Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.41 - (show annotations) (download) (as text)
Wed Jan 19 00:06:51 2005 UTC (19 years, 2 months ago) by aga
Branch: MAIN
Changes since 1.40: +100 -17 lines
File MIME type: text/x-c++src 
・updateIndexで、同じ名前の兄弟があるか名前が空であるならエラーにした.
・createSessionで、uidがPlatformユーザでないかactivateされていないならエラーにした.
1 /*
2 *
3 * $Revision: 1.40 $
4 * $Log: commonal.cc,v $
5 * Revision 1.40 2005/01/17 00:15:05 aga
6 * ??eleteIndex, updateIndex??け????????????????????篆??.
7 *
8 * Revision 1.39 2005/01/15 05:38:10 youi
9 * insertAccount: ??絖??????????<???泣?ゃ?肴??眼????
10 * updateAccount: ??絖??????????<???泣?ゃ?肴??眼????
11 * ?≪?ゃ????膊∞???∽?違??絎?臂?????.
12 * insertItem, getItem, getItems, dumpItemID, updateItem, deleteItem????
13 * freeGID, freeUID: 綣??違??????篆??.
14 *
15 * Revision 1.38 2005/01/15 00:39:16 aga
16 * ??_xnpaccount_item_basic???????紊???
17 *
18 * Revision 1.37 2005/01/14 10:36:59 aga
19 * ??ndex?≫?????????菴遵??.
20 * ??nsertAccount??rivate index??篏???????????篆??.
21 * ??nsertGroup??roup index ??篏???????????篆??.
22 *
23 * Revision 1.36 2005/01/13 04:19:22 aga
24 * ??P??XNP?????.
25 *
26 * Revision 1.35 2005/01/06 07:20:17 youi
27 * WIN32絎?臂??????ゃ?潟?????若????申??.
28 * MySQL API???≪?????????????<?ゃ????????
29 * deleteAccount: ??絮?????Platform?違???若???????????ゃ?????泣????.
30 * insertAccount: ???若?句?脂?蚊??????????????????Platform?違???若???悟?脂?蚊????.
31 * deleteMember: ??????????Platform?違???若???????????ゃ??胼?罩≪????.
32 * deleteMemberNoLimit???臂?
33 *
34 * Revision 1.34 2004/12/28 04:38:14 aga
35 * ??ogoutUser()??信罩?
36 *
37 * Revision 1.33 2004/12/27 05:56:23 youi
38 * odbcDiagString: STMT篁ュ?????潟??????????????????????眼????.
39 * syslog?<???祉?若?吾????????菴遵??????.
40 *
41 * Revision 1.32 2004/12/25 09:46:47 youi
42 * MySQL+MyODBC?у??篏???????????信罩c????.
43 *
44 * Revision 1.31 2004/12/21 11:42:59 youi
45 * ?潟?<?潟??????逸??祉???ゃ???????????菴遵??.
46 *
47 * Revision 1.30 2004/12/18 10:24:54 youi
48 * IMPORT_MYSQLDLL??絎?臂?????????鐚?MYSQL??LL?????????潟?????????????帥?ゃ??絎h???
49 * ???鴻????????????信罩c????.
50 *
51 * Revision 1.29 2004/12/18 01:12:29 youi
52 * freeResult???∽?医????free<???若?水??>????眼????.
53 *
54 * Revision 1.28 2004/12/14 12:02:08 youi
55 * __WIN__??絎?臂???????????indows??ll篏??????荀?????????茵?????.
56 * USE_SYSLOG??絎?臂???????????yslogd?吾?<???祉?若?吾???阪??????.
57 * getAccounts: uidsLen??0??????????????菴遵??????.
58 *
59 * Revision 1.27 2004/12/06 11:34:47 aga
60 * ??ninitializeDB()??菴遵??.
61 *
62 * Revision 1.26 2004/12/06 10:17:36 youi
63 * mysql_use_result????腟?????罧??????????冴??????鐚?
64 * while( row = mysql_fetch_row(result) );???水?ワ?
65 *
66 * Revision 1.25 2004/12/06 07:24:33 youi
67 * insertAccount, insertGroup:
68 * ?域?菴遵?????????宴???綽????????若??D鐚??違???若??ID??膃??綣??違???吾??莨若??.
69 *
70 * Revision 1.24 2004/12/06 01:45:50 aga
71 * ?祉?潟?<?潟???ゃ??.
72 * ?脂???上???篆??.
73 *
74 * Revision 1.23 2004/12/04 09:21:10 aga
75 * ??np_config ?? xnpaccount_config.
76 *
77 * Revision 1.22 2004/12/03 07:17:21 youi
78 * isModerator?с?≪???祉?鴻???????若?帥???若?鴻???若????????篆??.
79 *
80 * Revision 1.21 2004/12/01 10:28:58 youi
81 * DB????????????眼??軸??篆??
82 * institute -> division
83 * organizaion -> company_name
84 *
85 * Revision 1.20 2004/12/01 04:37:04 youi
86 * freeResult: unsigned int* ?? int* ?娯信罩?
87 * ?潟?<?潟???????∽?違???????菴処?.
88 *
89 * Revision 1.19 2004/11/30 06:40:11 youi
90 * ?∽?違??菴遵??(gidExists, uidExists)
91 * getGroupCount??絎?臂?
92 * getGroupsByUid??絎?臂?
93 * isGroupAdmin??篆??.
94 * dumpGroupAdmins??絎?臂?
95 * deleteMember??絎?臂?
96 * insertMember??絎?臂?
97 * getMembers??絎?臂?
98 * isModerator??絎?臂?
99 *
100 * Revision 1.18 2004/11/30 05:46:32 aga
101 * ??ession????remoteHost??????
102 *
103 * Revision 1.17 2004/11/27 09:35:49 youi
104 * isActivated??絎?臂?
105 * activate??絎?臂?
106 * dumpUid??絎?臂?
107 *
108 * Revision 1.16 2004/11/27 06:29:29 youi
109 * getAccountCount??絎?臂?
110 * dumpGids??絎?臂?
111 * insertGroup, deleteGroup, updateGroup??絎?臂?
112 * getGroup, getGroups??絎?臂?
113 * ???若?帥???若?劫?????????弱?冴?????鐚?RES_DB_NOT_INITIALIZED??菴????????????∽?違??申??
114 * (???綽????∽?違??罧??c??????)
115 *
116 * Revision 1.15 2004/11/27 02:22:22 aga
117 * ??nitializeDB????ddSlashes()???若?吟???純?<??????篆??.
118 *
119 * Revision 1.14 2004/11/27 01:07:31 youi
120 * criteria2str: LIMIT??RDER BY?????????ャ???帥????.
121 *
122 * Revision 1.13 2004/11/27 00:35:39 youi
123 * getAccounts??絎?臂?
124 * getAccount??篆??鐚???????etAccounts???若?喝?冴??.
125 * criteria2str??絎?臂?
126 *
127 * Revision 1.12 2004/11/26 09:45:28 youi
128 * getAccount??絎?臂?
129 *
130 * Revision 1.11 2004/11/26 08:16:26 aga
131 * ??etSession, loginUser, createSession, freeResult(const session_t*) 篆??.
132 *
133 * Revision 1.10 2004/11/26 07:57:42 youi
134 * updateAccount, deleteAccount??絎?臂?
135 * mysql_query紊掩??????tderr?吾?????若?潟?若?????????若?<???祉?若?吾???阪??.
136 *
137 * Revision 1.9 2004/11/26 07:38:02 aga
138 * ??AILUE -> FAILURE.
139 *
140 * Revision 1.8 2004/11/26 06:36:55 aga
141 * ??reateSession, getSession ??篏???.
142 *
143 * Revision 1.7 2004/11/26 04:51:47 youi
144 * dbprefix??絎?臂?????.
145 * insertAccount??絎?臂?????.
146 * isValidSessionID??絎?臂?????.
147 *
148 * Revision 1.6 2004/11/26 04:35:55 aga
149 * ??oginUser(), logoutUser()??篏???.
150 *
151 * Revision 1.5 2004/11/26 01:08:25 aga
152 * ??ddSlashes()篏???.
153 *
154 * Revision 1.4 2004/11/25 12:14:29 youi
155 * getUid????????絎?臂?????.
156 *
157 * Revision 1.3 2004/11/25 11:13:59 youi
158 * getLastErrorString/setLastErrorString??絎?臂?
159 *
160 * Revision 1.2 2004/11/25 08:55:19 youi
161 * 綣??違??????篆??.
162 * freeResult??菴遵??.
163 *
164 * Revision 1.1 2004/11/25 05:14:58 youi
165 * initial version
166 *
167 *
168 */
169 #ifdef WIN32
170 #include <windows.h>
171 #endif
172
173 #ifdef USE_SYSLOG
174 #include <syslog.h>
175 #endif
176
177 #include <stdio.h>
178 #include <stdlib.h>
179 #include <string.h>
180 #include <string>
181 #include <assert.h>
182 #include <sql.h>
183 #include <sqlext.h>
184 using namespace std;
185
186 #include "common.h"
187 #include "account.h"
188 #include "group.h"
189 #include "session.h"
190 #include "item.h"
191 #include "itemtype.h"
192 #include "criteria.h"
193 #include "commonal.h"
194 #include "item.h"
195 #include "index.h"
196
197 static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX
198
199 static SQLHANDLE henv = NULL;
200 static SQLHANDLE hdbc = NULL;
201 static SQLHANDLE hstmt = NULL;
202
203 static result_t insertIndexInternal( sessionid_t sid, index_t *index, indexid_t *xid );
204
205 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
206 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
207
208 static result_t countResultRows( const char* sql, SQLINTEGER* count )
209 {
210 result_t ret = RES_ERROR;
211 SQLRETURN sqlcode;
212 SQLHANDLE hstmt = NULL;
213 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
214 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
215 *count = 0;
216 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
217 ret = RES_OK;
218 }else{
219 string s( "SQLExecDirect in countResultRows " );
220 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
221 s += "sql=";
222 s += string( sql );
223 setLastErrorString( s.c_str( ) );
224 ret = RES_DB_QUERY_ERROR;
225 }
226 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
227 }
228 return ret;
229 }
230
231 /**
232 *
233 * ?祉???激?с?潟???綽?篁????????????若??D??緇???
234 *
235 * @param sid ?祉???激?с??D
236 * @param uid ???若??D?????????????ゃ?潟?水???/span>
237 * @return RES_OK
238 * @return RES_ERROR
239 *
240 */
241 static result_t getUIDFromSession( sessionid_t sid, userid_t* uid )
242 {
243 const session_t* session;
244 if( getSession( sid, &session ) == RES_OK ){
245 *uid = session -> getUID( );
246 freeSession( session );
247 return RES_OK;
248 }
249 return RES_ERROR;
250 }
251
252 /**
253 *
254 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚?Platform???若?吟??????ctivate??
255 * ????????????菴???
256 *
257 * @param sid ?祉???激?с??D
258 * @return true Activate??????????
259 * @return false Activate??????????鐚??障??????????/span>
260 *
261 */
262 static bool isActivatedBySession( sessionid_t sid )
263 {
264 const session_t* session;
265 if( getSession( sid, &session ) == RES_OK ){
266 userid_t sess_uid = session -> getUID( );
267 freeSession( session );
268 return isActivated( sid, sess_uid );
269 }
270 return false;
271 }
272
273 /**
274 *
275 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚??≪?????若?帥?с??????鐚?
276 *
277 *
278 * @param sid ?祉???激?с??D
279 * @return true ?≪?????若??/span>
280 * @return false ?≪?????若?帥?с????鐚??障??????????/span>
281 *
282 */
283 static bool isModeratorBySession( sessionid_t sid )
284 {
285 const session_t* session;
286 if( getSession( sid, &session ) == RES_OK ){
287 userid_t sess_uid = session -> getUID( );
288 freeSession( session );
289 return isModerator( sid, sess_uid );
290 }
291 return false;
292 }
293
294 /** SQL??絎?茵???????腟?????????????
295 * @param sql sql
296 * @return result_t
297 */
298 static result_t querySimple( const char *functionName, string &sql ){
299 result_t ret = RES_ERROR;
300 SQLRETURN sqlcode;
301 SQLHANDLE hstmt = NULL;
302 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
303 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
304 ret = RES_OK;
305 }else{
306 string s( "SQLExecDirect in querySimple " );
307 s += functionName;
308 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
309 s += "sql=";
310 s += sql;
311 setLastErrorString( s.c_str( ) );
312 ret = RES_DB_QUERY_ERROR;
313 }
314 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
315 }
316 else {
317 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in querySimple " );
318 ret = RES_ERROR;
319 }
320 return ret;
321 }
322
323 /** SQL??絎?茵?????1茵????????????贋?医??NULL????0???帥????)???水?????????
324 * @param sql sql
325 * @param u ?贋?医?ゃ??????????紊??違??
326 * @return result_t
327 */
328 static result_t queryGetUnsignedInt( const char *functionName, string &sql, unsigned int *u ){
329 result_t ret = RES_ERROR;
330 SQLRETURN sqlcode;
331 SQLHANDLE hstmt = NULL;
332 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
333 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
334 SQLUINTEGER sInt = 0;
335 SQLINTEGER len;
336 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sInt, 0, &len );
337 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
338 if ( len == SQL_NULL_DATA )
339 sInt = 0;
340 *u = sInt;
341 ret = RES_OK;
342 }else{
343 string s( "SQLFetch in queryGetUnsignedInt " );
344 s += functionName;
345 setLastErrorString( s.c_str( ) );
346 ret = RES_ERROR;
347 }
348 }else{
349 string s( "SQLExecDirect in queryGetUnsignedInt " );
350 s += functionName;
351 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
352 s += "sql=";
353 s += sql;
354 setLastErrorString( s.c_str( ) );
355 ret = RES_DB_QUERY_ERROR;
356 }
357 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
358 }
359 else {
360 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in queryGetUnsignedInt " );
361 ret = RES_ERROR;
362 }
363 return ret;
364 }
365
366 /** sid????uid??緇?????
367 * @param sid session id
368 * @param uid uid??????????紊???/span>
369 * @return
370 */
371 static result_t sessionID2UID( sessionid_t sid, userid_t *uid ){
372 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
373
374 SQLRETURN sqlcode;
375 SQLHANDLE hstmt = NULL;
376
377 string sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString(sid);
378 return queryGetUnsignedInt( "sessionID2UID", sql, (unsigned int*)uid );
379 }
380
381 /**
382 *
383 * ??絖????潟???種?
384 * ??絎???絖??違???潟???若??鐚????????<????緇???NULL腟?腴?????鐚?/span>
385 * ( dst???泣?ゃ? >= len + 1 )?с????????/span>
386 *
387 */
388 static char* strncpy2( char* dst, const char* src, int len )
389 {
390 strncpy( dst, src, len );
391 dst[ len ] = '\0';
392 // fprintf( stderr, "strncpy2 '%s'\n", dst );
393 return dst;
394 }
395
396 /**
397 *
398 * SQL???茵?腟????????????惹??絖?????????????
399 *
400 * @param hstmt SQL??????潟????/span>
401 * @param sqlcode SQLExecDirect,SQLExecute???祉????/span>
402 * @return ?????惹??絖???
403 */
404 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
405 {
406 string s;
407 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
408 SQLCHAR SQLState[6];
409 SQLINTEGER NativeError;
410 SQLCHAR MessageText[ 1024 ];
411 SQLSMALLINT BufferLength;
412 SQLSMALLINT TextLength;
413 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
414
415 s += string( (char*)MessageText );
416 s += " SQLSTATE=";
417 s += string( (char*)SQLState );
418
419 }
420 s += " sqlcode=";
421 s += intToString( sqlcode );
422 return s;
423 }
424
425 /**
426 *
427 * ??絎??????????ゃ???????冴??????????絖?????菴???
428 *
429 */
430 string getResultCol( SQLHANDLE hstmt, int col )
431 {
432 string s;
433 SQLRETURN sqlcode;
434 SQLCHAR BinaryPtr[5000];
435 SQLUINTEGER PartID;
436 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
437 SQLRETURN rc;
438
439 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
440 &BinaryLenOrInd)) != SQL_NO_DATA) {
441 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
442 if( NumBytes >= 0 ){
443 s += string( (char*)BinaryPtr, NumBytes );
444 }
445 }
446 #ifdef USE_SYSLOG
447 // openlog( "commonal", LOG_ODELAY, LOG_USER );
448 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
449 // closelog( );
450 #endif
451 return s;
452 }
453
454
455 /**
456 *
457 * ?????若????????\荐??激?с???鴻?宴?若??????
458 *
459 * @param str addslashes???鴻????絖?????NULL??絎?筝?????
460 * @return 紊???緇?????絖???
461 */
462 string addSlashes( const char *str )
463 {
464 if ( hdbc == NULL ){
465 string s;
466 return s;
467 }else{
468 string s( str );
469 return s;
470 }
471
472 int len = strlen(str) * 3;
473 char* dst = new char[ len ];
474 const char* from = str;
475 char* to = dst;
476 while( *from != '\0' ){
477 switch( *from ){
478 case '\'':
479 case '\"':
480 case ';':
481 *to = '\\'; to++;
482 break;
483 }
484 *to = *from; to++;
485 from++;
486 }
487 *to = '\0';
488 string s( dst );
489 delete[] dst;
490 return s;
491 }
492
493 /**
494 *
495 * gid??????????с????
496 * DB???≪???祉?劫け????????false??????鐚?/span>
497 *
498 * @param gid ???с??????????GID
499 * @return true 絖???????
500 * @return false 絖?????????
501 *
502 */
503 static bool gidExists( groupid_t gid )
504 {
505 string sql;
506 SQLRETURN sqlcode;
507 SQLHANDLE hstmt = NULL;
508
509 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
510 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
511 return false;
512 }
513
514 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
515 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
516 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
517 setLastErrorString( "SQLExecDirect in gidExists" );
518 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
519 return false;
520 }
521
522 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
523 setLastErrorString( "SQLFetch in gidExists" );
524 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
525 return false;
526 }
527
528 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
529 return true;
530 }
531
532
533 /**
534 *
535 * Platform???若?倶???宴??id??絖??????????????с????
536 * DB???≪???祉?劫け????????false??????鐚?/span>
537 *
538 * @param uid ???с??????????UID
539 * @return true 絖???????
540 * @return false 絖?????????
541 *
542 */
543 static bool uidExists( userid_t uid )
544 {
545 bool ret = false;
546 string sql;
547 SQLRETURN sqlcode;
548 SQLINTEGER count = 0;
549
550 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
551 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
552 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
553 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
554 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
555 ret = true;
556 }else{
557 string s( "SQLFetch in uidExists ");
558 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
559 s += string( ", sql=" ) + string( sql );
560 setLastErrorString( s.c_str( ) );
561 ret = false;
562 }
563 }else{
564 string s( "SQLExecDirect in uidExists ");
565 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
566 s += string( ", sql=" ) + string( sql );
567 setLastErrorString( s.c_str( ) );
568 ret = false;
569 }
570 }else{
571 string s( "SQLAllocHandle in uidExists ");
572 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
573 setLastErrorString( s.c_str( ) );
574 ret = false;
575 }
576 return ret;
577 }
578
579
580 /**
581 *
582 * criteria ?? SQL?????????
583 *
584 *
585 *
586 */
587 string criteria2str( criteria* cri )
588 {
589 string sql;
590
591 const orderby* odrby = cri -> headOrderBy( );
592 if( odrby != 0 ){
593 sql += " ORDER BY " + string( odrby -> getColumn( ) );
594 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
595 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
596 sql += ", " + string( odrby -> getColumn( ) );
597 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
598 }
599 }
600
601 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
602 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
603 + ", " + string( intToString( cri -> getLimitRows( ) ) );
604 }
605 return sql;
606 }
607
608
609 /**
610 *
611 * ???若?帥???若?鴻????????
612 *
613 * @param dsn DSN
614 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
615 * @param password 筝?荐????若?吟?????鴻???若??
616 * @param dbname ??????/span>
617 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
618 * @return RES_OK
619 * @return RES_DB_INITIALIZE_ERROR
620 * @return RES_DB_CONNECT_ERROR
621 * @refer result_t
622 */
623 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
624 {
625 SQLRETURN sqlcode;
626
627 #ifdef USE_SYSLOG
628 openlog( "commonal", LOG_ODELAY, LOG_USER );
629 #endif
630 // ?≪??・膓?筝???????筝???????/span>
631 if ( hdbc != NULL )
632 SQLDisconnect( hdbc );
633
634 dbprefix = prefix;
635
636 // ????????・膓?
637 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
638 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
639 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
640 #ifdef USE_SYSLOG
641 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
642 closelog( );
643 #endif
644 return RES_DB_INITIALIZE_ERROR;
645 }
646 //ODBC Ver.3 ????????????????????с??荐??
647 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
648
649 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
650 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
651 #ifdef USE_SYSLOG
652 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
653 closelog( );
654 #endif
655 return RES_DB_INITIALIZE_ERROR;
656 }
657 //???違?ゃ?潟??腱?篁ヤ?荀????????帥?ゃ???≪????????荐??
658 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
659
660 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
661 string s( "SQLConnect in initializeDB " );
662 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
663 setLastErrorString( s.c_str( ) );
664 #ifdef USE_SYSLOG
665 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
666 closelog( );
667 #endif
668 return RES_DB_CONNECT_ERROR;
669 }
670 #ifdef USE_SYSLOG
671 syslog( LOG_DEBUG, "initializeDB succeed" );
672 closelog( );
673 #endif
674 return RES_OK;
675 }
676
677 /**
678 *
679 * DB?ョ????????違???????????障??????
680 *
681 * @param ????
682 * @return RES_OK
683 */
684 result_t uninitializeDB()
685 {
686 if ( hdbc != NULL ){
687 SQLDisconnect( hdbc );
688 hdbc = NULL;
689 }
690 return RES_OK;
691 }
692
693 /**
694 *
695 * Platform???若?倶?粋??倶????緇?
696 *
697 * @param sid ?祉???激?с??D
698 * @param uid ?倶??????緇??????????若?吟??ID
699 * @return true ?粋?羝???/span>
700 * @return false ???粋?
701 *
702 */
703 bool isActivated( sessionid_t sid, userid_t uid )
704 {
705 if( hdbc == NULL ) return false;
706 if( !isValidSessionID( sid ) ) return false;
707
708 bool ret = false;
709 string sql;
710 SQLRETURN sqlcode;
711 SQLHANDLE hstmt = NULL;
712
713 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
714 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
715 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
716 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
717 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
718 ret = true;
719 }else{
720 string s( "SQLFetch in isActivated " );
721 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
722 s += ", sql=" + sql;
723 setLastErrorString( s.c_str() );
724 ret = false;
725 }
726 }else{
727 string s( "SQLExecDirect in isActivated " );
728 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
729 s += ", sql=" + sql;
730 setLastErrorString( s.c_str() );
731 ret = false;
732 }
733 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
734 }else{
735 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
736 ret = false;
737 }
738 return ret;
739 }
740
741 /**
742 *
743 * Platform???若?倶?粋??倶??紊???/span>
744 *
745 * @param sid ?祉???激?с??D
746 * @param uid 紊??眼?????????若?吟??ID
747 * @param activate ?粋?(true) / ???粋?(false)????絎?
748 * @return RES_OK
749 * @return RES_DB_QUERY_ERROR
750 * @return RES_NO_SUCH_USER
751 */
752 result_t activate( sessionid_t sid, userid_t uid, bool activate )
753 {
754 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
755 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
756
757 string sql;
758 SQLRETURN sqlcode;
759 result_t ret = RES_ERROR;
760
761 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
762 sql += "SET activate=" + string( activate ? "1" : "0" );
763 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
764 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
765 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
766 SQLINTEGER count = 0;
767 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
768 ret = RES_OK;
769 }else{
770 string s( "SQLRowCount in activate ");
771 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
772 s += string( ", sql=" ) + string( sql );
773 setLastErrorString( s.c_str( ) );
774 ret = RES_NO_SUCH_USER;
775 }
776 }else{
777 string s( "SQLExecDirect in activate " );
778 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
779 s += ", sql=";
780 s += string( sql );
781 setLastErrorString( s.c_str( ) );
782 ret = RES_DB_QUERY_ERROR;
783 }
784 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
785 }else{
786 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
787 ret = RES_ERROR;
788 }
789 return ret;
790 }
791
792 /**
793 *
794 * ?≪?????潟???違????緇?????鐚?/span>
795 *
796 * @param sid ?祉???激?с??D
797 * @return ?≪?????潟????/span>
798 *
799 */
800 int getAccountCount( sessionid_t sid )
801 {
802 if( hdbc == NULL ) return 0;
803 if( !isValidSessionID( sid ) ) return 0;
804
805 int ret = 0;
806 string sql;
807 SQLRETURN sqlcode;
808 SQLHANDLE hstmt = NULL;
809
810 //?≪?????潟???違??羆?????
811 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
812 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
813 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
814 SQLUINTEGER count = 0;
815 SQLINTEGER len;
816 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
817 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
818 ret = count;
819 }else {
820 string s( "SQLFetch in getAccountCount sql=" );
821 s += string( sql );
822 setLastErrorString( s.c_str( ) );
823 ret = 0;
824 }
825 }else{
826 setLastErrorString( "SQLExecDirect in getAccountCount" );
827 ret = 0;
828 }
829 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
830 }else{
831 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
832 ret = 0;
833 }
834 return ret;
835 }
836
837 /**
838 *
839 * ?≪?????潟??????/span>
840 * ?違???若???????????ゃ?????若?倶???宴?????ゃ??茵??????障??鐚?/span>
841 *
842 * @param
843 * @return RES_OK
844 * @return RES_ERROR
845 * @return RES_DB_NOT_INITIALIZED
846 * @return RES_NO_SUCH_SESSION
847 * @return RES_DB_QUERY_ERROR
848 *
849 */
850 result_t deleteAccount( sessionid_t sid, userid_t uid )
851 {
852 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
853 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
854
855 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
856 criteria_t c;
857 string sql;
858 groupid_t* gids;
859 int gidsLen;
860 SQLRETURN sqlcode;
861 SQLHANDLE hstmt = NULL;
862
863 /*
864 1. delete user from default platform group
865 2. delete user profile from xoops_users
866 3. delete platform user from xnpaccount_users
867 */
868
869 //1. delete user from platform groups
870 c.clearAll();
871 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
872 for( int i = 0; i < gidsLen; i++ )
873 deleteMemberNoLimit( sid, gids[ i ], uid );
874 freeGID( gids );
875 }
876
877 //2. delete user profile from xoops_users
878 sql = "DELETE FROM " + dbprefix + "_users ";
879 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
880 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
881 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
882 SQLINTEGER count = 0;
883 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
884 ret1 = RES_OK;
885 }else{
886 string s( "SQLRowCount in deleteAccount" );
887 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
888 s += string( ", sql=" ) + string( sql );
889 setLastErrorString( s.c_str( ) );
890 ret1 = RES_NO_SUCH_USER;
891 }
892 }else{
893 string s( "SQLExecDirect in deleteAccount" );
894 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
895 s += ", sql=";
896 s += string( sql );
897 setLastErrorString( s.c_str( ) );
898 ret1 = RES_DB_QUERY_ERROR;
899 }
900 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
901 }else{
902 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
903 ret1 = RES_ERROR;
904 }
905
906 //3. delete platform user from xnpaccount_users
907 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
908 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
909 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
910 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
911 SQLINTEGER count = 0;
912 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
913 ret2 = RES_OK;
914 }else{
915 string s( "SQLRowCount in deleteAccount" );
916 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
917 s += string( ", sql=" ) + string( sql );
918 setLastErrorString( s.c_str( ) );
919 ret2 = RES_NO_SUCH_USER;
920 }
921 }else{
922 string s( "SQLExecDirect in deleteAccount" );
923 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
924 s += ", sql=";
925 s += string( sql );
926 setLastErrorString( s.c_str( ) );
927 ret2 = RES_DB_QUERY_ERROR;
928 }
929 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
930 }else{
931 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
932 ret2 = RES_ERROR;
933 }
934
935 //筝??鴻?с???????若?????????若??菴???
936 return ret1 != RES_OK ? ret1 : ret2;
937 }
938
939 /**
940 *
941 * ?≪?????潟?????怨??
942 *
943 * @param sid ?祉???激?с??D
944 * @param uid ??緇??????????若?吟??ID
945 * @param acc ??緇??????≪?????潟??????account_t)?????ゃ?潟?帥???吾??莨若??綣???/span>
946 * @return RES_OK
947 * @return RES_DB_NOT_INITIALIZED
948 * @return RES_NO_SUCH_USER
949 * @return RES_NO_SUCH_SESSION
950 * @return RES_DB_QUERY_ERROR
951 *
952 */
953 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
954 {
955 int len;
956 static criteria c;
957 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
958 if( len == 0 ) return RES_NO_SUCH_USER;
959 return res;
960 }
961
962 /**
963 *
964 * ?≪?????潟?????怨??
965 *
966 * @param sid ?祉???激?с??D
967 * @param uids ??緇??????????若?吟??ID??????
968 * @param uidsLen uids???????膣???/span>
969 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
970 * @param accounts 罎?膣∝??????????????ゃ?潟?帥???吾??莨若??綣???/span>
971 * @param accountsLen 罎?膣∝???????????*accounts???膣???
972 * @return RES_OK
973 * @return RES_DB_NOT_INITIALIZED
974 * @return RES_NO_SUCH_SESSION
975 * @return RES_DB_QUERY_ERROR
976 *
977 */
978 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
979 {
980 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
981 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
982 if( uidsLen <= 0 ){
983 *accounts = new account_t[ 0 ];
984 *accountsLen = 0;
985 #ifdef USE_SYSLOG
986 openlog( "commonal", LOG_ODELAY, LOG_USER );
987 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
988 closelog( );
989 #endif
990 return RES_OK;
991 }
992
993 #ifdef USE_SYSLOG
994 openlog( "commonal", LOG_ODELAY, LOG_USER );
995 syslog( LOG_DEBUG, "begin of getAccounts" );
996 #endif
997 result_t ret = RES_ERROR;
998 SQLRETURN sqlcode;
999 SQLHANDLE hstmt = NULL;
1000 string sql;
1001 account_t* dst = new account_t[ uidsLen ];
1002
1003 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since, u2.private_index_id ";
1004 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
1005 sql += "WHERE u1.uid = u2.uid ";
1006 if( uidsLen > 0 ){
1007 #ifdef USE_SYSLOG
1008 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
1009 #endif
1010 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
1011 for( int i = 1; i < uidsLen; i++ ){
1012 #ifdef USE_SYSLOG
1013 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
1014 #endif
1015 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
1016 }
1017 sql += " ) ";
1018 }
1019 sql += criteria2str( cri );
1020 #ifdef USE_SYSLOG
1021 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
1022 #endif
1023
1024 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1025 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1026 SQLINTEGER len;
1027 userid_t uid = 0;
1028 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1029 *accountsLen=0;
1030 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
1031 dst[ i ].setUID( uid );
1032 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
1033 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
1034 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
1035 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
1036 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
1037 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
1038 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
1039 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
1040 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
1041 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
1042 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
1043 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
1044 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
1045 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
1046 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
1047 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
1048 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
1049 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
1050 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
1051 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
1052 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
1053 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
1054 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
1055 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
1056 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
1057 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
1058 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
1059 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
1060 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
1061 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
1062 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
1063 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
1064 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
1065 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
1066 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
1067 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
1068 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
1069 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
1070 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
1071 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
1072 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
1073 dst[ i ].setPrivateIndexID( atoi( getResultCol( hstmt, 43 ).c_str() ));
1074 #ifdef USE_SYSLOG
1075 syslog( LOG_DEBUG, "set to account_t %d", i );
1076 #endif
1077 ( *accountsLen )++;
1078 }
1079 *accounts = dst;
1080 #ifdef USE_SYSLOG
1081 syslog( LOG_DEBUG, "getAccounts succeed" );
1082 #endif
1083 ret = RES_OK;
1084 }else{
1085 string s( "SQLExecDirect in getAccounts" );
1086 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1087 s += string( ", sql=" ) + string( sql );
1088 setLastErrorString( s.c_str( ) );
1089 #ifdef USE_SYSLOG
1090 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1091 #endif
1092 ret = RES_DB_QUERY_ERROR;
1093 }
1094 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1095 }else{
1096 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
1097 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1098 setLastErrorString( s.c_str( ) );
1099 #ifdef USE_SYSLOG
1100 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1101 #endif
1102 ret = RES_DB_QUERY_ERROR;
1103 }
1104 #ifdef USE_SYSLOG
1105 closelog( );
1106 #endif
1107 return ret;
1108 }
1109
1110 /**
1111 *
1112 * ?≪?????潟???脂??
1113 *
1114 * ???若?倶???宴?????若?帥???若?鴻???脂?蚊???障??鐚?/span>
1115 * ?脂?蚊???????若?倶???宴???綽????????若??D??uid???主????障??鐚?/span>
1116 *
1117 * @param sid ?祉???激?с??/span>
1118 * @param account ?脂?蚊?????≪?????潟??????/span>
1119 * @param uid ?脂?蚊?????≪?????潟?????宴???綽????????若??D
1120 * @return RES_OK
1121 * @return RES_NO_SUCH_SESSION
1122 * @return RES_DB_QUERY_ERROR
1123 * @return RES_DB_NOT_INITIALIZED
1124 *
1125 */
1126 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
1127 {
1128 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1129 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1130
1131 string sql;
1132 string tmp;
1133 char buf[ 12 ];
1134 SQLRETURN sqlcode;
1135 result_t ret = RES_ERROR;
1136
1137 /*
1138 1. insert user profile into xoops_users
1139 2. insert platform user profile into xnpaccount_users
1140 3. add user to default platform group
1141 4. create private index
1142 5. update account set private_index_id=...
1143 */
1144
1145 //1.xoops?????若?吟???若???????吾??莨若??
1146 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1147 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1148 SQLDOUBLE timezone_offset;
1149
1150 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1151 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1152
1153 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1154 string sql;
1155 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
1156 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1157 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1158 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1159 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1160 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1161 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1162 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1163 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1164 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1165 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1166 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1167 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1168 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1169 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1170 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1171 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1172 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1173 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1174 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1175 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1176 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1177 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1178 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1179 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1180 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1181 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1182 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1183 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1184 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1185 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1186 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1187 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1188
1189 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1190 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1191 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1192 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1193 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1194 user_regdate = time( NULL );
1195 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1196 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1197 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1198 user_viewemail = account -> getUserViewemail( );
1199 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1200 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1201 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1202 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1203 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1204 posts = account -> getPosts( );
1205 attachsig = account -> getAttachsig( );
1206 rank = account -> getRank( );
1207 level = account -> getLevel( );
1208 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1209 timezone_offset = account -> getTimezoneOffset( );
1210 last_login = 0;
1211 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1212 uorder = account -> getUorder( );
1213 notify_method = account -> getNotifyMethod( );
1214 notify_mode = account -> getNotifyMode( );
1215 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1216 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1217 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1218 user_mailok = account -> getUserMailok( );
1219
1220 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1221 SQLINTEGER count = 0;
1222 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1223 //???若??D????緇?????
1224 SQLHANDLE hstmt2 = NULL;
1225 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1226 sql = "SELECT LAST_INSERT_ID()"; // MySQL
1227 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
1228 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1229 SQLUINTEGER last_insert_id;
1230 SQLINTEGER len;
1231 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
1232 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
1233 *uid = last_insert_id;
1234 ret = RES_OK;
1235 }else{
1236 ret = RES_DB_QUERY_ERROR;
1237 string s( "SQLFetch in insertAccount " );
1238 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1239 setLastErrorString( s.c_str( ) );
1240 }
1241 }else{
1242 string s( "SQLExecDirect in insertAccount " );
1243 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1244 setLastErrorString( s.c_str( ) );
1245 ret = RES_DB_QUERY_ERROR;
1246 }
1247 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1248 }
1249 }else{
1250 string s( "SQLRowCount in insertAccount sql=" );
1251 s += string( sql );
1252 setLastErrorString( s.c_str( ) );
1253 ret = RES_DB_QUERY_ERROR;
1254 }
1255 }else{
1256 string s( "SQLExecute in insertAccount " );
1257 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1258 setLastErrorString( s.c_str( ) );
1259 ret = RES_DB_QUERY_ERROR;
1260 }
1261 }else{
1262 string s( "SQLPrepare in insertAccount " );
1263 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1264 setLastErrorString( s.c_str( ) );
1265 ret = RES_ERROR;
1266 }
1267 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1268 }else{
1269 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1270 ret = RES_ERROR;
1271 }
1272
1273 if( ret == RES_OK ){
1274 //2.xnpaccount?????若?吟???若??????????????宴???吾??莨若??
1275 SQLUINTEGER activate;
1276 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1277 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1278 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1279 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1280 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1281 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1282 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1283 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1284 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1285 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1286 SQLUINTEGER notice_mail;
1287 SQLUINTEGER notice_mail_since;
1288 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1289 string sql;
1290 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1291 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1292 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1293 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1294 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1295 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1296 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1297 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1298 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1299 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1300 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1301 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1302 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1303 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1304 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1305
1306 activate = account -> getActivate() ? 1 : 0;
1307 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1308 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1309 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1310 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1311 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1312 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1313 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1314 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1315 notice_mail = account -> getNoticeMail( );
1316 notice_mail_since = account -> getNoticeMailSince( );
1317
1318 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1319 SQLINTEGER count = 0;
1320 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1321 ret = RES_OK;
1322 if( ret == RES_OK ){
1323 //3.add new user to default group(not a group admin)
1324 ret = insertMember( sid, group_t::GID_DEFAULT, *uid, false );
1325 }else{
1326 //xoops_users??nsert???????潟?若???????ゃ????
1327 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1328 sql += unsignedIntToString( *uid );
1329 SQLHANDLE hstmt2 = NULL;
1330 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1331 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1332 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1333 }
1334 setLastErrorString( "insertMember in insertAccount" );
1335 ret = RES_DB_QUERY_ERROR;
1336 }
1337 }else{
1338 string s( "SQLRowCount in insertAccount sql=" );
1339 s += string( sql );
1340 setLastErrorString( s.c_str( ) );
1341 ret = RES_DB_QUERY_ERROR;
1342 }
1343 }else{
1344 string s( "SQLExecute in insertAccount " );
1345 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1346 setLastErrorString( s.c_str( ) );
1347 ret = RES_DB_QUERY_ERROR;
1348 }
1349 }else{
1350 //xoops_users??nsert???????潟?若???????ゃ????
1351 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1352 sql += unsignedIntToString( *uid );
1353 SQLHANDLE hstmt2 = NULL;
1354 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1355 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1356 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1357 }
1358 string s( "SQLExecDirect in insertAccount sql=" );
1359 s += string( sql );
1360 setLastErrorString( s.c_str( ) );
1361 ret = RES_DB_QUERY_ERROR;
1362 }
1363 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1364 }else{
1365 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1366 ret = RES_ERROR;
1367 }
1368 }
1369
1370 if ( ret == RES_OK ){
1371 //4.private index??篏???
1372
1373 // private index????ort_number????
1374 string sql = "select min(sort_number) from " +
1375 dbprefix + "_xnpaccount_index where parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
1376 " and open_level=" + unsignedIntToString(index::OL_PRIVATE);
1377 unsigned int sortNumber;
1378 ret = queryGetUnsignedInt( "insertAccount", sql, &sortNumber );
1379 sortNumber--;
1380 if ( ret == RES_OK ){
1381 // private index篏???
1382 index_t index;
1383 index.setItemTypeID(item::ITID_INDEX);
1384 index.setContributorUID(*uid);
1385 index.setParentIndexID(item::IID_ROOT);
1386 index.setOwnerUID(*uid);
1387 index.setOpenLevel(index::OL_PRIVATE);
1388 index.setSortNumber(sortNumber);
1389 index.setTitle(account->getUname());
1390 indexid_t privateXID;
1391 ret = insertIndexInternal( sid, &index, &privateXID );
1392 if ( ret == RES_OK ){
1393 // xnpaccuont_users??rivate_index_id???吾??????
1394 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET private_index_id="
1395 + unsignedIntToString(privateXID) + " WHERE uid=" + unsignedIntToString(*uid);
1396 ret = querySimple( "insertAccount", sql );
1397 }
1398 }
1399 }
1400
1401 return ret;
1402 }
1403
1404 /**
1405 *
1406 * ?≪?????潟?????宴??紊??眼????.
1407 *
1408 *
1409 * @param sid ?祉???激?с??D
1410 * @param account 紊??眼???????≪?????潟??????/span>
1411 * @return RES_OK
1412 * @return RES_DB_NOT_INITIALIZED
1413 * @return RES_NO_SUCH_SESSION
1414 * @return RES_DB_QUERY_ERROR
1415 * @return RES_NO_SUCH_USER
1416 * @return RES_ERROR
1417 *
1418 */
1419 result_t updateAccount( sessionid_t sid, const account_t* account )
1420 {
1421 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1422 if( account == NULL ) return RES_ERROR;
1423 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1424 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1425
1426 SQLRETURN sqlcode;
1427 result_t ret = RES_ERROR;
1428 SQLHANDLE hstmt = NULL;
1429
1430 //xoops?????若?吟???若???????吾??莨若??
1431 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1432 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1433 SQLDOUBLE timezone_offset;
1434
1435 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1436 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1437
1438 SQLUINTEGER activate;
1439 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1440 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1441 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1442 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1443 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1444 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1445 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1446 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1447 SQLINTEGER cbActivate = 0, cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1448 SQLUINTEGER notice_mail, notice_mail_since;
1449 SQLINTEGER cbNotice_mail = 0, cbNotice_mail_since = 0;
1450
1451 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1452 string sql;
1453
1454 sql = "UPDATE " + dbprefix + "_users SET ";
1455 sql += "uname=?";
1456 sql += ", name=?";
1457 sql += ", email=?";
1458 sql += ", url=?";
1459 sql += ", user_avatar=?";
1460 sql += ", user_regdate=?";
1461 sql += ", user_icq=?";
1462 sql += ", user_from=?";
1463 sql += ", user_sig=?";
1464 sql += ", user_viewemail=?";
1465 sql += ", actkey=?";
1466 sql += ", user_aim=?";
1467 sql += ", user_yim=?";
1468 sql += ", user_msnm=?";
1469 sql += ", pass=?";
1470 sql += ", posts=?";
1471 sql += ", attachsig=?";
1472 sql += ", rank=?";
1473 sql += ", level=?";
1474 sql += ", theme=?";
1475 sql += ", timezone_offset=?";
1476 sql += ", last_login=?";
1477 sql += ", umode=?";
1478 sql += ", uorder=?";
1479 sql += ", notify_method=?";
1480 sql += ", notify_mode=?";
1481 sql += ", user_occ=?";
1482 sql += ", bio=?";
1483 sql += ", user_intrest=?";
1484 sql += ", user_mailok=? ";
1485 sql += " WHERE uid = ?";
1486
1487 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1488 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1489 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1490 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1491 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1492 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1493 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1494 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1495 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1496 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1497 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1498 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1499 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1500 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1501 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1502 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1503 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1504 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1505 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1506 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1507 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1508 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1509 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1510 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1511 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1512 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1513 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1514 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1515 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1516 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1517 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1518 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1519 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1520
1521 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1522 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1523 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1524 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1525 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1526 user_regdate = time( NULL );
1527 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1528 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1529 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1530 user_viewemail = account -> getUserViewemail( );
1531 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1532 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1533 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1534 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1535 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1536 posts = account -> getPosts( );
1537 attachsig = account -> getAttachsig( );
1538 rank = account -> getRank( );
1539 level = account -> getLevel( );
1540 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1541 timezone_offset = account -> getTimezoneOffset( );
1542 last_login = 0;
1543 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1544 uorder = account -> getUorder( );
1545 notify_method = account -> getNotifyMethod( );
1546 notify_mode = account -> getNotifyMode( );
1547 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1548 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1549 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1550 user_mailok = account -> getUserMailok( );
1551 uid = account -> getUID( );
1552
1553 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1554 SQLINTEGER count = 0;
1555 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1556 ret = RES_OK;
1557 }else{
1558 string s( "SQLRowCount in updateAccount sql=" );
1559 s += string( sql );
1560 setLastErrorString( s.c_str( ) );
1561 ret = RES_DB_QUERY_ERROR;
1562 }
1563 }else{
1564 string s( "SQLExecute in updateAccount 1 " );
1565 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1566 setLastErrorString( s.c_str( ) );
1567 ret = RES_DB_QUERY_ERROR;
1568 }
1569 }else{
1570 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1571 ret = RES_ERROR;
1572 }
1573 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1574 hstmt = NULL;
1575 }else{
1576 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1577 ret = RES_ERROR;
1578 }
1579
1580 if( ret != RES_OK ){
1581 return ret;
1582 }
1583
1584 //xnpaccount?????若?吟???若??????????????宴??筝??吾??????
1585 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1586 string sql;
1587
1588 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1589 sql += "activate=?, ";
1590 sql += "address=?, ";
1591 sql += "division=?, ";
1592 sql += "tel=?, ";
1593 sql += "company_name=?, ";
1594 sql += "country=?, ";
1595 sql += "zipcode=?, ";
1596 sql += "fax=?, ";
1597 sql += "base_url=?, ";
1598 sql += "notice_mail=?, ";
1599 sql += "notice_mail_since=? ";
1600 sql += "WHERE uid=?";
1601
1602 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1603 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1604 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1605 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1606 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1607 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1608 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1609 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1610 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1611 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1612 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1613 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1614 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1615 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1616
1617 activate = account -> getActivate() ? 1 : 0;
1618 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1619 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1620 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1621 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1622 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1623 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1624 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1625 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1626 notice_mail = account -> getNoticeMail( );
1627 notice_mail_since = account -> getNoticeMailSince( );
1628 uid = account -> getUID( );
1629
1630 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1631 SQLINTEGER count = 0;
1632 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1633 ret = RES_OK;
1634 }else{
1635 string s( "SQLRowCount in updateAccount sql=" );
1636 s += string( sql );
1637 setLastErrorString( s.c_str( ) );
1638 ret = RES_DB_QUERY_ERROR;
1639 }
1640 }else{
1641 string s( "SQLExecute in updateAccount 2 " );
1642 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1643 setLastErrorString( s.c_str( ) );
1644 ret = RES_DB_QUERY_ERROR;
1645 }
1646 }else{
1647 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1648 ret = RES_ERROR;
1649 }
1650 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1651 }else{
1652 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1653 ret = RES_ERROR;
1654 }
1655 return ret;
1656 }
1657
1658 /**
1659 *
1660 * criteria_t?ф??絎???????膀??蚊?????若??D??菴???.
1661 * ???若??D????????腆坂????????????吾??莨若?随????????≪?????鴻??*uids???吾??莨若??.
1662 * ???????泣?ゃ?冴??*uidsLen???吾??莨若??
1663 *
1664 * @param sid ?祉???激?с??D
1665 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1666 * @param uids ???若?吟??ID?????????阪????
1667 * @param uidsLen uids???????膣??違???阪????
1668 * @return RES_OK
1669 * @return RES_DB_NOT_INITIALIZED
1670 * @return RES_NO_SUCH_SESSION
1671 * @return RES_DB_QUERY_ERROR
1672 *
1673 */
1674 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1675 {
1676 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1677 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1678
1679 #ifdef USE_SYSLOG
1680 openlog( "commonal", LOG_ODELAY, LOG_USER );
1681 #endif
1682
1683 result_t ret = RES_ERROR;
1684 userid_t* dst = 0;
1685 string sql;
1686 SQLRETURN sqlcode;
1687 SQLINTEGER count = 0;
1688
1689
1690 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1691 sql += criteria2str( cri );
1692 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1693 *uidsLen = count;
1694 dst = new userid_t[ *uidsLen ];
1695 *uids = dst;
1696 }else{
1697 return RES_ERROR;
1698 }
1699 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1700 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1701 userid_t uid;
1702 SQLINTEGER len = 0;
1703 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1704
1705 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1706 dst[ i ] = uid;
1707 }
1708
1709 #ifdef USE_SYSLOG
1710 syslog( LOG_DEBUG, "dumpUids succeed" );
1711 #endif
1712 ret = RES_OK;
1713 }else{
1714 string s( "SQLExecDirect in dumpUids " );
1715 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1716 s += "sql=";
1717 s += string( sql );
1718 setLastErrorString( s.c_str( ) );
1719 #ifdef USE_SYSLOG
1720 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1721 #endif
1722 ret = RES_DB_QUERY_ERROR;
1723 }
1724 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1725 }else{
1726 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1727 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1728 setLastErrorString( s.c_str( ) );
1729 #ifdef USE_SYSLOG
1730 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1731 #endif
1732 ret = RES_DB_QUERY_ERROR;
1733 }
1734 return ret;
1735 }
1736
1737 /**
1738 *
1739 * ?違???若???違??菴???.
1740 * 筝?罩c???祉???激?с??D????0??菴???.
1741 *
1742 * @param sid ?祉???激?с??D
1743 * @return ?違???若????/span>
1744 *
1745 */
1746 int getGroupCount( sessionid_t sid )
1747 {
1748 if( hdbc == NULL ) return 0;
1749 if( !isValidSessionID( sid ) ) return 0;
1750
1751 SQLRETURN sqlcode;
1752 SQLHANDLE hstmt = NULL;
1753 string sql;
1754 int ret = 0;
1755
1756 //?違???若???違??羆?????
1757 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1758 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1759 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1760 SQLUINTEGER count = 0;
1761 SQLINTEGER len;
1762 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1763 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1764 ret = count;
1765 }else {
1766 string s( "SQLFetch in getGroupCount sql=" );
1767 s += string( sql );
1768 setLastErrorString( s.c_str( ) );
1769 ret = 0;
1770 }
1771 }else{
1772 setLastErrorString( "SQLExecDirect in getGroupCount" );
1773 ret = 0;
1774 }
1775 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1776 }else{
1777 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1778 ret = 0;
1779 }
1780 return ret;
1781 }
1782
1783 /**
1784 *
1785 * ??絮??違???若??筝?荀у??.
1786 * ???若?吟????絮??????????違???若????D????緇?????
1787 *
1788 * @param sid ?祉???激?с??D
1789 * @param uid ???若?吟??ID
1790 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1791 * @param gids ?違???若??ID?????????阪????
1792 * @param gidsLen gids???????膣??違???阪????
1793 * @return RES_DB_NOT_INITIALIZED
1794 * @return RES_NO_SUCH_SESSION
1795 * @return RES_NO_SUCH_USER
1796 * @return RES_DB_QUERY_ERROR
1797 * @return RES_OK
1798 *
1799 */
1800 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1801 {
1802 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1803 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1804 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1805
1806 result_t ret = RES_ERROR;
1807 string sql;
1808 SQLRETURN sqlcode;
1809 SQLHANDLE hstmt = NULL;
1810 SQLINTEGER count = 0;
1811 groupid_t* dst = 0;
1812 int len = 0;
1813
1814 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1815 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1816 sql += criteria2str( cri );
1817 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1818 *gidsLen = count;
1819 dst = new groupid_t[ *gidsLen ];
1820 *gids = dst;
1821 }else{
1822 return RES_ERROR;
1823 }
1824
1825 //??絮??????違???若??????紊у???違??羆?????
1826 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1827 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1828 if( count > 0 ){
1829 SQLHANDLE hstmt2 = NULL;
1830 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1831 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1832 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1833 sql += criteria2str( cri );
1834 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1835 SQLINTEGER len;
1836 groupid_t gid = 0;
1837 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1838 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1839 dst[ i ] = gid;
1840 }
1841 ret = RES_OK;
1842 }else{
1843 string s( "SQLExecDirect in getGroupsByUid " );
1844 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1845 s += string( ", sql=" ) + string( sql );
1846 ret = RES_DB_QUERY_ERROR;
1847 }
1848 }else{
1849 string s( "SQLAllocHandle in getGroupsByUid " );
1850 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1851 ret = RES_DB_QUERY_ERROR;
1852 }
1853 }else{
1854 ret = RES_OK;
1855 }
1856 }else{
1857 string s( "SQLExecDirect in getGroupsByUid " );
1858 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1859 s += string( ", sql=" ) + string( sql );
1860 ret = RES_DB_QUERY_ERROR;
1861 }
1862 }else{
1863 string s( "SQLAllocHandle in getGroupsByUid " );
1864 setLastErrorString( s.c_str( ) );
1865 ret = RES_DB_QUERY_ERROR;
1866 }
1867 return ret;
1868 }
1869
1870 /**
1871 *
1872 * ?違???若??膊∞??罔????????.
1873 * ???若?吟?????若???????罔???????????(?違???若??膊∞?????с??????)????????????.
1874 * ???若?吟???違???若????絖????????????????医幻???翫??鐚?false??菴???.
1875 *
1876 * @param sid ?祉???激?с??D
1877 * @param gid ?違???若????ID
1878 * @param uid ???若?吟??ID
1879 * @return true 膊∞??罔???????
1880 * @return false 膊∞??罔???????鐚??障???????/span>
1881 *
1882 */
1883 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1884 {
1885 if( hdbc == NULL ) return false;
1886 if( !isValidSessionID( sid ) ) return false;
1887 if( !uidExists( uid ) ) return false;
1888 if( !gidExists( gid ) ) return false;
1889
1890 bool ret = false;
1891 string sql;
1892 SQLRETURN sqlcode;
1893 SQLINTEGER count = 0;
1894
1895 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1896 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1897 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1898 sql += " AND is_admin=1";
1899 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1900 if( count > 0 ){
1901 ret = true;
1902 }else{
1903 ret = false;
1904 }
1905 }else{
1906 ret = false;
1907 }
1908 return ret;
1909 }
1910
1911 /**
1912 *
1913 * ?違???若??ID筝?荀?
1914 * ?脂?蚊???????????違???若????D筝?荀с????緇?????.
1915 *
1916 * @param sid ?祉???激?с??D
1917 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1918 * @param gids ?違???若??ID?????????阪????
1919 * @param gidsLen gids???????膣??違???阪????
1920 * @return RES_DB_NOT_INITIALIZED
1921 * @return RES_NO_SUCH_SESSION
1922 * @return RES_DB_QUERY_ERROR
1923 * @return RES_OK
1924 *
1925 */
1926 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1927 {
1928 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1929 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1930
1931 result_t ret = RES_ERROR;
1932 groupid_t* dst = 0;
1933 string sql;
1934 SQLRETURN sqlcode;
1935 SQLINTEGER count = 0;
1936
1937 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
1938 sql += criteria2str( cri );
1939 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1940 *gidsLen = count;
1941 dst = new groupid_t[ *gidsLen ];
1942 *gids = dst;
1943 }else{
1944 return RES_ERROR;
1945 }
1946
1947 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1948 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1949 groupid_t gid;
1950 SQLINTEGER len = 0;
1951 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1952 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1953 dst[ i ] = gid;
1954 }
1955
1956 ret = RES_OK;
1957 }else{
1958 string s( "SQLExecDirect in dumpGids " );
1959 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1960 s += "sql=";
1961 s += string( sql );
1962 setLastErrorString( s.c_str( ) );
1963 ret = RES_DB_QUERY_ERROR;
1964 }
1965 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1966 }
1967 return ret;
1968 }
1969
1970 /**
1971 *
1972 * ?違???若??膊∞????ID????緇?????.
1973 * ?????違???若??????????????若??D????緇?????.
1974 *
1975 * @param sid ?祉???激?с??D
1976 * @param gid ???????????違???若????ID?ф??絎?????
1977 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1978 * @param uids 膊∞??????ID???????????????????ゃ?潟??/span>
1979 * @param uidsLen uids???????膣???/span>
1980 * @return RES_OK
1981 * @return RES_DB_NOT_INITIALIZED
1982 * @return RES_NO_SUCH_SESSION
1983 * @return RES_DB_QUERY_ERROR
1984 * @return RES_ERROR
1985 *
1986 */
1987 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
1988 {
1989 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1990 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1991
1992 result_t ret = RES_ERROR;
1993 groupid_t* dst = 0;
1994 string sql;
1995 SQLRETURN sqlcode;
1996 SQLINTEGER count = 0;
1997
1998 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1999 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
2000 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2001 *uidsLen = count;
2002 *uids = new groupid_t[ *uidsLen ];
2003 }else{
2004 return RES_ERROR;
2005 }
2006 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2007 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2008 userid_t uid;
2009 SQLINTEGER len = 0;
2010 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2011 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
2012 (*uids)[ i ] = uid;
2013 }
2014 ret = RES_OK;
2015 }else{
2016 string s( "SQLExecDirect in dumpGroupAdmins " );
2017 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2018 s += "sql=";
2019 s += string( sql );
2020 setLastErrorString( s.c_str( ) );
2021 ret = RES_DB_QUERY_ERROR;
2022 }
2023 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2024 }
2025 return ret;
2026 }
2027
2028 /**
2029 *
2030 * ?違???若????絮????若?九????
2031 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2032 * ???????????違???若???????????ゃ?с??????
2033 *
2034 * @param sid ?祉???激?с??D
2035 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2036 * @param uid ???ゅ?莟<?????若?吟??D
2037 * @return RES_DB_NOT_INITIALIZED
2038 * @return RES_NO_SUCH_SESSION
2039 * @return RES_NO_SUCH_USER
2040 * @return RES_NO_SUCH_GROUP
2041 * @return RES_DB_QUERY_ERROR
2042 * @return RES_OK
2043 * @return RES_ERROR
2044 *
2045 */
2046 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
2047 {
2048 if( gid == group_t::GID_DEFAULT ) return RES_ERROR;
2049 return deleteMemberNoLimit( sid, gid, uid );
2050 }
2051
2052 /**
2053 *
2054 * ?違???若????絮????若?九????
2055 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2056 * ???????????違???若???????????ゃ?с?????鴻??鐚?deleteMember???違????
2057 *
2058 * @param sid ?祉???激?с??D
2059 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2060 * @param uid ???ゅ?莟<?????若?吟??D
2061 * @return RES_DB_NOT_INITIALIZED
2062 * @return RES_NO_SUCH_SESSION
2063 * @return RES_NO_SUCH_USER
2064 * @return RES_NO_SUCH_GROUP
2065 * @return RES_DB_QUERY_ERROR
2066 * @return RES_OK
2067 * @return RES_ERROR
2068 *
2069 */
2070 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
2071 {
2072 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2073 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2074 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2075 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2076
2077 result_t ret = RES_ERROR;
2078 string sql;
2079 SQLRETURN sqlcode;
2080 SQLHANDLE hstmt = NULL;
2081
2082 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2083 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2084 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2085 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2086 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2087 SQLINTEGER count = 0;
2088 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2089 ret = RES_OK;
2090 }else{
2091 string s( "SQLRowCount in deleteMember" );
2092 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2093 s += string( ", sql=" ) + string( sql );
2094 setLastErrorString( s.c_str( ) );
2095 ret = RES_NO_SUCH_USER;
2096 }
2097 }else{
2098 string s( "SQLExecDirect in deleteMember" );
2099 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2100 s += ", sql=";
2101 s += string( sql );
2102 setLastErrorString( s.c_str( ) );
2103 ret = RES_DB_QUERY_ERROR;
2104 }
2105 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2106 }else{
2107 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
2108 ret = RES_ERROR;
2109 }
2110 return ret;
2111 }
2112
2113 /**
2114 *
2115 * ?違???若????絮????若?区申??.
2116 * ?違???若?????<?潟???若?????若?吟??菴遵??????.
2117 *
2118 * @param sid ?祉???激?с??D
2119 * @param gid ??絮????違???若????D
2120 * @param uid ??絮??????????若?吟??D
2121 * @param admin 膊∞????罔?????筝?????????true
2122 * @return RES_OK
2123 * @return RES_DB_NOT_INITIALIZED
2124 * @return RES_NO_SUCH_SESSION
2125 * @return RES_NO_SUCH_USER
2126 * @return RES_NO_SUCH_GROUP
2127 * @return RES_DB_QUERY_ERROR
2128 *
2129 */
2130 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
2131 {
2132 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2133 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2134 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2135 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2136
2137 result_t ret = RES_ERROR;
2138 string sql;
2139 SQLRETURN sqlcode;
2140
2141 //?<?潟???若??菴遵??
2142 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2143 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
2144 sql += string( unsignedIntToString( gid ) ) + ", ";
2145 sql += string( unsignedIntToString( uid ) ) + ", ";
2146 sql += string( admin ? "1" : "0" ) + ") ";
2147 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2148 SQLINTEGER count = 0;
2149 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2150 ret = RES_OK;
2151 }else{
2152 string s( "SQLRowCount in insertMember " );
2153 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2154 s += string( ", sql=" ) + string( sql );
2155 setLastErrorString( s.c_str( ) );
2156 ret = RES_DB_QUERY_ERROR;
2157 }
2158 }else{
2159 string s( "SQLExecDirect in insertMember " );
2160 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2161 s += string( ", sql=" ) + string( sql );
2162 setLastErrorString( s.c_str( ) );
2163 ret = RES_DB_QUERY_ERROR;
2164 }
2165 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2166 }else{
2167 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
2168 ret = RES_DB_QUERY_ERROR;
2169 }
2170 return ret;
2171 }
2172
2173 /**
2174 *
2175 * ?違???若????絮????若?九??.
2176 * ?????違???若??????絮????????????若?吟?????若??D????緇?????
2177 *
2178 * @param sid ?祉???激?с??D
2179 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2180 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2181 * @param uids ??絮????若?吟??ID???????????????????ゃ?潟??/span>
2182 * @param uidsLen uids???????膣???/span>
2183 * @return RES_OK
2184 * @return RES_DB_NOT_INITIALIZED
2185 * @return RES_NO_SUCH_SESSION
2186 * @return RES_NO_SUCH_GROUP
2187 * @return RES_DB_QUERY_ERROR
2188 * @return RES_ERROR
2189 *
2190 */
2191 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2192 {
2193 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2194 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2195 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2196
2197 result_t ret = RES_ERROR;
2198 string sql;
2199 SQLRETURN sqlcode;
2200 SQLHANDLE hstmt = NULL;
2201 userid_t* dst = 0;
2202
2203 //how many members ?
2204 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2205 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2206 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2207 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2208 SQLUINTEGER count = 0;
2209 SQLINTEGER len;
2210 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
2211 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2212 dst = new userid_t[ count ];
2213 *uids = dst;
2214 *uidsLen = count;
2215 if( count > 0 ){
2216 //retrive member's IDs
2217 SQLHANDLE hstmt2 = NULL;
2218 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2219 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2220 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2221 sql += " " + string( criteria2str( cri ) );
2222 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2223 SQLUINTEGER uid = 0;
2224 SQLINTEGER len;
2225 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2226 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2227 dst[ i ] = uid;
2228 }
2229 ret = RES_OK;
2230 }else{
2231 setLastErrorString( "SQLExecDirect in getMembers" );
2232 ret = RES_DB_QUERY_ERROR;
2233 }
2234 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2235 }else{
2236 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2237 ret = RES_DB_QUERY_ERROR;
2238 }
2239 }else{
2240 ret = RES_OK;
2241 }
2242 }else{
2243 string s( "SQLFetch in getMembers sql=" );
2244 s += string( sql );
2245 setLastErrorString( s.c_str( ) );
2246 ret = RES_DB_QUERY_ERROR;
2247 }
2248 }else{
2249 setLastErrorString( "SQLExecDirect in getMembers" );
2250 ret = RES_DB_QUERY_ERROR;
2251 }
2252 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2253 }else{
2254 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2255 ret = RES_DB_QUERY_ERROR;
2256 }
2257 return ret;
2258 }
2259
2260 /**
2261 *
2262 * ?違???若????????
2263 * ???若?帥???若?鴻?????違???若???????ゃ???障??.
2264 *
2265 * @param sid ?祉???激?с??D
2266 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2267 * @return RES_OK
2268 * @return RES_DB_QUERY_ERROR
2269 * @return RES_NO_SUCH_SESSION
2270 * @return RES_DB_NOT_INITIALIZED
2271 *
2272 */
2273 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2274 {
2275 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2276 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2277
2278 result_t ret = RES_ERROR;
2279 string sql;
2280 SQLRETURN sqlcode;
2281 SQLHANDLE hstmt = NULL;
2282
2283 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2284 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2285 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2286 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2287 SQLINTEGER count = 0;
2288 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2289 ret = RES_OK;
2290 }else{
2291 string s( "SQLRowCount in deleteGroup" );
2292 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2293 s += string( ", sql=" ) + string( sql );
2294 setLastErrorString( s.c_str( ) );
2295 ret = RES_NO_SUCH_USER;
2296 }
2297 }else{
2298 string s( "SQLExecDirect in deleteGroup" );
2299 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2300 s += ", sql=";
2301 s += string( sql );
2302 setLastErrorString( s.c_str( ) );
2303 ret = RES_DB_QUERY_ERROR;
2304 }
2305 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2306 }else{
2307 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2308 ret = RES_ERROR;
2309 }
2310 return ret;
2311 }
2312
2313 /**
2314 *
2315 * ?違???若???脂??
2316 * ?違???若???????宴?????若?帥???若?鴻????蚊????鐚?/span>
2317 * ?脂?蚊?????違???若?????綽??????違???若??ID??gid???主?????鐚?/span>
2318 *
2319 * @param sid ?祉???激?с??D
2320 * @param group ?脂?蚊???????違???若????????/span>
2321 * @param gid ?脂?蚊?????違???若?????綽??????違???若??ID
2322 * @return RES_OK
2323 * @return RES_DB_NOT_INITIALIZED
2324 * @return RES_NO_SUCH_SESSION
2325 * @return RES_DB_QUERY_ERROR
2326 *
2327 */
2328 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2329 {
2330 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2331 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2332
2333 result_t ret = RES_ERROR;
2334 string sql;
2335 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2336 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2337 SQLRETURN sqlcode;
2338
2339 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2340 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2341 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2342 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2343 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2344 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2345 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2346 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2347 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2348 SQLINTEGER count = 0;
2349 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2350 //?違???若??ID????緇?????
2351 SQLHANDLE hstmt2 = NULL;
2352 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2353 sql = "SELECT LAST_INSERT_ID()"; // MySQL
2354 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
2355 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2356 SQLUINTEGER last_insert_id;
2357 SQLINTEGER len;
2358 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
2359 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
2360 *gid = last_insert_id;
2361 ret = RES_OK;
2362 }else{
2363 ret = RES_DB_QUERY_ERROR;
2364 string s( "SQLFetch in insertGroup " );
2365 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2366 setLastErrorString( s.c_str( ) );
2367 }
2368 }else{
2369 string s( "SQLExecDirect in insertGroup " );
2370 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2371 setLastErrorString( s.c_str( ) );
2372 ret = RES_DB_QUERY_ERROR;
2373 }
2374 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2375 }
2376 }else{
2377 string s( "SQLRowCount in insertGroup sql=" );
2378 s += string( sql );
2379 setLastErrorString( s.c_str( ) );
2380 ret = RES_DB_QUERY_ERROR;
2381 }
2382 }else{
2383 string s( "SQLExecute in insertGroup " );
2384 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2385 setLastErrorString( s.c_str( ) );
2386 ret = RES_DB_QUERY_ERROR;
2387 }
2388 }else{
2389 string s( "SQLPrepare in insertGroup " );
2390 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2391 setLastErrorString( s.c_str( ) );
2392 ret = RES_ERROR;
2393 }
2394 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2395 }else{
2396 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2397 ret = RES_ERROR;
2398 }
2399
2400 //
2401 if ( ret == RES_OK ){
2402 //group index??篏???
2403
2404 //group index????ort_num????
2405 string sql = "SELECT MAX(sort_number) FROM " +
2406 dbprefix + "_xnpaccount_index WHERE parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
2407 " AND (open_level=" + unsignedIntToString(index::OL_GROUP_ONLY) +
2408 " OR open_level=" + unsignedIntToString(index::OL_PUBLIC) + ")";
2409 unsigned int sortNumber;
2410 ret = queryGetUnsignedInt( "insertGroup", sql, &sortNumber );
2411 sortNumber++;
2412 if ( ret == RES_OK ){
2413 // group index篏???
2414 index_t index;
2415 userid_t uid;
2416 ret = sessionID2UID( sid, &uid );
2417 if ( ret == RES_OK ){
2418 index.setItemTypeID(item::ITID_INDEX);
2419 index.setContributorUID(uid);
2420 index.setParentIndexID(item::IID_ROOT);
2421 index.setOwnerGID(*gid);
2422 index.setOpenLevel(index::OL_GROUP_ONLY);
2423 index.setSortNumber(sortNumber);
2424 index.setTitle(group->getGname());
2425 indexid_t groupXID;
2426 ret = insertIndexInternal( sid, &index, &groupXID );
2427 if ( ret == RES_OK ){
2428 // xnpaccuont_groups??roup_index_id???吾??????
2429 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET group_index_id="
2430 + unsignedIntToString(groupXID) + " WHERE gid=" + unsignedIntToString(*gid);
2431 ret = querySimple( "insertGroup", sql );
2432 }
2433 }
2434 }
2435 }
2436
2437 return ret;
2438 }
2439
2440 /**
2441 *
2442 * ?違???若?????宴??紊??眼????
2443 *
2444 * @param sid ?祉???激?с??D
2445 * @param group ?違?????違???若??????/span>
2446 * @return RES_OK
2447 * @return RES_ERROR
2448 * @return RES_DB_NOT_INITIALIZED
2449 * @return RES_NO_SUCH_SESSION
2450 * @return RES_NO_SUCH_GROUP
2451 * @return RES_DB_QUERY_ERROR
2452 *
2453 */
2454 result_t updateGroup( sessionid_t sid, const group_t* group )
2455 {
2456 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2457 if( group == NULL ) return RES_ERROR;
2458 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2459 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2460
2461 result_t ret = RES_ERROR;
2462 string sql;
2463 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2464 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2465 SQLRETURN sqlcode;
2466
2467 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2468 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2469 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2470 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2471 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2472 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2473 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2474 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2475 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2476 SQLINTEGER count = 0;
2477 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2478 ret = RES_OK;
2479 }else{
2480 string s( "SQLRowCount in updateGroup sql=" );
2481 s += string( sql );
2482 setLastErrorString( s.c_str( ) );
2483 ret = RES_DB_QUERY_ERROR;
2484 }
2485 }else{
2486 string s( "SQLExecute in updateGroup " );
2487 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2488 setLastErrorString( s.c_str( ) );
2489 ret = RES_DB_QUERY_ERROR;
2490 }
2491 }else{
2492 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2493 ret = RES_ERROR;
2494 }
2495 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2496 }else{
2497 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2498 ret = RES_ERROR;
2499 }
2500 return RES_OK;
2501 }
2502
2503 /**
2504 *
2505 * ?違???若?????怨??
2506 *
2507 * @param sid ?祉???激?с??D
2508 * @param gid ??緇????????違???若????ID
2509 * @param group ??緇??????違???若?????宴???≪?????鴻???吾??莨若?????ゃ?潟??/span>
2510 * @return RES_OK
2511 * @return RES_DB_NOT_INITIALIZED
2512 * @return RES_NO_SUCH_SESSION
2513 * @return RES_NO_SUCH_GROUP
2514 * @return RES_DB_QUERY_ERROR
2515 *
2516 */
2517 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2518 {
2519 int len;
2520 static criteria c;
2521 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2522 if( len == 0 ) return RES_NO_SUCH_GROUP;
2523 return res;
2524 }
2525
2526 /**
2527 *
2528 * 茲??違???違???若?????宴??筝?綺?????????.
2529 *
2530 * @param sid ?祉???激?с??D
2531 * @param gids ??緇????????違???若????ID??????
2532 * @param gidsLen gids???????膣???/span>
2533 * @param cri 腟???????膀??駕??純?若???>散????絎?
2534 * @param groups ??緇?腟??????違???若?????宴?????????≪?????鴻???吾??莨若?????ゃ?潟??/span>
2535 * @param groupsLen ??緇?腟????????????膣???/span>
2536 * @return RES_OK
2537 * @return RES_DB_NOT_INITIALIZED
2538 * @return RES_NO_SUCH_SESSION
2539 * @return RES_DB_QUERY_ERROR
2540 *
2541 */
2542 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2543 {
2544 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2545 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2546
2547 #ifdef USE_SYSLOG
2548 openlog( "commonal", LOG_ODELAY, LOG_USER );
2549 #endif
2550
2551 SQLRETURN sqlcode;
2552 SQLHANDLE hstmt = NULL;
2553 result_t ret = RES_ERROR;
2554 string sql;
2555 group_t* dst = new group_t[ gidsLen ];
2556
2557 sql += "SELECT gid, gname, gdesc, group_index_id ";
2558 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2559 if( gidsLen > 0 ){
2560 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2561 for( int i = 1; i < gidsLen; i++ ){
2562 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2563 }
2564 }
2565 sql += criteria2str( cri );
2566
2567 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2568 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2569 SQLINTEGER len;
2570 groupid_t gid = 0;
2571 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2572 *groupsLen=0;
2573 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2574 dst[ i ].setGID( gid );
2575 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2576 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2577 dst[ i ].setGroupIndexID( atoi(getResultCol( hstmt, 4 ).c_str()) );
2578 ( *groupsLen )++;
2579 }
2580 *groups = dst;
2581 #ifdef USE_SYSLOG
2582 syslog( LOG_DEBUG, "getGroups succeed" );
2583 #endif
2584 ret = RES_OK;
2585 }else{
2586 string s( "SQLExecDirect in getGroups" );
2587 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2588 s += string( ", sql=" ) + string( sql );
2589 setLastErrorString( s.c_str( ) );
2590 #ifdef USE_SYSLOG
2591 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2592 #endif
2593 ret = RES_DB_QUERY_ERROR;
2594 }
2595 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2596 }else{
2597 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2598 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2599 setLastErrorString( s.c_str( ) );
2600 #ifdef USE_SYSLOG
2601 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2602 #endif
2603 ret = RES_DB_QUERY_ERROR;
2604 }
2605 #ifdef USE_SYSLOG
2606 closelog( );
2607 #endif
2608 return ret;
2609 }
2610
2611 /**
2612 *
2613 * ?≪?????若?炊┤???????<??菴???
2614 *
2615 * @param sid ?祉???激?с??D
2616 * @param uid ???????????????若?吟??ID
2617 * @return true 罔???????
2618 * @return false 罔???????
2619 *
2620 */
2621 bool isModerator( sessionid_t sid, userid_t uid )
2622 {
2623 if( hdbc == NULL ) return false;
2624 if( !isValidSessionID( sid ) ) return false;
2625 if( !uidExists( uid ) ) return false;
2626
2627 bool ret = false;
2628 SQLRETURN sqlcode;
2629 SQLHANDLE hstmt = NULL;
2630 SQLINTEGER count = 0;
2631 string sql;
2632 groupid_t moderator_gid;
2633
2634 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2635 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2636 sql += " WHERE name='moderator_gid'";
2637 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2638 SQLINTEGER len = 0;
2639 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2640 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2641 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2642 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2643 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2644 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2645 if( count > 0 ){
2646 ret = true;
2647 }
2648 }
2649 }else{
2650 setLastErrorString( "SQLFetch in isModerator " );
2651 }
2652 }else{
2653 string s( "SQLExecDirect in isModerator " );
2654 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2655 s += ", sql=";
2656 s += string( sql );
2657 setLastErrorString( s.c_str( ) );
2658 }
2659 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2660 }else{
2661 setLastErrorString( "SQLAllocHandle in isModerator " );
2662 }
2663 return ret;
2664 }
2665
2666 /**
2667 *
2668 * ???若??D??緇?
2669 *
2670 * @param uname ID????緇??????????若?吟?弱??
2671 * @param uid ID??篁e?ャ??????紊??違?????ゃ?潟??/span>
2672 * @return RES_ERROR
2673 * @return RES_OK
2674 * @refer result_t
2675 *
2676 */
2677 result_t getUid( const char* uname, userid_t* uid )
2678 {
2679 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2680 if( uname == NULL ) return RES_ERROR;
2681
2682 result_t ret = RES_ERROR;
2683 SQLRETURN sqlcode;
2684 SQLHANDLE hstmt = NULL;
2685 string sql;
2686 string uname2 = addSlashes( uname );
2687
2688 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2689 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2690 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2691 userid_t _uid = 0;
2692 SQLINTEGER len;
2693 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2694 sqlcode = SQLFetch( hstmt );
2695 if( sqlcode == SQL_SUCCESS ){
2696 *uid = _uid;
2697 ret = RES_OK;
2698 }else {
2699 string s( "SQLFetch in getUid sql=" );
2700 s += string( sql );
2701 setLastErrorString( s.c_str( ) );
2702 ret = RES_NO_SUCH_USER;
2703 }
2704 }else{
2705 setLastErrorString( "SQLExecDirect in getUid" );
2706 ret = RES_DB_QUERY_ERROR;
2707 }
2708 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2709 }else{
2710 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2711 ret = RES_DB_QUERY_ERROR;
2712 }
2713
2714 return ret;
2715 }
2716
2717 /**
2718 *
2719 * ?祉???激?с?潟??篏?????xoops_xnpaccount_session???吾??莨若???? sessionid_t??session???????
2720 *
2721 * @param uid xoops_users??id
2722 * @param session sessionid_t???????????????????ゃ?潟?帥??
2723 * @return RES_OK ????
2724 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2725 */
2726 static result_t addSession( userid_t uid, sessionid_t* session )
2727 {
2728 char *functionName = "addSession";
2729 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2730 unsignedIntToString(uid) + ")";
2731 result_t ret = querySimple( functionName, sql );
2732 if ( ret == RES_OK ){
2733 sql = "SELECT LAST_INSERT_ID()";
2734 ret = queryGetUnsignedInt( functionName, sql, (unsigned int*)session );
2735 }
2736 return ret;
2737 }
2738
2739
2740 /**
2741 *
2742 * ???違?ゃ?活?荐若???祉???激?с?割???
2743 *
2744 * @param uname ???違?ゃ?喝??
2745 * @param passwd ???鴻???若??
2746 * @param session sessionid_t???????????????????ゃ?潟?帥??
2747 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????<br>
2748 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻<br>
2749 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2750 *
2751 */
2752 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2753 {
2754 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2755
2756 result_t ret;
2757 string sql;
2758 SQLRETURN sqlcode;
2759
2760 // uname, passwd -> uid
2761 string escUname = addSlashes( uname );
2762 string escPasswd = addSlashes( passwd );
2763 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2764
2765 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2766 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2767 userid_t uid = 0;
2768 SQLINTEGER len;
2769 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2770 sqlcode = SQLFetch( hstmt );
2771 if( sqlcode == SQL_SUCCESS ){
2772 ret = addSession( uid, session );
2773 }else {
2774 string s( "SQLFetch in loginUser" );
2775 setLastErrorString( s.c_str( ) );
2776 ret = RES_LOGIN_FAILURE;//illegal loginname or password
2777 }
2778 }else{
2779 setLastErrorString( "SQLExecDirect in loginUser" );
2780 ret = RES_DB_QUERY_ERROR;
2781 }
2782 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2783 }else{
2784 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in loginUser" );
2785 ret = RES_DB_QUERY_ERROR;
2786 }
2787
2788 return ret;
2789 }
2790
2791 /**
2792 *
2793 * ???違?≪???????祉???激?с?括?篋?
2794 *
2795 * @param sid session id
2796 * @return ????
2797 *
2798 */
2799 void logoutUser( sessionid_t sid )
2800 {
2801 if( hdbc == NULL ) return; // RES_DB_NOT_INITIALIZED;
2802
2803 result_t ret;
2804 string sql;
2805 SQLRETURN sqlcode;
2806 SQLHANDLE hstmt = NULL;
2807
2808 sql = "DELETE FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + intToString((int)sid);
2809 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2810 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2811 ;
2812 }
2813 else {
2814 setLastErrorString( "SQLExecDirect in logoutUser" );
2815 }
2816 }
2817 else {
2818 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in logoutUser" );
2819 }
2820 }
2821
2822 /**
2823 *
2824 * ?祉???激?с?潟?????.<br>
2825 * XOOPS??ession???若????????蚊??????sess_id?????ess_id??膈??????
2826 * uid??Platform???若?吟??????ctivate????????????essionid_t??篏?????????
2827 * ???若?帥???若?鴻???祉???激?с?潟????違?????宴??荐??蚊????
2828 *
2829 * @param sessionid xoops??ession_id
2830 * @param uid xoops_users??id
2831 * @param session sessionid_t???????????????????ゃ?潟?帥??
2832 * @return RES_OK
2833 * @return RES_ERROR
2834 * @return RES_DB_QUERY_ERROR
2835 * @return RES_NO_SUCH_USER
2836 *
2837 */
2838 result_t createSession( const char* sess_id, userid_t uid, sessionid_t* session )
2839 {
2840 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2841
2842 result_t ret;
2843 string sql;
2844 SQLHANDLE hstmt = NULL;
2845 SQLRETURN sqlcode;
2846
2847 sql = "SELECT count(*) from " + dbprefix + "_xnpaccount_users where uid=" + unsignedIntToString( uid ) + " and activate=1";
2848 unsigned int count;
2849 ret = queryGetUnsignedInt( "createSession", sql, &count );
2850 if ( ret != RES_OK )
2851 return ret;
2852 if ( count = 0 )
2853 return RES_NO_SUCH_USER; // bad uid or activate=0
2854
2855 string escSess_id = addSlashes(sess_id);
2856 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2857 sql = "SELECT sess_id from " + dbprefix + "_session where sess_id=?";