴遵??????.
1899 *
1900 * @param sid ?祉???激?с??D
1901 * @param gid ??絮????違???若????D
1902 * @param uid ??絮??????????若?吟??D
1903 * @param admin 膊∞????罔?????筝?????????true
1904 * @return RES_OK
1905 * @return RES_DB_NOT_INITIALIZED
1906 * @return RES_NO_SUCH_SESSION
1907 * @return RES_NO_SUCH_USER
1908 * @return RES_NO_SUCH_GROUP
1909 * @return RES_DB_QUERY_ERROR
1910 *
1911 */
1912 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
1913 {
1914 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1915 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1916 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1917 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
1918
1919 result_t ret = RES_ERROR;
1920 string sql;
1921 SQLRETURN sqlcode;
1922
1923 //?<?潟???若??菴遵??
1924 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1925 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
1926 sql += string( unsignedIntToString( gid ) ) + ", ";
1927 sql += string( unsignedIntToString( uid ) ) + ", ";
1928 sql += string( admin ? "1" : "0" ) + ") ";
1929 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1930 SQLINTEGER count = 0;
1931 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1932 ret = RES_OK;
1933 }else{
1934 string s( "SQLRowCount in insertMember " );
1935 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1936 s += string( ", sql=" ) + string( sql );
1937 setLastErrorString( s.c_str( ) );
1938 ret = RES_DB_QUERY_ERROR;
1939 }
1940 }else{
1941 string s( "SQLExecDirect in insertMember " );
1942 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1943 s += string( ", sql=" ) + string( sql );
1944 setLastErrorString( s.c_str( ) );
1945 ret = RES_DB_QUERY_ERROR;
1946 }
1947 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1948 }else{
1949 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
1950 ret = RES_DB_QUERY_ERROR;
1951 }
1952 return ret;
1953 }
1954
1955 /**
1956 *
1957 * ?違???若????絮????若?九??.
1958 * ?????違???若??????絮????????????若?吟?????若??D????緇?????
1959 *
1960 * @param sid ?祉???激?с??D
1961 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
1962 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1963 * @param uids ??絮????若?吟??ID???????????????????ゃ?潟??/span>
1964 * @param uidsLen uids???????膣???/span>
1965 * @return RES_OK
1966 * @return RES_DB_NOT_INITIALIZED
1967 * @return RES_NO_SUCH_SESSION
1968 * @return RES_NO_SUCH_GROUP
1969 * @return RES_DB_QUERY_ERROR
1970 * @return RES_ERROR
1971 *
1972 */
1973 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
1974 {
1975 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1976 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1977 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
1978
1979 result_t ret = RES_ERROR;
1980 string sql;
1981 SQLRETURN sqlcode;
1982 SQLHANDLE hstmt = NULL;
1983 userid_t* dst = 0;
1984
1985 //how many members ?
1986 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1987 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
1988 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1989 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1990 SQLUINTEGER count = 0;
1991 SQLINTEGER len;
1992 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1993 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1994 dst = new userid_t[ count ];
1995 *uids = dst;
1996 *uidsLen = count;
1997 if( count > 0 ){
1998 //retrive member's IDs
1999 SQLHANDLE hstmt2 = NULL;
2000 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2001 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2002 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2003 sql += " " + string( criteria2str( cri ) );
2004 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2005 SQLUINTEGER uid = 0;
2006 SQLINTEGER len;
2007 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2008 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2009 dst[ i ] = uid;
2010 }
2011 ret = RES_OK;
2012 }else{
2013 setLastErrorString( "SQLExecDirect in getMembers" );
2014 ret = RES_DB_QUERY_ERROR;
2015 }
2016 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2017 }else{
2018 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2019 ret = RES_DB_QUERY_ERROR;
2020 }
2021 }else{
2022 ret = RES_OK;
2023 }
2024 }else{
2025 string s( "SQLFetch in getMembers sql=" );
2026 s += string( sql );
2027 setLastErrorString( s.c_str( ) );
2028 ret = RES_DB_QUERY_ERROR;
2029 }
2030 }else{
2031 setLastErrorString( "SQLExecDirect in getMembers" );
2032 ret = RES_DB_QUERY_ERROR;
2033 }
2034 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2035 }else{
2036 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2037 ret = RES_DB_QUERY_ERROR;
2038 }
2039 return ret;
2040 }
2041
2042 /**
2043 *
2044 * ?違???若????????
2045 * ???若?帥???若?鴻?????違???若???????ゃ???障??.
2046 *
2047 * @param sid ?祉???激?с??D
2048 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2049 * @return RES_OK
2050 * @return RES_DB_QUERY_ERROR
2051 * @return RES_NO_SUCH_SESSION
2052 * @return RES_DB_NOT_INITIALIZED
2053 *
2054 */
2055 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2056 {
2057 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2058 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2059
2060 result_t ret = RES_ERROR;
2061 string sql;
2062 SQLRETURN sqlcode;
2063 SQLHANDLE hstmt = NULL;
2064
2065 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2066 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2067 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2068 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2069 SQLINTEGER count = 0;
2070 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2071 ret = RES_OK;
2072 }else{
2073 string s( "SQLRowCount in deleteGroup" );
2074 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2075 s += string( ", sql=" ) + string( sql );
2076 setLastErrorString( s.c_str( ) );
2077 ret = RES_NO_SUCH_USER;
2078 }
2079 }else{
2080 string s( "SQLExecDirect in deleteGroup" );
2081 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2082 s += ", sql=";
2083 s += string( sql );
2084 setLastErrorString( s.c_str( ) );
2085 ret = RES_DB_QUERY_ERROR;
2086 }
2087 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2088 }else{
2089 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2090 ret = RES_ERROR;
2091 }
2092 return ret;
2093 }
2094
2095 /**
2096 *
2097 * ?違???若???脂??
2098 * ?違???若???????宴?????若?帥???若?鴻????蚊????鐚?/span>
2099 * ?脂?蚊?????違???若?????綽??????違???若??ID??gid???主?????鐚?/span>
2100 *
2101 * @param sid ?祉???激?с??D
2102 * @param group ?脂?蚊???????違???若????????/span>
2103 * @param gid ?脂?蚊?????違???若?????綽??????違???若??ID
2104 * @return RES_OK
2105 * @return RES_DB_NOT_INITIALIZED
2106 * @return RES_NO_SUCH_SESSION
2107 * @return RES_DB_QUERY_ERROR
2108 *
2109 */
2110 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2111 {
2112 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2113 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2114
2115 result_t ret = RES_ERROR;
2116 string sql;
2117 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2118 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2119 SQLRETURN sqlcode;
2120
2121 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2122 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2123 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2124 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2125 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2126 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2127 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2128 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2129 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2130 SQLINTEGER count = 0;
2131 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2132 //?違???若??ID????緇?????
2133 SQLHANDLE hstmt2 = NULL;
2134 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2135 sql = "SELECT LAST_INSERT_ID()"; // MySQL
2136 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
2137 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2138 SQLUINTEGER last_insert_id;
2139 SQLINTEGER len;
2140 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
2141 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
2142 *gid = last_insert_id;
2143 ret = RES_OK;
2144 }else{
2145 ret = RES_DB_QUERY_ERROR;
2146 string s( "SQLFetch in insertGroup " );
2147 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2148 setLastErrorString( s.c_str( ) );
2149 }
2150 }else{
2151 string s( "SQLExecDirect in insertGroup " );
2152 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2153 setLastErrorString( s.c_str( ) );
2154 ret = RES_DB_QUERY_ERROR;
2155 }
2156 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2157 }
2158 }else{
2159 string s( "SQLRowCount in insertGroup sql=" );
2160 s += string( sql );
2161 setLastErrorString( s.c_str( ) );
2162 ret = RES_DB_QUERY_ERROR;
2163 }
2164 }else{
2165 string s( "SQLExecute in insertGroup " );
2166 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2167 setLastErrorString( s.c_str( ) );
2168 ret = RES_DB_QUERY_ERROR;
2169 }
2170 }else{
2171 string s( "SQLPrepare in insertGroup " );
2172 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2173 setLastErrorString( s.c_str( ) );
2174 ret = RES_ERROR;
2175 }
2176 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2177 }else{
2178 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2179 ret = RES_ERROR;
2180 }
2181 return ret;
2182 }
2183
2184 /**
2185 *
2186 * ?違???若?????宴??紊??眼????
2187 *
2188 * @param sid ?祉???激?с??D
2189 * @param group ?違?????違???若??????/span>
2190 * @return RES_OK
2191 * @return RES_ERROR
2192 * @return RES_DB_NOT_INITIALIZED
2193 * @return RES_NO_SUCH_SESSION
2194 * @return RES_NO_SUCH_GROUP
2195 * @return RES_DB_QUERY_ERROR
2196 *
2197 */
2198 result_t updateGroup( sessionid_t sid, const group_t* group )
2199 {
2200 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2201 if( group == NULL ) return RES_ERROR;
2202 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2203 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2204
2205 result_t ret = RES_ERROR;
2206 string sql;
2207 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2208 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2209 SQLRETURN sqlcode;
2210
2211 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2212 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2213 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2214 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2215 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2216 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2217 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2218 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2219 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2220 SQLINTEGER count = 0;
2221 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2222 ret = RES_OK;
2223 }else{
2224 string s( "SQLRowCount in updateGroup sql=" );
2225 s += string( sql );
2226 setLastErrorString( s.c_str( ) );
2227 ret = RES_DB_QUERY_ERROR;
2228 }
2229 }else{
2230 string s( "SQLExecute in updateGroup " );
2231 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2232 setLastErrorString( s.c_str( ) );
2233 ret = RES_DB_QUERY_ERROR;
2234 }
2235 }else{
2236 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2237 ret = RES_ERROR;
2238 }
2239 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2240 }else{
2241 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2242 ret = RES_ERROR;
2243 }
2244 return RES_OK;
2245 }
2246
2247 /**
2248 *
2249 * ?違???若?????怨??
2250 *
2251 * @param sid ?祉???激?с??D
2252 * @param gid ??緇????????違???若????ID
2253 * @param group ??緇??????違???若?????宴???≪?????鴻???吾??莨若?????ゃ?潟??/span>
2254 * @return RES_OK
2255 * @return RES_DB_NOT_INITIALIZED
2256 * @return RES_NO_SUCH_SESSION
2257 * @return RES_NO_SUCH_GROUP
2258 * @return RES_DB_QUERY_ERROR
2259 *
2260 */
2261 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2262 {
2263 int len;
2264 static criteria c;
2265 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2266 if( len == 0 ) return RES_NO_SUCH_GROUP;
2267 return res;
2268 }
2269
2270 /**
2271 *
2272 * 茲??違???違???若?????宴??筝?綺?????????.
2273 *
2274 * @param sid ?祉???激?с??D
2275 * @param gids ??緇????????違???若????ID??????
2276 * @param gidsLen gids???????膣???/span>
2277 * @param cri 腟???????膀??駕??純?若???>散????絎?
2278 * @param groups ??緇?腟??????違???若?????宴?????????≪?????鴻???吾??莨若?????ゃ?潟??/span>
2279 * @param groupsLen ??緇?腟????????????膣???/span>
2280 * @return RES_OK
2281 * @return RES_DB_NOT_INITIALIZED
2282 * @return RES_NO_SUCH_SESSION
2283 * @return RES_DB_QUERY_ERROR
2284 *
2285 */
2286 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2287 {
2288 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2289 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2290
2291 #ifdef USE_SYSLOG
2292 openlog( "commonal", LOG_ODELAY, LOG_USER );
2293 #endif
2294
2295 SQLRETURN sqlcode;
2296 SQLHANDLE hstmt = NULL;
2297 result_t ret = RES_ERROR;
2298 string sql;
2299 group_t* dst = new group_t[ gidsLen ];
2300
2301 sql += "SELECT gid, gname, gdesc ";
2302 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2303 if( gidsLen > 0 ){
2304 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2305 for( int i = 1; i < gidsLen; i++ ){
2306 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2307 }
2308 }
2309 sql += criteria2str( cri );
2310
2311 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2312 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2313 SQLINTEGER len;
2314 groupid_t gid = 0;
2315 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2316 *groupsLen=0;
2317 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2318 dst[ i ].setGID( gid );
2319 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2320 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2321 ( *groupsLen )++;
2322 }
2323 *groups = dst;
2324 #ifdef USE_SYSLOG
2325 syslog( LOG_DEBUG, "getGroups succeed" );
2326 #endif
2327 ret = RES_OK;
2328 }else{
2329 string s( "SQLExecDirect in getGroups" );
2330 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2331 s += string( ", sql=" ) + string( sql );
2332 setLastErrorString( s.c_str( ) );
2333 #ifdef USE_SYSLOG
2334 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2335 #endif
2336 ret = RES_DB_QUERY_ERROR;
2337 }
2338 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2339 }else{
2340 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2341 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2342 setLastErrorString( s.c_str( ) );
2343 #ifdef USE_SYSLOG
2344 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2345 #endif
2346 ret = RES_DB_QUERY_ERROR;
2347 }
2348 #ifdef USE_SYSLOG
2349 closelog( );
2350 #endif
2351 return ret;
2352 }
2353
2354 /**
2355 *
2356 * ?≪?????若?炊┤???????<??菴???
2357 *
2358 * @param sid ?祉???激?с??D
2359 * @param uid ???????????????若?吟??ID
2360 * @return true 罔???????
2361 * @return false 罔???????
2362 *
2363 */
2364 bool isModerator( sessionid_t sid, userid_t uid )
2365 {
2366 if( hdbc == NULL ) return false;
2367 if( !isValidSessionID( sid ) ) return false;
2368 if( !uidExists( uid ) ) return false;
2369
2370 bool ret = false;
2371 SQLRETURN sqlcode;
2372 SQLHANDLE hstmt = NULL;
2373 SQLINTEGER count = 0;
2374 string sql;
2375 groupid_t moderator_gid;
2376
2377 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2378 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2379 sql += " WHERE name='moderator_gid'";
2380 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2381 SQLINTEGER len = 0;
2382 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2383 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2384 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2385 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2386 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2387 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2388 if( count > 0 ){
2389 ret = true;
2390 }
2391 }
2392 }else{
2393 setLastErrorString( "SQLFetch in isModerator " );
2394 }
2395 }else{
2396 string s( "SQLExecDirect in isModerator " );
2397 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2398 s += ", sql=";
2399 s += string( sql );
2400 setLastErrorString( s.c_str( ) );
2401 }
2402 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2403 }else{
2404 setLastErrorString( "SQLAllocHandle in isModerator " );
2405 }
2406 return ret;
2407 }
2408
2409 /**
2410 *
2411 * ???若??D??緇?
2412 *
2413 * @param uname ID????緇??????????若?吟?弱??
2414 * @param uid ID??篁e?ャ??????紊??違?????ゃ?潟??/span>
2415 * @return RES_ERROR
2416 * @return RES_OK
2417 * @refer result_t
2418 *
2419 */
2420 result_t getUid( const char* uname, userid_t* uid )
2421 {
2422 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2423 if( uname == NULL ) return RES_ERROR;
2424
2425 result_t ret = RES_ERROR;
2426 SQLRETURN sqlcode;
2427 SQLHANDLE hstmt = NULL;
2428 string sql;
2429 string uname2 = addSlashes( uname );
2430
2431 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2432 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2433 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2434 userid_t _uid = 0;
2435 SQLINTEGER len;
2436 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2437 sqlcode = SQLFetch( hstmt );
2438 if( sqlcode == SQL_SUCCESS ){
2439 *uid = _uid;
2440 ret = RES_OK;
2441 }else {
2442 string s( "SQLFetch in getUid sql=" );
2443 s += string( sql );
2444 setLastErrorString( s.c_str( ) );
2445 ret = RES_NO_SUCH_USER;
2446 }
2447 }else{
2448 setLastErrorString( "SQLExecDirect in getUid" );
2449 ret = RES_DB_QUERY_ERROR;
2450 }
2451 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2452 }else{
2453 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2454 ret = RES_DB_QUERY_ERROR;
2455 }
2456
2457 return ret;
2458 }
2459
2460 /**
2461 *
2462 * ?祉???激?с?潟??篏?????xoops_xnpaccount_session???吾??莨若???? sessionid_t??session???????
2463 *
2464 * @param uid xoops_users??id
2465 * @param session sessionid_t???????????????????ゃ?潟?帥??
2466 * @return RES_OK ????
2467 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2468 */
2469 static result_t addSession( userid_t uid, sessionid_t* session )
2470 {
2471 result_t ret = RES_DB_QUERY_ERROR;
2472 SQLRETURN sqlcode;
2473 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2474 unsignedIntToString(uid) + ")";
2475 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2476 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2477 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2478 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2479 sql = "SELECT LAST_INSERT_ID()";
2480 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2481 sessionid_t sid;
2482 SQLINTEGER len;
2483 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sid, 0, &len );
2484 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2485 *session = sid;
2486 ret = RES_OK;
2487 }
2488 }
2489 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2490 }
2491 }else{
2492 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2493 }
2494 }
2495 return ret;
2496 }
2497
2498
2499 /**
2500 *
2501 * ???違?ゃ?活?荐若???祉???激?с?割???
2502 *
2503 * @param uname ???違?ゃ?喝??
2504 * @param passwd ???鴻???若??
2505 * @param session sessionid_t???????????????????ゃ?潟?帥??
2506 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????<br>
2507 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻<br>
2508 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2509 *
2510 */
2511 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2512 {
2513 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2514
2515 result_t ret;
2516 string sql;
2517 SQLRETURN sqlcode;
2518
2519 // uname, passwd -> uid
2520 string escUname = addSlashes( uname );
2521 string escPasswd = addSlashes( passwd );
2522 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2523
2524 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2525 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2526 userid_t uid = 0;
2527 SQLINTEGER len;
2528 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2529 sqlcode = SQLFetch( hstmt );
2530 if( sqlcode == SQL_SUCCESS ){
2531 ret = addSession( uid, session );
2532 }else {
2533 string s( "SQLFetch in loginUser" );
2534 setLastErrorString( s.c_str( ) );
2535 ret = RES_LOGIN_FAILURE;//illegal loginname or password
2536 }
2537 }else{
2538 setLastErrorString( "SQLExecDirect in loginUser" );
2539 ret = RES_DB_QUERY_ERROR;
2540 }
2541 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2542 }else{
2543 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in loginUser" );
2544 ret = RES_DB_QUERY_ERROR;
2545 }
2546
2547 return ret;
2548 }
2549
2550 /**
2551 *
2552 * ???違?≪???????祉???激?с?括?篋?
2553 *
2554 * @param sid session id
2555 * @return ????
2556 *
2557 */
2558 void logoutUser( sessionid_t sid )
2559 {
2560 if( hdbc == NULL ) return; // RES_DB_NOT_INITIALIZED;
2561
2562 result_t ret;
2563 string sql;
2564 SQLRETURN sqlcode;
2565 SQLHANDLE hstmt = NULL;
2566
2567 sql = "DELETE FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + intToString((int)sid);
2568 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2569 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2570 ;
2571 }
2572 else {
2573 setLastErrorString( "SQLExecDirect in logoutUser" );
2574 }
2575 }
2576 else {
2577 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in logoutUser" );
2578 }
2579 }
2580
2581 /**
2582 *
2583 * ?祉???激?с?潟?????.<br>
2584 * XOOPS??ession???若????????蚊??????sess_id?????ess_id??膈???????
2585 * ?逸?session_t??篏?????????
2586 * ???若?帥???若?鴻???祉???激?с?潟????違?????宴??荐??蚊????
2587 *
2588 * @param sessionid xoops??ession_id
2589 * @param uid xoops_users??id
2590 * @param session sessionid_t???????????????????ゃ?潟?帥??
2591 * @return RES_OK
2592 * @return RES_ERROR
2593 * @return RES_DB_QUERY_ERROR
2594 *
2595 */
2596 result_t createSession( const char* sess_id, userid_t uid, sessionid_t* session )
2597 {
2598 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2599
2600 result_t ret;
2601 string sql;
2602 SQLHANDLE hstmt = NULL;
2603 SQLRETURN sqlcode;
2604
2605 string escSess_id = addSlashes(sess_id);
2606 sql = "SELECT sess_id from " + dbprefix + "_session where sess_id='" + escSess_id + "'";
2607 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2608 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2609 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2610 ret = addSession( uid, session );
2611 }else{
2612 ret = RES_ERROR;
2613 }
2614 }else {
2615 ret = RES_DB_QUERY_ERROR;
2616 }
2617 }else{
2618 ret = RES_DB_QUERY_ERROR;
2619 }
2620 return ret;
2621 }
2622
2623 /**
2624 *
2625 * ?祉???激?с?潟???膣違??session_t?у??????.<br>
2626 *
2627 * @param sid ?祉???激?с??D
2628 * @param ppsession sessionid_t*???????????????????ゃ?潟?帥??
2629 * @return RES_OK ??????freeSession(*ppsession)??綽?荀???<br>
2630 * @return RES_NO_SUCH_SESSION<br>
2631 * @return RES_DB_QUERY_ERROR<br>
2632 * @return RES_DB_NOT_INITIALIZED
2633 *
2634 */
2635 result_t getSession( sessionid_t sid, const session_t** ppsession )
2636 {
2637 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2638 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2639
2640 result_t ret = RES_ERROR;
2641 string sql;
2642 SQLHANDLE hstmt = NULL;
2643 SQLRETURN sqlcode;
2644
2645 sql = "SELECT sid, uid, unix_timestamp(timestamp) from " + dbprefix +
2646 "_xnpaccount_session where sid=" + unsignedIntToString((unsigned int)sid);
2647 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2648 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2649 userid_t uid = 0;
2650 SQLINTEGER cbUid = 0;
2651 unsigned long date = 0;
2652 SQLINTEGER cbDate = 0;
2653 SQLBindCol( hstmt, 2, SQL_C_ULONG, &uid, 0, &cbUid );
2654 SQLBindCol( hstmt, 3, SQL_C_ULONG, &date, 0, &cbDate );
2655 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2656 session_t *p = new session[ 1 ];
2657 p->setSessionID( sid );
2658 p->setUID( uid );
2659 p->setDate( date );
2660 *ppsession = p;
2661 ret = RES_OK;
2662 }else{
2663 string s( "SQLFetch in getSession " );
2664 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2665 setLastErrorString( s.c_str( ) );
2666 ret = RES_ERROR;
2667 }
2668 }else {
2669 string s( "SQLExecDirect in getSession " );
2670 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2671 s += ", sql=";
2672 s += string( sql );
2673 setLastErrorString( s.c_str( ) );
2674 ret = RES_DB_QUERY_ERROR;
2675 }
2676 }else{
2677 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getSession" );
2678 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2679 setLastErrorString( s.c_str( ) );
2680 ret = RES_DB_QUERY_ERROR;
2681 }
2682 return ret;
2683
2684 /*
2685 sql = "SELECT sid, uid, unix_timestamp(timestamp) from " + dbprefix +
2686 "_xnpaccount_session where sid=" + unsignedIntToString((unsigned int)sid);
2687 if( 0 == SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ){
2688 MYSQL_RES* result = fp_mysql_store_result( mysql );
2689 if( result ){
2690 MYSQL_ROW row = fp_mysql_fetch_row(result);
2691 if( row ){
2692 session_t *p = new session[1];
2693 p->setSessionID(sid);
2694 p->setUserID(atoi( row[1] != NULL ? row[1] : "" ));
2695 p->setDate(atoi( row[2] != NULL ? row[2] : "" ));
2696 *ppsession = p;
2697 ret = RES_OK;
2698 }else{
2699 ret = RES_NO_SUCH_SESSION;
2700 }
2701 fp_mysql_free_result( result );
2702 }else {
2703 ret = RES_DB_QUERY_ERROR;
2704 }
2705 }else{
2706 ret = RES_DB_QUERY_ERROR;
2707 }
2708 return ret;
2709 */
2710 }
2711
2712 /**
2713 *
2714 * ?祉???激?с?潟???綵??с?????с????????.
2715 *
2716 * @param sid ???с??????????session
2717 * @return true 罩e?
2718 * @return false 筝?罩?/span>
2719 *
2720 */
2721 bool isValidSessionID( sessionid_t sid )
2722 {
2723 if( hdbc == NULL ) return false;
2724
2725 bool ret = false;
2726 string sql;
2727 SQLRETURN sqlcode;
2728 SQLHANDLE hstmt = NULL;
2729
2730 #ifdef USE_SYSLOG
2731 openlog( "commonal", LOG_ODELAY, LOG_USER );
2732 #endif
2733 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString( sid );
2734 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2735 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2736 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2737 #ifdef USE_SYSLOG
2738 syslog( LOG_DEBUG, "isValidSessionID succeed" );
2739 #endif
2740 ret = true;
2741 }else{
2742 string s( "SQLFetch in isValidSessionID " );
2743 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2744 s += string( ", sql=" ) + string( sql );
2745 setLastErrorString( s.c_str() );
2746 #ifdef USE_SYSLOG
2747 syslog( LOG_DEBUG, "isValidSessionID %s", getLastErrorString( ) );
2748 #endif
2749 ret = false;
2750 }
2751 }else{
2752 string s( "SQLExecDirect in isValidSessionID " );
2753 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2754 s += string( ", sql=" ) + string( sql );
2755 setLastErrorString( s.c_str( ) );
2756 #ifdef USE_SYSLOG
2757 syslog( LOG_DEBUG, "isValidSessionID %s", getLastErrorString( ) );
2758 #endif
2759 ret = false;
2760 }
2761 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2762 }else{
2763 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isValidSessionID " );
2764 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2765 setLastErrorString( s.c_str( ) );
2766 #ifdef USE_SYSLOG
2767 syslog( LOG_DEBUG, "isValidSessionID %s", getLastErrorString( ) );
2768 #endif
2769 ret = false;
2770 }
2771 #ifdef USE_SYSLOG
2772 closelog( );
2773 #endif
2774 return ret;
2775 }
2776
2777 void freeAccount( const account_t* ptr ){ delete[] ( account_t* )ptr; }
2778 void freeGroup( const group_t* ptr ){ delete[] ( group_t* )ptr; }
2779 void freeSession( const session_t* ptr ){ delete[] ( session_t* )ptr; }
2780 void freeUID( const int* ptr ){ delete[] ( int* )ptr; }
2781 void freeGID( const int* ptr ){ delete[] ( int* )ptr; }
2782
2783 static string errstr;
2784 const char* getLastErrorString()
2785 {
2786 return errstr.c_str( );
2787 }
2788
2789 void setLastErrorString( const char* str )
2790 {
2791 errstr = str;
2792 #ifdef USE_SYSLOG
2793 openlog( "commonal", LOG_ODELAY, LOG_USER );
2794 syslog( LOG_DEBUG, "%s", str );
2795 closelog( );
2796 #endif
2797 // fprintf( stderr, "setLastErrorString( '%s' );\n", str );
2798 }
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help