Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.42 - (show annotations) (download) (as text)
Wed Jan 19 00:51:29 2005 UTC (19 years, 2 months ago) by aga
Branch: MAIN
Changes since 1.41: +10 -5 lines
File MIME type: text/x-c++src 
・insertIndexでx_xnpaccount_index.index_idがおかしいのを修正.
1 /*
2 *
3 * $Revision: 1.41 $
4 * $Log: commonal.cc,v $
5 * Revision 1.41 2005/01/19 00:06:51 aga
6 * ??pdateIndex?с??????????????綣???????????????腥冴?с?????????????若??????.
7 * ??reateSession?с??uid??Platform???若?吟?с??????activate?????????????????????若??????.
8 *
9 * Revision 1.40 2005/01/17 00:15:05 aga
10 * ??eleteIndex, updateIndex??け????????????????????篆??.
11 *
12 * Revision 1.39 2005/01/15 05:38:10 youi
13 * insertAccount: ??絖??????????<???泣?ゃ?肴??眼????
14 * updateAccount: ??絖??????????<???泣?ゃ?肴??眼????
15 * ?≪?ゃ????膊∞???∽?違??絎?臂?????.
16 * insertItem, getItem, getItems, dumpItemID, updateItem, deleteItem????
17 * freeGID, freeUID: 綣??違??????篆??.
18 *
19 * Revision 1.38 2005/01/15 00:39:16 aga
20 * ??_xnpaccount_item_basic???????紊???
21 *
22 * Revision 1.37 2005/01/14 10:36:59 aga
23 * ??ndex?≫?????????菴遵??.
24 * ??nsertAccount??rivate index??篏???????????篆??.
25 * ??nsertGroup??roup index ??篏???????????篆??.
26 *
27 * Revision 1.36 2005/01/13 04:19:22 aga
28 * ??P??XNP?????.
29 *
30 * Revision 1.35 2005/01/06 07:20:17 youi
31 * WIN32絎?臂??????ゃ?潟?????若????申??.
32 * MySQL API???≪?????????????<?ゃ????????
33 * deleteAccount: ??絮?????Platform?違???若???????????ゃ?????泣????.
34 * insertAccount: ???若?句?脂?蚊??????????????????Platform?違???若???悟?脂?蚊????.
35 * deleteMember: ??????????Platform?違???若???????????ゃ??胼?罩≪????.
36 * deleteMemberNoLimit???臂?
37 *
38 * Revision 1.34 2004/12/28 04:38:14 aga
39 * ??ogoutUser()??信罩?
40 *
41 * Revision 1.33 2004/12/27 05:56:23 youi
42 * odbcDiagString: STMT篁ュ?????潟??????????????????????眼????.
43 * syslog?<???祉?若?吾????????菴遵??????.
44 *
45 * Revision 1.32 2004/12/25 09:46:47 youi
46 * MySQL+MyODBC?у??篏???????????信罩c????.
47 *
48 * Revision 1.31 2004/12/21 11:42:59 youi
49 * ?潟?<?潟??????逸??祉???ゃ???????????菴遵??.
50 *
51 * Revision 1.30 2004/12/18 10:24:54 youi
52 * IMPORT_MYSQLDLL??絎?臂?????????鐚?MYSQL??LL?????????潟?????????????帥?ゃ??絎h???
53 * ???鴻????????????信罩c????.
54 *
55 * Revision 1.29 2004/12/18 01:12:29 youi
56 * freeResult???∽?医????free<???若?水??>????眼????.
57 *
58 * Revision 1.28 2004/12/14 12:02:08 youi
59 * __WIN__??絎?臂???????????indows??ll篏??????荀?????????茵?????.
60 * USE_SYSLOG??絎?臂???????????yslogd?吾?<???祉?若?吾???阪??????.
61 * getAccounts: uidsLen??0??????????????菴遵??????.
62 *
63 * Revision 1.27 2004/12/06 11:34:47 aga
64 * ??ninitializeDB()??菴遵??.
65 *
66 * Revision 1.26 2004/12/06 10:17:36 youi
67 * mysql_use_result????腟?????罧??????????冴??????鐚?
68 * while( row = mysql_fetch_row(result) );???水?ワ?
69 *
70 * Revision 1.25 2004/12/06 07:24:33 youi
71 * insertAccount, insertGroup:
72 * ?域?菴遵?????????宴???綽????????若??D鐚??違???若??ID??膃??綣??違???吾??莨若??.
73 *
74 * Revision 1.24 2004/12/06 01:45:50 aga
75 * ?祉?潟?<?潟???ゃ??.
76 * ?脂???上???篆??.
77 *
78 * Revision 1.23 2004/12/04 09:21:10 aga
79 * ??np_config ?? xnpaccount_config.
80 *
81 * Revision 1.22 2004/12/03 07:17:21 youi
82 * isModerator?с?≪???祉?鴻???????若?帥???若?鴻???若????????篆??.
83 *
84 * Revision 1.21 2004/12/01 10:28:58 youi
85 * DB????????????眼??軸??篆??
86 * institute -> division
87 * organizaion -> company_name
88 *
89 * Revision 1.20 2004/12/01 04:37:04 youi
90 * freeResult: unsigned int* ?? int* ?娯信罩?
91 * ?潟?<?潟???????∽?違???????菴処?.
92 *
93 * Revision 1.19 2004/11/30 06:40:11 youi
94 * ?∽?違??菴遵??(gidExists, uidExists)
95 * getGroupCount??絎?臂?
96 * getGroupsByUid??絎?臂?
97 * isGroupAdmin??篆??.
98 * dumpGroupAdmins??絎?臂?
99 * deleteMember??絎?臂?
100 * insertMember??絎?臂?
101 * getMembers??絎?臂?
102 * isModerator??絎?臂?
103 *
104 * Revision 1.18 2004/11/30 05:46:32 aga
105 * ??ession????remoteHost??????
106 *
107 * Revision 1.17 2004/11/27 09:35:49 youi
108 * isActivated??絎?臂?
109 * activate??絎?臂?
110 * dumpUid??絎?臂?
111 *
112 * Revision 1.16 2004/11/27 06:29:29 youi
113 * getAccountCount??絎?臂?
114 * dumpGids??絎?臂?
115 * insertGroup, deleteGroup, updateGroup??絎?臂?
116 * getGroup, getGroups??絎?臂?
117 * ???若?帥???若?劫?????????弱?冴?????鐚?RES_DB_NOT_INITIALIZED??菴????????????∽?違??申??
118 * (???綽????∽?違??罧??c??????)
119 *
120 * Revision 1.15 2004/11/27 02:22:22 aga
121 * ??nitializeDB????ddSlashes()???若?吟???純?<??????篆??.
122 *
123 * Revision 1.14 2004/11/27 01:07:31 youi
124 * criteria2str: LIMIT??RDER BY?????????ャ???帥????.
125 *
126 * Revision 1.13 2004/11/27 00:35:39 youi
127 * getAccounts??絎?臂?
128 * getAccount??篆??鐚???????etAccounts???若?喝?冴??.
129 * criteria2str??絎?臂?
130 *
131 * Revision 1.12 2004/11/26 09:45:28 youi
132 * getAccount??絎?臂?
133 *
134 * Revision 1.11 2004/11/26 08:16:26 aga
135 * ??etSession, loginUser, createSession, freeResult(const session_t*) 篆??.
136 *
137 * Revision 1.10 2004/11/26 07:57:42 youi
138 * updateAccount, deleteAccount??絎?臂?
139 * mysql_query紊掩??????tderr?吾?????若?潟?若?????????若?<???祉?若?吾???阪??.
140 *
141 * Revision 1.9 2004/11/26 07:38:02 aga
142 * ??AILUE -> FAILURE.
143 *
144 * Revision 1.8 2004/11/26 06:36:55 aga
145 * ??reateSession, getSession ??篏???.
146 *
147 * Revision 1.7 2004/11/26 04:51:47 youi
148 * dbprefix??絎?臂?????.
149 * insertAccount??絎?臂?????.
150 * isValidSessionID??絎?臂?????.
151 *
152 * Revision 1.6 2004/11/26 04:35:55 aga
153 * ??oginUser(), logoutUser()??篏???.
154 *
155 * Revision 1.5 2004/11/26 01:08:25 aga
156 * ??ddSlashes()篏???.
157 *
158 * Revision 1.4 2004/11/25 12:14:29 youi
159 * getUid????????絎?臂?????.
160 *
161 * Revision 1.3 2004/11/25 11:13:59 youi
162 * getLastErrorString/setLastErrorString??絎?臂?
163 *
164 * Revision 1.2 2004/11/25 08:55:19 youi
165 * 綣??違??????篆??.
166 * freeResult??菴遵??.
167 *
168 * Revision 1.1 2004/11/25 05:14:58 youi
169 * initial version
170 *
171 *
172 */
173 #ifdef WIN32
174 #include <windows.h>
175 #endif
176
177 #ifdef USE_SYSLOG
178 #include <syslog.h>
179 #endif
180
181 #include <stdio.h>
182 #include <stdlib.h>
183 #include <string.h>
184 #include <string>
185 #include <assert.h>
186 #include <sql.h>
187 #include <sqlext.h>
188 using namespace std;
189
190 #include "common.h"
191 #include "account.h"
192 #include "group.h"
193 #include "session.h"
194 #include "item.h"
195 #include "itemtype.h"
196 #include "criteria.h"
197 #include "commonal.h"
198 #include "item.h"
199 #include "index.h"
200
201 static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX
202
203 static SQLHANDLE henv = NULL;
204 static SQLHANDLE hdbc = NULL;
205 static SQLHANDLE hstmt = NULL;
206
207 static result_t insertIndexInternal( sessionid_t sid, index_t *index, indexid_t *xid );
208
209 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
210 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
211
212 static result_t countResultRows( const char* sql, SQLINTEGER* count )
213 {
214 result_t ret = RES_ERROR;
215 SQLRETURN sqlcode;
216 SQLHANDLE hstmt = NULL;
217 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
218 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
219 *count = 0;
220 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
221 ret = RES_OK;
222 }else{
223 string s( "SQLExecDirect in countResultRows " );
224 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
225 s += "sql=";
226 s += string( sql );
227 setLastErrorString( s.c_str( ) );
228 ret = RES_DB_QUERY_ERROR;
229 }
230 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
231 }
232 return ret;
233 }
234
235 /**
236 *
237 * ?祉???激?с?潟???綽?篁????????????若??D??緇???
238 *
239 * @param sid ?祉???激?с??D
240 * @param uid ???若??D?????????????ゃ?潟?水???/span>
241 * @return RES_OK
242 * @return RES_ERROR
243 *
244 */
245 static result_t getUIDFromSession( sessionid_t sid, userid_t* uid )
246 {
247 const session_t* session;
248 if( getSession( sid, &session ) == RES_OK ){
249 *uid = session -> getUID( );
250 freeSession( session );
251 return RES_OK;
252 }
253 return RES_ERROR;
254 }
255
256 /**
257 *
258 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚?Platform???若?吟??????ctivate??
259 * ????????????菴???
260 *
261 * @param sid ?祉???激?с??D
262 * @return true Activate??????????
263 * @return false Activate??????????鐚??障??????????/span>
264 *
265 */
266 static bool isActivatedBySession( sessionid_t sid )
267 {
268 const session_t* session;
269 if( getSession( sid, &session ) == RES_OK ){
270 userid_t sess_uid = session -> getUID( );
271 freeSession( session );
272 return isActivated( sid, sess_uid );
273 }
274 return false;
275 }
276
277 /**
278 *
279 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚??≪?????若?帥?с??????鐚?
280 *
281 *
282 * @param sid ?祉???激?с??D
283 * @return true ?≪?????若??/span>
284 * @return false ?≪?????若?帥?с????鐚??障??????????/span>
285 *
286 */
287 static bool isModeratorBySession( sessionid_t sid )
288 {
289 const session_t* session;
290 if( getSession( sid, &session ) == RES_OK ){
291 userid_t sess_uid = session -> getUID( );
292 freeSession( session );
293 return isModerator( sid, sess_uid );
294 }
295 return false;
296 }
297
298 /** SQL??絎?茵???????腟?????????????
299 * @param sql sql
300 * @return result_t
301 */
302 static result_t querySimple( const char *functionName, string &sql ){
303 result_t ret = RES_ERROR;
304 SQLRETURN sqlcode;
305 SQLHANDLE hstmt = NULL;
306 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
307 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
308 ret = RES_OK;
309 }else{
310 string s( "SQLExecDirect in querySimple " );
311 s += functionName;
312 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
313 s += "sql=";
314 s += sql;
315 setLastErrorString( s.c_str( ) );
316 ret = RES_DB_QUERY_ERROR;
317 }
318 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
319 }
320 else {
321 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in querySimple " );
322 ret = RES_ERROR;
323 }
324 return ret;
325 }
326
327 /** SQL??絎?茵?????1茵????????????贋?医??NULL????0???帥????)???水?????????
328 * @param sql sql
329 * @param u ?贋?医?ゃ??????????紊??違??
330 * @return result_t
331 */
332 static result_t queryGetUnsignedInt( const char *functionName, string &sql, unsigned int *u ){
333 result_t ret = RES_ERROR;
334 SQLRETURN sqlcode;
335 SQLHANDLE hstmt = NULL;
336 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
337 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
338 SQLUINTEGER sInt = 0;
339 SQLINTEGER len;
340 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sInt, 0, &len );
341 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
342 if ( len == SQL_NULL_DATA )
343 sInt = 0;
344 *u = sInt;
345 ret = RES_OK;
346 }else{
347 string s( "SQLFetch in queryGetUnsignedInt " );
348 s += functionName;
349 setLastErrorString( s.c_str( ) );
350 ret = RES_ERROR;
351 }
352 }else{
353 string s( "SQLExecDirect in queryGetUnsignedInt " );
354 s += functionName;
355 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
356 s += "sql=";
357 s += sql;
358 setLastErrorString( s.c_str( ) );
359 ret = RES_DB_QUERY_ERROR;
360 }
361 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
362 }
363 else {
364 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in queryGetUnsignedInt " );
365 ret = RES_ERROR;
366 }
367 return ret;
368 }
369
370 /** sid????uid??緇?????
371 * @param sid session id
372 * @param uid uid??????????紊???/span>
373 * @return
374 */
375 static result_t sessionID2UID( sessionid_t sid, userid_t *uid ){
376 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
377
378 SQLRETURN sqlcode;
379 SQLHANDLE hstmt = NULL;
380
381 string sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString(sid);
382 return queryGetUnsignedInt( "sessionID2UID", sql, (unsigned int*)uid );
383 }
384
385 /**
386 *
387 * ??絖????潟???種?
388 * ??絎???絖??違???潟???若??鐚????????<????緇???NULL腟?腴?????鐚?/span>
389 * ( dst???泣?ゃ? >= len + 1 )?с????????/span>
390 *
391 */
392 static char* strncpy2( char* dst, const char* src, int len )
393 {
394 strncpy( dst, src, len );
395 dst[ len ] = '\0';
396 // fprintf( stderr, "strncpy2 '%s'\n", dst );
397 return dst;
398 }
399
400 /**
401 *
402 * SQL???茵?腟????????????惹??絖?????????????
403 *
404 * @param hstmt SQL??????潟????/span>
405 * @param sqlcode SQLExecDirect,SQLExecute???祉????/span>
406 * @return ?????惹??絖???
407 */
408 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
409 {
410 string s;
411 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
412 SQLCHAR SQLState[6];
413 SQLINTEGER NativeError;
414 SQLCHAR MessageText[ 1024 ];
415 SQLSMALLINT BufferLength;
416 SQLSMALLINT TextLength;
417 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
418
419 s += string( (char*)MessageText );
420 s += " SQLSTATE=";
421 s += string( (char*)SQLState );
422
423 }
424 s += " sqlcode=";
425 s += intToString( sqlcode );
426 return s;
427 }
428
429 /**
430 *
431 * ??絎??????????ゃ???????冴??????????絖?????菴???
432 *
433 */
434 string getResultCol( SQLHANDLE hstmt, int col )
435 {
436 string s;
437 SQLRETURN sqlcode;
438 SQLCHAR BinaryPtr[5000];
439 SQLUINTEGER PartID;
440 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
441 SQLRETURN rc;
442
443 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
444 &BinaryLenOrInd)) != SQL_NO_DATA) {
445 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
446 if( NumBytes >= 0 ){
447 s += string( (char*)BinaryPtr, NumBytes );
448 }
449 }
450 #ifdef USE_SYSLOG
451 // openlog( "commonal", LOG_ODELAY, LOG_USER );
452 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
453 // closelog( );
454 #endif
455 return s;
456 }
457
458
459 /**
460 *
461 * ?????若????????\荐??激?с???鴻?宴?若??????
462 *
463 * @param str addslashes???鴻????絖?????NULL??絎?筝?????
464 * @return 紊???緇?????絖???
465 */
466 string addSlashes( const char *str )
467 {
468 if ( hdbc == NULL ){
469 string s;
470 return s;
471 }else{
472 string s( str );
473 return s;
474 }
475
476 int len = strlen(str) * 3;
477 char* dst = new char[ len ];
478 const char* from = str;
479 char* to = dst;
480 while( *from != '\0' ){
481 switch( *from ){
482 case '\'':
483 case '\"':
484 case ';':
485 *to = '\\'; to++;
486 break;
487 }
488 *to = *from; to++;
489 from++;
490 }
491 *to = '\0';
492 string s( dst );
493 delete[] dst;
494 return s;
495 }
496
497 /**
498 *
499 * gid??????????с????
500 * DB???≪???祉?劫け????????false??????鐚?/span>
501 *
502 * @param gid ???с??????????GID
503 * @return true 絖???????
504 * @return false 絖?????????
505 *
506 */
507 static bool gidExists( groupid_t gid )
508 {
509 string sql;
510 SQLRETURN sqlcode;
511 SQLHANDLE hstmt = NULL;
512
513 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
514 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
515 return false;
516 }
517
518 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
519 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
520 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
521 setLastErrorString( "SQLExecDirect in gidExists" );
522 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
523 return false;
524 }
525
526 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
527 setLastErrorString( "SQLFetch in gidExists" );
528 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
529 return false;
530 }
531
532 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
533 return true;
534 }
535
536
537 /**
538 *
539 * Platform???若?倶???宴??id??絖??????????????с????
540 * DB???≪???祉?劫け????????false??????鐚?/span>
541 *
542 * @param uid ???с??????????UID
543 * @return true 絖???????
544 * @return false 絖?????????
545 *
546 */
547 static bool uidExists( userid_t uid )
548 {
549 bool ret = false;
550 string sql;
551 SQLRETURN sqlcode;
552 SQLINTEGER count = 0;
553
554 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
555 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
556 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
557 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
558 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
559 ret = true;
560 }else{
561 string s( "SQLFetch in uidExists ");
562 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
563 s += string( ", sql=" ) + string( sql );
564 setLastErrorString( s.c_str( ) );
565 ret = false;
566 }
567 }else{
568 string s( "SQLExecDirect in uidExists ");
569 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
570 s += string( ", sql=" ) + string( sql );
571 setLastErrorString( s.c_str( ) );
572 ret = false;
573 }
574 }else{
575 string s( "SQLAllocHandle in uidExists ");
576 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
577 setLastErrorString( s.c_str( ) );
578 ret = false;
579 }
580 return ret;
581 }
582
583
584 /**
585 *
586 * criteria ?? SQL?????????
587 *
588 *
589 *
590 */
591 string criteria2str( criteria* cri )
592 {
593 string sql;
594
595 const orderby* odrby = cri -> headOrderBy( );
596 if( odrby != 0 ){
597 sql += " ORDER BY " + string( odrby -> getColumn( ) );
598 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
599 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
600 sql += ", " + string( odrby -> getColumn( ) );
601 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
602 }
603 }
604
605 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
606 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
607 + ", " + string( intToString( cri -> getLimitRows( ) ) );
608 }
609 return sql;
610 }
611
612
613 /**
614 *
615 * ???若?帥???若?鴻????????
616 *
617 * @param dsn DSN
618 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
619 * @param password 筝?荐????若?吟?????鴻???若??
620 * @param dbname ??????/span>
621 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
622 * @return RES_OK
623 * @return RES_DB_INITIALIZE_ERROR
624 * @return RES_DB_CONNECT_ERROR
625 * @refer result_t
626 */
627 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
628 {
629 SQLRETURN sqlcode;
630
631 #ifdef USE_SYSLOG
632 openlog( "commonal", LOG_ODELAY, LOG_USER );
633 #endif
634 // ?≪??・膓?筝???????筝???????/span>
635 if ( hdbc != NULL )
636 SQLDisconnect( hdbc );
637
638 dbprefix = prefix;
639
640 // ????????・膓?
641 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
642 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
643 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
644 #ifdef USE_SYSLOG
645 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
646 closelog( );
647 #endif
648 return RES_DB_INITIALIZE_ERROR;
649 }
650 //ODBC Ver.3 ????????????????????с??荐??
651 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
652
653 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
654 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
655 #ifdef USE_SYSLOG
656 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
657 closelog( );
658 #endif
659 return RES_DB_INITIALIZE_ERROR;
660 }
661 //???違?ゃ?潟??腱?篁ヤ?荀????????帥?ゃ???≪????????荐??
662 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
663
664 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
665 string s( "SQLConnect in initializeDB " );
666 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
667 setLastErrorString( s.c_str( ) );
668 #ifdef USE_SYSLOG
669 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
670 closelog( );
671 #endif
672 return RES_DB_CONNECT_ERROR;
673 }
674 #ifdef USE_SYSLOG
675 syslog( LOG_DEBUG, "initializeDB succeed" );
676 closelog( );
677 #endif
678 return RES_OK;
679 }
680
681 /**
682 *
683 * DB?ョ????????違???????????障??????
684 *
685 * @param ????
686 * @return RES_OK
687 */
688 result_t uninitializeDB()
689 {
690 if ( hdbc != NULL ){
691 SQLDisconnect( hdbc );
692 hdbc = NULL;
693 }
694 return RES_OK;
695 }
696
697 /**
698 *
699 * Platform???若?倶?粋??倶????緇?
700 *
701 * @param sid ?祉???激?с??D
702 * @param uid ?倶??????緇??????????若?吟??ID
703 * @return true ?粋?羝???/span>
704 * @return false ???粋?
705 *
706 */
707 bool isActivated( sessionid_t sid, userid_t uid )
708 {
709 if( hdbc == NULL ) return false;
710 if( !isValidSessionID( sid ) ) return false;
711
712 bool ret = false;
713 string sql;
714 SQLRETURN sqlcode;
715 SQLHANDLE hstmt = NULL;
716
717 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
718 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
719 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
720 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
721 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
722 ret = true;
723 }else{
724 string s( "SQLFetch in isActivated " );
725 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
726 s += ", sql=" + sql;
727 setLastErrorString( s.c_str() );
728 ret = false;
729 }
730 }else{
731 string s( "SQLExecDirect in isActivated " );
732 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
733 s += ", sql=" + sql;
734 setLastErrorString( s.c_str() );
735 ret = false;
736 }
737 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
738 }else{
739 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
740 ret = false;
741 }
742 return ret;
743 }
744
745 /**
746 *
747 * Platform???若?倶?粋??倶??紊???/span>
748 *
749 * @param sid ?祉???激?с??D
750 * @param uid 紊??眼?????????若?吟??ID
751 * @param activate ?粋?(true) / ???粋?(false)????絎?
752 * @return RES_OK
753 * @return RES_DB_QUERY_ERROR
754 * @return RES_NO_SUCH_USER
755 */
756 result_t activate( sessionid_t sid, userid_t uid, bool activate )
757 {
758 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
759 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
760
761 string sql;
762 SQLRETURN sqlcode;
763 result_t ret = RES_ERROR;
764
765 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
766 sql += "SET activate=" + string( activate ? "1" : "0" );
767 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
768 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
769 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
770 SQLINTEGER count = 0;
771 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
772 ret = RES_OK;
773 }else{
774 string s( "SQLRowCount in activate ");
775 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
776 s += string( ", sql=" ) + string( sql );
777 setLastErrorString( s.c_str( ) );
778 ret = RES_NO_SUCH_USER;
779 }
780 }else{
781 string s( "SQLExecDirect in activate " );
782 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
783 s += ", sql=";
784 s += string( sql );
785 setLastErrorString( s.c_str( ) );
786 ret = RES_DB_QUERY_ERROR;
787 }
788 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
789 }else{
790 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
791 ret = RES_ERROR;
792 }
793 return ret;
794 }
795
796 /**
797 *
798 * ?≪?????潟???違????緇?????鐚?/span>
799 *
800 * @param sid ?祉???激?с??D
801 * @return ?≪?????潟????/span>
802 *
803 */
804 int getAccountCount( sessionid_t sid )
805 {
806 if( hdbc == NULL ) return 0;
807 if( !isValidSessionID( sid ) ) return 0;
808
809 int ret = 0;
810 string sql;
811 SQLRETURN sqlcode;
812 SQLHANDLE hstmt = NULL;
813
814 //?≪?????潟???違??羆?????
815 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
816 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
817 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
818 SQLUINTEGER count = 0;
819 SQLINTEGER len;
820 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
821 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
822 ret = count;
823 }else {
824 string s( "SQLFetch in getAccountCount sql=" );
825 s += string( sql );
826 setLastErrorString( s.c_str( ) );
827 ret = 0;
828 }
829 }else{
830 setLastErrorString( "SQLExecDirect in getAccountCount" );
831 ret = 0;
832 }
833 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
834 }else{
835 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
836 ret = 0;
837 }
838 return ret;
839 }
840
841 /**
842 *
843 * ?≪?????潟??????/span>
844 * ?違???若???????????ゃ?????若?倶???宴?????ゃ??茵??????障??鐚?/span>
845 *
846 * @param
847 * @return RES_OK
848 * @return RES_ERROR
849 * @return RES_DB_NOT_INITIALIZED
850 * @return RES_NO_SUCH_SESSION
851 * @return RES_DB_QUERY_ERROR
852 *
853 */
854 result_t deleteAccount( sessionid_t sid, userid_t uid )
855 {
856 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
857 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
858
859 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
860 criteria_t c;
861 string sql;
862 groupid_t* gids;
863 int gidsLen;
864 SQLRETURN sqlcode;
865 SQLHANDLE hstmt = NULL;
866
867 /*
868 1. delete user from default platform group
869 2. delete user profile from xoops_users
870 3. delete platform user from xnpaccount_users
871 */
872
873 //1. delete user from platform groups
874 c.clearAll();
875 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
876 for( int i = 0; i < gidsLen; i++ )
877 deleteMemberNoLimit( sid, gids[ i ], uid );
878 freeGID( gids );
879 }
880
881 //2. delete user profile from xoops_users
882 sql = "DELETE FROM " + dbprefix + "_users ";
883 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
884 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
885 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
886 SQLINTEGER count = 0;
887 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
888 ret1 = RES_OK;
889 }else{
890 string s( "SQLRowCount in deleteAccount" );
891 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
892 s += string( ", sql=" ) + string( sql );
893 setLastErrorString( s.c_str( ) );
894 ret1 = RES_NO_SUCH_USER;
895 }
896 }else{
897 string s( "SQLExecDirect in deleteAccount" );
898 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
899 s += ", sql=";
900 s += string( sql );
901 setLastErrorString( s.c_str( ) );
902 ret1 = RES_DB_QUERY_ERROR;
903 }
904 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
905 }else{
906 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
907 ret1 = RES_ERROR;
908 }
909
910 //3. delete platform user from xnpaccount_users
911 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
912 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
913 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
914 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
915 SQLINTEGER count = 0;
916 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
917 ret2 = RES_OK;
918 }else{
919 string s( "SQLRowCount in deleteAccount" );
920 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
921 s += string( ", sql=" ) + string( sql );
922 setLastErrorString( s.c_str( ) );
923 ret2 = RES_NO_SUCH_USER;
924 }
925 }else{
926 string s( "SQLExecDirect in deleteAccount" );
927 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
928 s += ", sql=";
929 s += string( sql );
930 setLastErrorString( s.c_str( ) );
931 ret2 = RES_DB_QUERY_ERROR;
932 }
933 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
934 }else{
935 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
936 ret2 = RES_ERROR;
937 }
938
939 //筝??鴻?с???????若?????????若??菴???
940 return ret1 != RES_OK ? ret1 : ret2;
941 }
942
943 /**
944 *
945 * ?≪?????潟?????怨??
946 *
947 * @param sid ?祉???激?с??D
948 * @param uid ??緇??????????若?吟??ID
949 * @param acc ??緇??????≪?????潟??????account_t)?????ゃ?潟?帥???吾??莨若??綣???/span>
950 * @return RES_OK
951 * @return RES_DB_NOT_INITIALIZED
952 * @return RES_NO_SUCH_USER
953 * @return RES_NO_SUCH_SESSION
954 * @return RES_DB_QUERY_ERROR
955 *
956 */
957 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
958 {
959 int len;
960 static criteria c;
961 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
962 if( len == 0 ) return RES_NO_SUCH_USER;
963 return res;
964 }
965
966 /**
967 *
968 * ?≪?????潟?????怨??
969 *
970 * @param sid ?祉???激?с??D
971 * @param uids ??緇??????????若?吟??ID??????
972 * @param uidsLen uids???????膣???/span>
973 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
974 * @param accounts 罎?膣∝??????????????ゃ?潟?帥???吾??莨若??綣???/span>
975 * @param accountsLen 罎?膣∝???????????*accounts???膣???
976 * @return RES_OK
977 * @return RES_DB_NOT_INITIALIZED
978 * @return RES_NO_SUCH_SESSION
979 * @return RES_DB_QUERY_ERROR
980 *
981 */
982 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
983 {
984 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
985 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
986 if( uidsLen <= 0 ){
987 *accounts = new account_t[ 0 ];
988 *accountsLen = 0;
989 #ifdef USE_SYSLOG
990 openlog( "commonal", LOG_ODELAY, LOG_USER );
991 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
992 closelog( );
993 #endif
994 return RES_OK;
995 }
996
997 #ifdef USE_SYSLOG
998 openlog( "commonal", LOG_ODELAY, LOG_USER );
999 syslog( LOG_DEBUG, "begin of getAccounts" );
1000 #endif
1001 result_t ret = RES_ERROR;
1002 SQLRETURN sqlcode;
1003 SQLHANDLE hstmt = NULL;
1004 string sql;
1005 account_t* dst = new account_t[ uidsLen ];
1006
1007 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since, u2.private_index_id ";
1008 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
1009 sql += "WHERE u1.uid = u2.uid ";
1010 if( uidsLen > 0 ){
1011 #ifdef USE_SYSLOG
1012 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
1013 #endif
1014 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
1015 for( int i = 1; i < uidsLen; i++ ){
1016 #ifdef USE_SYSLOG
1017 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
1018 #endif
1019 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
1020 }
1021 sql += " ) ";
1022 }
1023 sql += criteria2str( cri );
1024 #ifdef USE_SYSLOG
1025 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
1026 #endif
1027
1028 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1029 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1030 SQLINTEGER len;
1031 userid_t uid = 0;
1032 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1033 *accountsLen=0;
1034 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
1035 dst[ i ].setUID( uid );
1036 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
1037 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
1038 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
1039 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
1040 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
1041 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
1042 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
1043 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
1044 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
1045 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
1046 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
1047 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
1048 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
1049 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
1050 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
1051 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
1052 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
1053 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
1054 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
1055 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
1056 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
1057 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
1058 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
1059 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
1060 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
1061 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
1062 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
1063 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
1064 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
1065 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
1066 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
1067 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
1068 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
1069 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
1070 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
1071 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
1072 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
1073 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
1074 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
1075 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
1076 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
1077 dst[ i ].setPrivateIndexID( atoi( getResultCol( hstmt, 43 ).c_str() ));
1078 #ifdef USE_SYSLOG
1079 syslog( LOG_DEBUG, "set to account_t %d", i );
1080 #endif
1081 ( *accountsLen )++;
1082 }
1083 *accounts = dst;
1084 #ifdef USE_SYSLOG
1085 syslog( LOG_DEBUG, "getAccounts succeed" );
1086 #endif
1087 ret = RES_OK;
1088 }else{
1089 string s( "SQLExecDirect in getAccounts" );
1090 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1091 s += string( ", sql=" ) + string( sql );
1092 setLastErrorString( s.c_str( ) );
1093 #ifdef USE_SYSLOG
1094 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1095 #endif
1096 ret = RES_DB_QUERY_ERROR;
1097 }
1098 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1099 }else{
1100 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
1101 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1102 setLastErrorString( s.c_str( ) );
1103 #ifdef USE_SYSLOG
1104 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1105 #endif
1106 ret = RES_DB_QUERY_ERROR;
1107 }
1108 #ifdef USE_SYSLOG
1109 closelog( );
1110 #endif
1111 return ret;
1112 }
1113
1114 /**
1115 *
1116 * ?≪?????潟???脂??
1117 *
1118 * ???若?倶???宴?????若?帥???若?鴻???脂?蚊???障??鐚?/span>
1119 * ?脂?蚊???????若?倶???宴???綽????????若??D??uid???主????障??鐚?/span>
1120 *
1121 * @param sid ?祉???激?с??/span>
1122 * @param account ?脂?蚊?????≪?????潟??????/span>
1123 * @param uid ?脂?蚊?????≪?????潟?????宴???綽????????若??D
1124 * @return RES_OK
1125 * @return RES_NO_SUCH_SESSION
1126 * @return RES_DB_QUERY_ERROR
1127 * @return RES_DB_NOT_INITIALIZED
1128 *
1129 */
1130 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
1131 {
1132 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1133 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1134
1135 string sql;
1136 string tmp;
1137 char buf[ 12 ];
1138 SQLRETURN sqlcode;
1139 result_t ret = RES_ERROR;
1140
1141 /*
1142 1. insert user profile into xoops_users
1143 2. insert platform user profile into xnpaccount_users
1144 3. add user to default platform group
1145 4. create private index
1146 5. update account set private_index_id=...
1147 */
1148
1149 //1.xoops?????若?吟???若???????吾??莨若??
1150 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1151 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1152 SQLDOUBLE timezone_offset;
1153
1154 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1155 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1156
1157 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1158 string sql;
1159 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
1160 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1161 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1162 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1163 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1164 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1165 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1166 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1167 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1168 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1169 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1170 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1171 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1172 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1173 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1174 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1175 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1176 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1177 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1178 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1179 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1180 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1181 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1182 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1183 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1184 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1185 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1186 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1187 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1188 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1189 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1190 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1191 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1192
1193 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1194 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1195 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1196 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1197 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1198 user_regdate = time( NULL );
1199 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1200 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1201 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1202 user_viewemail = account -> getUserViewemail( );
1203 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1204 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1205 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1206 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1207 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1208 posts = account -> getPosts( );
1209 attachsig = account -> getAttachsig( );
1210 rank = account -> getRank( );
1211 level = account -> getLevel( );
1212 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1213 timezone_offset = account -> getTimezoneOffset( );
1214 last_login = 0;
1215 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1216 uorder = account -> getUorder( );
1217 notify_method = account -> getNotifyMethod( );
1218 notify_mode = account -> getNotifyMode( );
1219 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1220 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1221 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1222 user_mailok = account -> getUserMailok( );
1223
1224 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1225 SQLINTEGER count = 0;
1226 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1227 //???若??D????緇?????
1228 SQLHANDLE hstmt2 = NULL;
1229 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1230 sql = "SELECT LAST_INSERT_ID()"; // MySQL
1231 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
1232 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1233 SQLUINTEGER last_insert_id;
1234 SQLINTEGER len;
1235 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
1236 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
1237 *uid = last_insert_id;
1238 ret = RES_OK;
1239 }else{
1240 ret = RES_DB_QUERY_ERROR;
1241 string s( "SQLFetch in insertAccount " );
1242 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1243 setLastErrorString( s.c_str( ) );
1244 }
1245 }else{
1246 string s( "SQLExecDirect in insertAccount " );
1247 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1248 setLastErrorString( s.c_str( ) );
1249 ret = RES_DB_QUERY_ERROR;
1250 }
1251 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1252 }
1253 }else{
1254 string s( "SQLRowCount in insertAccount sql=" );
1255 s += string( sql );
1256 setLastErrorString( s.c_str( ) );
1257 ret = RES_DB_QUERY_ERROR;
1258 }
1259 }else{
1260 string s( "SQLExecute in insertAccount " );
1261 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1262 setLastErrorString( s.c_str( ) );
1263 ret = RES_DB_QUERY_ERROR;
1264 }
1265 }else{
1266 string s( "SQLPrepare in insertAccount " );
1267 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1268 setLastErrorString( s.c_str( ) );
1269 ret = RES_ERROR;
1270 }
1271 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1272 }else{
1273 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1274 ret = RES_ERROR;
1275 }
1276
1277 if( ret == RES_OK ){
1278 //2.xnpaccount?????若?吟???若??????????????宴???吾??莨若??
1279 SQLUINTEGER activate;
1280 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1281 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1282 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1283 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1284 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1285 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1286 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1287 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1288 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1289 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1290 SQLUINTEGER notice_mail;
1291 SQLUINTEGER notice_mail_since;
1292 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1293 string sql;
1294 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1295 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1296 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1297 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1298 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1299 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1300 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1301 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1302 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1303 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1304 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1305 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1306 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1307 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1308 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1309
1310 activate = account -> getActivate() ? 1 : 0;
1311 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1312 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1313 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1314 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1315 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1316 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1317 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1318 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1319 notice_mail = account -> getNoticeMail( );
1320 notice_mail_since = account -> getNoticeMailSince( );
1321
1322 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1323 SQLINTEGER count = 0;
1324 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1325 ret = RES_OK;
1326 if( ret == RES_OK ){
1327 //3.add new user to default group(not a group admin)
1328 ret = insertMember( sid, group_t::GID_DEFAULT, *uid, false );
1329 }else{
1330 //xoops_users??nsert???????潟?若???????ゃ????
1331 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1332 sql += unsignedIntToString( *uid );
1333 SQLHANDLE hstmt2 = NULL;
1334 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1335 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1336 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1337 }
1338 setLastErrorString( "insertMember in insertAccount" );
1339 ret = RES_DB_QUERY_ERROR;
1340 }
1341 }else{
1342 string s( "SQLRowCount in insertAccount sql=" );
1343 s += string( sql );
1344 setLastErrorString( s.c_str( ) );
1345 ret = RES_DB_QUERY_ERROR;
1346 }
1347 }else{
1348 string s( "SQLExecute in insertAccount " );
1349 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1350 setLastErrorString( s.c_str( ) );
1351 ret = RES_DB_QUERY_ERROR;
1352 }
1353 }else{
1354 //xoops_users??nsert???????潟?若???????ゃ????
1355 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1356 sql += unsignedIntToString( *uid );
1357 SQLHANDLE hstmt2 = NULL;
1358 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1359 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1360 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1361 }
1362 string s( "SQLExecDirect in insertAccount sql=" );
1363 s += string( sql );
1364 setLastErrorString( s.c_str( ) );
1365 ret = RES_DB_QUERY_ERROR;
1366 }
1367 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1368 }else{
1369 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1370 ret = RES_ERROR;
1371 }
1372 }
1373
1374 if ( ret == RES_OK ){
1375 //4.private index??篏???
1376
1377 // private index????ort_number????
1378 string sql = "select min(sort_number) from " +
1379 dbprefix + "_xnpaccount_index where parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
1380 " and open_level=" + unsignedIntToString(index::OL_PRIVATE);
1381 unsigned int sortNumber;
1382 ret = queryGetUnsignedInt( "insertAccount", sql, &sortNumber );
1383 sortNumber--;
1384 if ( ret == RES_OK ){
1385 // private index篏???
1386 index_t index;
1387 index.setItemTypeID(item::ITID_INDEX);
1388 index.setContributorUID(*uid);
1389 index.setParentIndexID(item::IID_ROOT);
1390 index.setOwnerUID(*uid);
1391 index.setOpenLevel(index::OL_PRIVATE);
1392 index.setSortNumber(sortNumber);
1393 index.setTitle(account->getUname());
1394 indexid_t privateXID;
1395 ret = insertIndexInternal( sid, &index, &privateXID );
1396 if ( ret == RES_OK ){
1397 // xnpaccuont_users??rivate_index_id???吾??????
1398 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET private_index_id="
1399 + unsignedIntToString(privateXID) + " WHERE uid=" + unsignedIntToString(*uid);
1400 ret = querySimple( "insertAccount", sql );
1401 }
1402 }
1403 }
1404
1405 return ret;
1406 }
1407
1408 /**
1409 *
1410 * ?≪?????潟?????宴??紊??眼????.
1411 *
1412 *
1413 * @param sid ?祉???激?с??D
1414 * @param account 紊??眼???????≪?????潟??????/span>
1415 * @return RES_OK
1416 * @return RES_DB_NOT_INITIALIZED
1417 * @return RES_NO_SUCH_SESSION
1418 * @return RES_DB_QUERY_ERROR
1419 * @return RES_NO_SUCH_USER
1420 * @return RES_ERROR
1421 *
1422 */
1423 result_t updateAccount( sessionid_t sid, const account_t* account )
1424 {
1425 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1426 if( account == NULL ) return RES_ERROR;
1427 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1428 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1429
1430 SQLRETURN sqlcode;
1431 result_t ret = RES_ERROR;
1432 SQLHANDLE hstmt = NULL;
1433
1434 //xoops?????若?吟???若???????吾??莨若??
1435 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1436 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1437 SQLDOUBLE timezone_offset;
1438
1439 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1440 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1441
1442 SQLUINTEGER activate;
1443 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1444 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1445 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1446 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1447 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1448 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1449 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1450 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1451 SQLINTEGER cbActivate = 0, cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1452 SQLUINTEGER notice_mail, notice_mail_since;
1453 SQLINTEGER cbNotice_mail = 0, cbNotice_mail_since = 0;
1454
1455 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1456 string sql;
1457
1458 sql = "UPDATE " + dbprefix + "_users SET ";
1459 sql += "uname=?";
1460 sql += ", name=?";
1461 sql += ", email=?";
1462 sql += ", url=?";
1463 sql += ", user_avatar=?";
1464 sql += ", user_regdate=?";
1465 sql += ", user_icq=?";
1466 sql += ", user_from=?";
1467 sql += ", user_sig=?";
1468 sql += ", user_viewemail=?";
1469 sql += ", actkey=?";
1470 sql += ", user_aim=?";
1471 sql += ", user_yim=?";
1472 sql += ", user_msnm=?";
1473 sql += ", pass=?";
1474 sql += ", posts=?";
1475 sql += ", attachsig=?";
1476 sql += ", rank=?";
1477 sql += ", level=?";
1478 sql += ", theme=?";
1479 sql += ", timezone_offset=?";
1480 sql += ", last_login=?";
1481 sql += ", umode=?";
1482 sql += ", uorder=?";
1483 sql += ", notify_method=?";
1484 sql += ", notify_mode=?";
1485 sql += ", user_occ=?";
1486 sql += ", bio=?";
1487 sql += ", user_intrest=?";
1488 sql += ", user_mailok=? ";
1489 sql += " WHERE uid = ?";
1490
1491 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1492 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1493 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1494 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1495 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1496 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1497 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1498 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1499 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1500 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1501 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1502 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1503 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1504 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1505 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1506 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1507 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1508 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1509 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1510 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1511 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1512 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1513 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1514 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1515 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1516 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1517 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1518 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1519 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1520 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1521 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1522 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1523 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1524
1525 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1526 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1527 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1528 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1529 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1530 user_regdate = time( NULL );
1531 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1532 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1533 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1534 user_viewemail = account -> getUserViewemail( );
1535 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1536 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1537 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1538 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1539 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1540 posts = account -> getPosts( );
1541 attachsig = account -> getAttachsig( );
1542 rank = account -> getRank( );
1543 level = account -> getLevel( );
1544 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1545 timezone_offset = account -> getTimezoneOffset( );
1546 last_login = 0;
1547 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1548 uorder = account -> getUorder( );
1549 notify_method = account -> getNotifyMethod( );
1550 notify_mode = account -> getNotifyMode( );
1551 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1552 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1553 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1554 user_mailok = account -> getUserMailok( );
1555 uid = account -> getUID( );
1556
1557 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1558 SQLINTEGER count = 0;
1559 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1560 ret = RES_OK;
1561 }else{
1562 string s( "SQLRowCount in updateAccount sql=" );
1563 s += string( sql );
1564 setLastErrorString( s.c_str( ) );
1565 ret = RES_DB_QUERY_ERROR;
1566 }
1567 }else{
1568 string s( "SQLExecute in updateAccount 1 " );
1569 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1570 setLastErrorString( s.c_str( ) );
1571 ret = RES_DB_QUERY_ERROR;
1572 }
1573 }else{
1574 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1575 ret = RES_ERROR;
1576 }
1577 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1578 hstmt = NULL;
1579 }else{
1580 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1581 ret = RES_ERROR;
1582 }
1583
1584 if( ret != RES_OK ){
1585 return ret;
1586 }
1587
1588 //xnpaccount?????若?吟???若??????????????宴??筝??吾??????
1589 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1590 string sql;
1591
1592 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1593 sql += "activate=?, ";
1594 sql += "address=?, ";
1595 sql += "division=?, ";
1596 sql += "tel=?, ";
1597 sql += "company_name=?, ";
1598 sql += "country=?, ";
1599 sql += "zipcode=?, ";
1600 sql += "fax=?, ";
1601 sql += "base_url=?, ";
1602 sql += "notice_mail=?, ";
1603 sql += "notice_mail_since=? ";
1604 sql += "WHERE uid=?";
1605
1606 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1607 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1608 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1609 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1610 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1611 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1612 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1613 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1614 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1615 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1616 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1617 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1618 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1619 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1620
1621 activate = account -> getActivate() ? 1 : 0;
1622 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1623 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1624 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1625 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1626 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1627 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1628 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1629 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1630 notice_mail = account -> getNoticeMail( );
1631 notice_mail_since = account -> getNoticeMailSince( );
1632 uid = account -> getUID( );
1633
1634 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1635 SQLINTEGER count = 0;
1636 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1637 ret = RES_OK;
1638 }else{
1639 string s( "SQLRowCount in updateAccount sql=" );
1640 s += string( sql );
1641 setLastErrorString( s.c_str( ) );
1642 ret = RES_DB_QUERY_ERROR;
1643 }
1644 }else{
1645 string s( "SQLExecute in updateAccount 2 " );
1646 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1647 setLastErrorString( s.c_str( ) );
1648 ret = RES_DB_QUERY_ERROR;
1649 }
1650 }else{
1651 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1652 ret = RES_ERROR;
1653 }
1654 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1655 }else{
1656 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1657 ret = RES_ERROR;
1658 }
1659 return ret;
1660 }
1661
1662 /**
1663 *
1664 * criteria_t?ф??絎???????膀??蚊?????若??D??菴???.
1665 * ???若??D????????腆坂????????????吾??莨若?随????????≪?????鴻??*uids???吾??莨若??.
1666 * ???????泣?ゃ?冴??*uidsLen???吾??莨若??
1667 *
1668 * @param sid ?祉???激?с??D
1669 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1670 * @param uids ???若?吟??ID?????????阪????
1671 * @param uidsLen uids???????膣??違???阪????
1672 * @return RES_OK
1673 * @return RES_DB_NOT_INITIALIZED
1674 * @return RES_NO_SUCH_SESSION
1675 * @return RES_DB_QUERY_ERROR
1676 *
1677 */
1678 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1679 {
1680 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1681 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1682
1683 #ifdef USE_SYSLOG
1684 openlog( "commonal", LOG_ODELAY, LOG_USER );
1685 #endif
1686
1687 result_t ret = RES_ERROR;
1688 userid_t* dst = 0;
1689 string sql;
1690 SQLRETURN sqlcode;
1691 SQLINTEGER count = 0;
1692
1693
1694 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1695 sql += criteria2str( cri );
1696 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1697 *uidsLen = count;
1698 dst = new userid_t[ *uidsLen ];
1699 *uids = dst;
1700 }else{
1701 return RES_ERROR;
1702 }
1703 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1704 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1705 userid_t uid;
1706 SQLINTEGER len = 0;
1707 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1708
1709 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1710 dst[ i ] = uid;
1711 }
1712
1713 #ifdef USE_SYSLOG
1714 syslog( LOG_DEBUG, "dumpUids succeed" );
1715 #endif
1716 ret = RES_OK;
1717 }else{
1718 string s( "SQLExecDirect in dumpUids " );
1719 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1720 s += "sql=";
1721 s += string( sql );
1722 setLastErrorString( s.c_str( ) );
1723 #ifdef USE_SYSLOG
1724 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1725 #endif
1726 ret = RES_DB_QUERY_ERROR;
1727 }
1728 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1729 }else{
1730 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1731 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1732 setLastErrorString( s.c_str( ) );
1733 #ifdef USE_SYSLOG
1734 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1735 #endif
1736 ret = RES_DB_QUERY_ERROR;
1737 }
1738 return ret;
1739 }
1740
1741 /**
1742 *
1743 * ?違???若???違??菴???.
1744 * 筝?罩c???祉???激?с??D????0??菴???.
1745 *
1746 * @param sid ?祉???激?с??D
1747 * @return ?違???若????/span>
1748 *
1749 */
1750 int getGroupCount( sessionid_t sid )
1751 {
1752 if( hdbc == NULL ) return 0;
1753 if( !isValidSessionID( sid ) ) return 0;
1754
1755 SQLRETURN sqlcode;
1756 SQLHANDLE hstmt = NULL;
1757 string sql;
1758 int ret = 0;
1759
1760 //?違???若???違??羆?????
1761 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1762 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1763 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1764 SQLUINTEGER count = 0;
1765 SQLINTEGER len;
1766 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1767 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1768 ret = count;
1769 }else {
1770 string s( "SQLFetch in getGroupCount sql=" );
1771 s += string( sql );
1772 setLastErrorString( s.c_str( ) );
1773 ret = 0;
1774 }
1775 }else{
1776 setLastErrorString( "SQLExecDirect in getGroupCount" );
1777 ret = 0;
1778 }
1779 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1780 }else{
1781 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1782 ret = 0;
1783 }
1784 return ret;
1785 }
1786
1787 /**
1788 *
1789 * ??絮??違???若??筝?荀у??.
1790 * ???若?吟????絮??????????違???若????D????緇?????
1791 *
1792 * @param sid ?祉???激?с??D
1793 * @param uid ???若?吟??ID
1794 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1795 * @param gids ?違???若??ID?????????阪????
1796 * @param gidsLen gids???????膣??違???阪????
1797 * @return RES_DB_NOT_INITIALIZED
1798 * @return RES_NO_SUCH_SESSION
1799 * @return RES_NO_SUCH_USER
1800 * @return RES_DB_QUERY_ERROR
1801 * @return RES_OK
1802 *
1803 */
1804 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1805 {
1806 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1807 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1808 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1809
1810 result_t ret = RES_ERROR;
1811 string sql;
1812 SQLRETURN sqlcode;
1813 SQLHANDLE hstmt = NULL;
1814 SQLINTEGER count = 0;
1815 groupid_t* dst = 0;
1816 int len = 0;
1817
1818 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1819 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1820 sql += criteria2str( cri );
1821 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1822 *gidsLen = count;
1823 dst = new groupid_t[ *gidsLen ];
1824 *gids = dst;
1825 }else{
1826 return RES_ERROR;
1827 }
1828
1829 //??絮??????違???若??????紊у???違??羆?????
1830 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1831 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1832 if( count > 0 ){
1833 SQLHANDLE hstmt2 = NULL;
1834 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1835 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1836 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1837 sql += criteria2str( cri );
1838 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1839 SQLINTEGER len;
1840 groupid_t gid = 0;
1841 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1842 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1843 dst[ i ] = gid;
1844 }
1845 ret = RES_OK;
1846 }else{
1847 string s( "SQLExecDirect in getGroupsByUid " );
1848 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1849 s += string( ", sql=" ) + string( sql );
1850 ret = RES_DB_QUERY_ERROR;
1851 }
1852 }else{
1853 string s( "SQLAllocHandle in getGroupsByUid " );
1854 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1855 ret = RES_DB_QUERY_ERROR;
1856 }
1857 }else{
1858 ret = RES_OK;
1859 }
1860 }else{
1861 string s( "SQLExecDirect in getGroupsByUid " );
1862 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1863 s += string( ", sql=" ) + string( sql );
1864 ret = RES_DB_QUERY_ERROR;
1865 }
1866 }else{
1867 string s( "SQLAllocHandle in getGroupsByUid " );
1868 setLastErrorString( s.c_str( ) );
1869 ret = RES_DB_QUERY_ERROR;
1870 }
1871 return ret;
1872 }
1873
1874 /**
1875 *
1876 * ?違???若??膊∞??罔????????.
1877 * ???若?吟?????若???????罔???????????(?違???若??膊∞?????с??????)????????????.
1878 * ???若?吟???違???若????絖????????????????医幻???翫??鐚?false??菴???.
1879 *
1880 * @param sid ?祉???激?с??D
1881 * @param gid ?違???若????ID
1882 * @param uid ???若?吟??ID
1883 * @return true 膊∞??罔???????
1884 * @return false 膊∞??罔???????鐚??障???????/span>
1885 *
1886 */
1887 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1888 {
1889 if( hdbc == NULL ) return false;
1890 if( !isValidSessionID( sid ) ) return false;
1891 if( !uidExists( uid ) ) return false;
1892 if( !gidExists( gid ) ) return false;
1893
1894 bool ret = false;
1895 string sql;
1896 SQLRETURN sqlcode;
1897 SQLINTEGER count = 0;
1898
1899 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1900 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1901 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1902 sql += " AND is_admin=1";
1903 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1904 if( count > 0 ){
1905 ret = true;
1906 }else{
1907 ret = false;
1908 }
1909 }else{
1910 ret = false;
1911 }
1912 return ret;
1913 }
1914
1915 /**
1916 *
1917 * ?違???若??ID筝?荀?
1918 * ?脂?蚊???????????違???若????D筝?荀с????緇?????.
1919 *
1920 * @param sid ?祉???激?с??D
1921 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1922 * @param gids ?違???若??ID?????????阪????
1923 * @param gidsLen gids???????膣??違???阪????
1924 * @return RES_DB_NOT_INITIALIZED
1925 * @return RES_NO_SUCH_SESSION
1926 * @return RES_DB_QUERY_ERROR
1927 * @return RES_OK
1928 *
1929 */
1930 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1931 {
1932 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1933 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1934
1935 result_t ret = RES_ERROR;
1936 groupid_t* dst = 0;
1937 string sql;
1938 SQLRETURN sqlcode;
1939 SQLINTEGER count = 0;
1940
1941 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
1942 sql += criteria2str( cri );
1943 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1944 *gidsLen = count;
1945 dst = new groupid_t[ *gidsLen ];
1946 *gids = dst;
1947 }else{
1948 return RES_ERROR;
1949 }
1950
1951 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1952 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1953 groupid_t gid;
1954 SQLINTEGER len = 0;
1955 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1956 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1957 dst[ i ] = gid;
1958 }
1959
1960 ret = RES_OK;
1961 }else{
1962 string s( "SQLExecDirect in dumpGids " );
1963 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1964 s += "sql=";
1965 s += string( sql );
1966 setLastErrorString( s.c_str( ) );
1967 ret = RES_DB_QUERY_ERROR;
1968 }
1969 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1970 }
1971 return ret;
1972 }
1973
1974 /**
1975 *
1976 * ?違???若??膊∞????ID????緇?????.
1977 * ?????違???若??????????????若??D????緇?????.
1978 *
1979 * @param sid ?祉???激?с??D
1980 * @param gid ???????????違???若????ID?ф??絎?????
1981 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1982 * @param uids 膊∞??????ID???????????????????ゃ?潟??/span>
1983 * @param uidsLen uids???????膣???/span>
1984 * @return RES_OK
1985 * @return RES_DB_NOT_INITIALIZED
1986 * @return RES_NO_SUCH_SESSION
1987 * @return RES_DB_QUERY_ERROR
1988 * @return RES_ERROR
1989 *
1990 */
1991 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
1992 {
1993 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1994 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1995
1996 result_t ret = RES_ERROR;
1997 groupid_t* dst = 0;
1998 string sql;
1999 SQLRETURN sqlcode;
2000 SQLINTEGER count = 0;
2001
2002 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2003 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
2004 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2005 *uidsLen = count;
2006 *uids = new groupid_t[ *uidsLen ];
2007 }else{
2008 return RES_ERROR;
2009 }
2010 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2011 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2012 userid_t uid;
2013 SQLINTEGER len = 0;
2014 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2015 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
2016 (*uids)[ i ] = uid;
2017 }
2018 ret = RES_OK;
2019 }else{
2020 string s( "SQLExecDirect in dumpGroupAdmins " );
2021 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2022 s += "sql=";
2023 s += string( sql );
2024 setLastErrorString( s.c_str( ) );
2025 ret = RES_DB_QUERY_ERROR;
2026 }
2027 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2028 }
2029 return ret;
2030 }
2031
2032 /**
2033 *
2034 * ?違???若????絮????若?九????
2035 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2036 * ???????????違???若???????????ゃ?с??????
2037 *
2038 * @param sid ?祉???激?с??D
2039 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2040 * @param uid ???ゅ?莟<?????若?吟??D
2041 * @return RES_DB_NOT_INITIALIZED
2042 * @return RES_NO_SUCH_SESSION
2043 * @return RES_NO_SUCH_USER
2044 * @return RES_NO_SUCH_GROUP
2045 * @return RES_DB_QUERY_ERROR
2046 * @return RES_OK
2047 * @return RES_ERROR
2048 *
2049 */
2050 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
2051 {
2052 if( gid == group_t::GID_DEFAULT ) return RES_ERROR;
2053 return deleteMemberNoLimit( sid, gid, uid );
2054 }
2055
2056 /**
2057 *
2058 * ?違???若????絮????若?九????
2059 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2060 * ???????????違???若???????????ゃ?с?????鴻??鐚?deleteMember???違????
2061 *
2062 * @param sid ?祉???激?с??D
2063 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2064 * @param uid ???ゅ?莟<?????若?吟??D
2065 * @return RES_DB_NOT_INITIALIZED
2066 * @return RES_NO_SUCH_SESSION
2067 * @return RES_NO_SUCH_USER
2068 * @return RES_NO_SUCH_GROUP
2069 * @return RES_DB_QUERY_ERROR
2070 * @return RES_OK
2071 * @return RES_ERROR
2072 *
2073 */
2074 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
2075 {
2076 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2077 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2078 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2079 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2080
2081 result_t ret = RES_ERROR;
2082 string sql;
2083 SQLRETURN sqlcode;
2084 SQLHANDLE hstmt = NULL;
2085
2086 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2087 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2088 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2089 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2090 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2091 SQLINTEGER count = 0;
2092 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2093 ret = RES_OK;
2094 }else{
2095 string s( "SQLRowCount in deleteMember" );
2096 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2097 s += string( ", sql=" ) + string( sql );
2098 setLastErrorString( s.c_str( ) );
2099 ret = RES_NO_SUCH_USER;
2100 }
2101 }else{
2102 string s( "SQLExecDirect in deleteMember" );
2103 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2104 s += ", sql=";
2105 s += string( sql );
2106 setLastErrorString( s.c_str( ) );
2107 ret = RES_DB_QUERY_ERROR;
2108 }
2109 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2110 }else{
2111 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
2112 ret = RES_ERROR;
2113 }
2114 return ret;
2115 }
2116
2117 /**
2118 *
2119 * ?違???若????絮????若?区申??.
2120 * ?違???若?????<?潟???若?????若?吟??菴遵??????.
2121 *
2122 * @param sid ?祉???激?с??D
2123 * @param gid ??絮????違???若????D
2124 * @param uid ??絮??????????若?吟??D
2125 * @param admin 膊∞????罔?????筝?????????true
2126 * @return RES_OK
2127 * @return RES_DB_NOT_INITIALIZED
2128 * @return RES_NO_SUCH_SESSION
2129 * @return RES_NO_SUCH_USER
2130 * @return RES_NO_SUCH_GROUP
2131 * @return RES_DB_QUERY_ERROR
2132 *
2133 */
2134 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
2135 {
2136 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2137 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2138 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2139 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2140
2141 result_t ret = RES_ERROR;
2142 string sql;
2143 SQLRETURN sqlcode;
2144
2145 //?<?潟???若??菴遵??
2146 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2147 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
2148 sql += string( unsignedIntToString( gid ) ) + ", ";
2149 sql += string( unsignedIntToString( uid ) ) + ", ";
2150 sql += string( admin ? "1" : "0" ) + ") ";
2151 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2152 SQLINTEGER count = 0;
2153 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2154 ret = RES_OK;
2155 }else{
2156 string s( "SQLRowCount in insertMember " );
2157 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2158 s += string( ", sql=" ) + string( sql );
2159 setLastErrorString( s.c_str( ) );
2160 ret = RES_DB_QUERY_ERROR;
2161 }
2162 }else{
2163 string s( "SQLExecDirect in insertMember " );
2164 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2165 s += string( ", sql=" ) + string( sql );
2166 setLastErrorString( s.c_str( ) );
2167 ret = RES_DB_QUERY_ERROR;
2168 }
2169 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2170 }else{
2171 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
2172 ret = RES_DB_QUERY_ERROR;
2173 }
2174 return ret;
2175 }
2176
2177 /**
2178 *
2179 * ?違???若????絮????若?九??.
2180 * ?????違???若??????絮????????????若?吟?????若??D????緇?????
2181 *
2182 * @param sid ?祉???激?с??D
2183 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2184 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2185 * @param uids ??絮????若?吟??ID???????????????????ゃ?潟??/span>
2186 * @param uidsLen uids???????膣???/span>
2187 * @return RES_OK
2188 * @return RES_DB_NOT_INITIALIZED
2189 * @return RES_NO_SUCH_SESSION
2190 * @return RES_NO_SUCH_GROUP
2191 * @return RES_DB_QUERY_ERROR
2192 * @return RES_ERROR
2193 *
2194 */
2195 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2196 {
2197 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2198 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2199 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2200
2201 result_t ret = RES_ERROR;
2202 string sql;
2203 SQLRETURN sqlcode;
2204 SQLHANDLE hstmt = NULL;
2205 userid_t* dst = 0;
2206
2207 //how many members ?
2208 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2209 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2210 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2211 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2212 SQLUINTEGER count = 0;
2213 SQLINTEGER len;
2214 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
2215 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2216 dst = new userid_t[ count ];
2217 *uids = dst;
2218 *uidsLen = count;
2219 if( count > 0 ){
2220 //retrive member's IDs
2221 SQLHANDLE hstmt2 = NULL;
2222 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2223 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2224 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2225 sql += " " + string( criteria2str( cri ) );
2226 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2227 SQLUINTEGER uid = 0;
2228 SQLINTEGER len;
2229 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2230 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2231 dst[ i ] = uid;
2232 }
2233 ret = RES_OK;
2234 }else{
2235 setLastErrorString( "SQLExecDirect in getMembers" );
2236 ret = RES_DB_QUERY_ERROR;
2237 }
2238 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2239 }else{
2240 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2241 ret = RES_DB_QUERY_ERROR;
2242 }
2243 }else{
2244 ret = RES_OK;
2245 }
2246 }else{
2247 string s( "SQLFetch in getMembers sql=" );
2248 s += string( sql );
2249 setLastErrorString( s.c_str( ) );
2250 ret = RES_DB_QUERY_ERROR;
2251 }
2252 }else{
2253 setLastErrorString( "SQLExecDirect in getMembers" );
2254 ret = RES_DB_QUERY_ERROR;
2255 }
2256 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2257 }else{
2258 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2259 ret = RES_DB_QUERY_ERROR;
2260 }
2261 return ret;
2262 }
2263
2264 /**
2265 *
2266 * ?違???若????????
2267 * ???若?帥???若?鴻?????違???若???????ゃ???障??.
2268 *
2269 * @param sid ?祉???激?с??D
2270 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2271 * @return RES_OK
2272 * @return RES_DB_QUERY_ERROR
2273 * @return RES_NO_SUCH_SESSION
2274 * @return RES_DB_NOT_INITIALIZED
2275 *
2276 */
2277 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2278 {
2279 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2280 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2281
2282 result_t ret = RES_ERROR;
2283 string sql;
2284 SQLRETURN sqlcode;
2285 SQLHANDLE hstmt = NULL;
2286
2287 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2288 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2289 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2290 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2291 SQLINTEGER count = 0;
2292 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2293 ret = RES_OK;
2294 }else{
2295 string s( "SQLRowCount in deleteGroup" );
2296 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2297 s += string( ", sql=" ) + string( sql );
2298 setLastErrorString( s.c_str( ) );
2299 ret = RES_NO_SUCH_USER;
2300 }
2301 }else{
2302 string s( "SQLExecDirect in deleteGroup" );
2303 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2304 s += ", sql=";
2305 s += string( sql );
2306 setLastErrorString( s.c_str( ) );
2307 ret = RES_DB_QUERY_ERROR;
2308 }
2309 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2310 }else{
2311 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2312 ret = RES_ERROR;
2313 }
2314 return ret;
2315 }
2316
2317 /**
2318 *
2319 * ?違???若???脂??
2320 * ?違???若???????宴?????若?帥???若?鴻????蚊????鐚?/span>
2321 * ?脂?蚊?????違???若?????綽??????違???若??ID??gid???主?????鐚?/span>
2322 *
2323 * @param sid ?祉???激?с??D
2324 * @param group ?脂?蚊???????違???若????????/span>
2325 * @param gid ?脂?蚊?????違???若?????綽??????違???若??ID
2326 * @return RES_OK
2327 * @return RES_DB_NOT_INITIALIZED
2328 * @return RES_NO_SUCH_SESSION
2329 * @return RES_DB_QUERY_ERROR
2330 *
2331 */
2332 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2333 {
2334 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2335 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2336
2337 result_t ret = RES_ERROR;
2338 string sql;
2339 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2340 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2341 SQLRETURN sqlcode;
2342
2343 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2344 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2345 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2346 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2347 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2348 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2349 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2350 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2351 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2352 SQLINTEGER count = 0;
2353 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2354 //?違???若??ID????緇?????
2355 SQLHANDLE hstmt2 = NULL;
2356 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2357 sql = "SELECT LAST_INSERT_ID()"; // MySQL
2358 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
2359 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2360 SQLUINTEGER last_insert_id;
2361 SQLINTEGER len;
2362 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
2363 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
2364 *gid = last_insert_id;
2365 ret = RES_OK;
2366 }else{
2367 ret = RES_DB_QUERY_ERROR;
2368 string s( "SQLFetch in insertGroup " );
2369 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2370 setLastErrorString( s.c_str( ) );
2371 }
2372 }else{
2373 string s( "SQLExecDirect in insertGroup " );
2374 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2375 setLastErrorString( s.c_str( ) );
2376 ret = RES_DB_QUERY_ERROR;
2377 }
2378 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2379 }
2380 }else{
2381 string s( "SQLRowCount in insertGroup sql=" );
2382 s += string( sql );
2383 setLastErrorString( s.c_str( ) );
2384 ret = RES_DB_QUERY_ERROR;
2385 }
2386 }else{
2387 string s( "SQLExecute in insertGroup " );
2388 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2389 setLastErrorString( s.c_str( ) );
2390 ret = RES_DB_QUERY_ERROR;
2391 }
2392 }else{
2393 string s( "SQLPrepare in insertGroup " );
2394 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2395 setLastErrorString( s.c_str( ) );
2396 ret = RES_ERROR;
2397 }
2398 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2399 }else{
2400 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2401 ret = RES_ERROR;
2402 }
2403
2404 //
2405 if ( ret == RES_OK ){
2406 //group index??篏???
2407
2408 //group index????ort_num????
2409 string sql = "SELECT MAX(sort_number) FROM " +
2410 dbprefix + "_xnpaccount_index WHERE parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
2411 " AND (open_level=" + unsignedIntToString(index::OL_GROUP_ONLY) +
2412 " OR open_level=" + unsignedIntToString(index::OL_PUBLIC) + ")";
2413 unsigned int sortNumber;
2414 ret = queryGetUnsignedInt( "insertGroup", sql, &sortNumber );
2415 sortNumber++;
2416 if ( ret == RES_OK ){
2417 // group index篏???
2418 index_t index;
2419 userid_t uid;
2420 ret = sessionID2UID( sid, &uid );
2421 if ( ret == RES_OK ){
2422 index.setItemTypeID(item::ITID_INDEX);
2423 index.setContributorUID(uid);
2424 index.setParentIndexID(item::IID_ROOT);
2425 index.setOwnerGID(*gid);
2426 index.setOpenLevel(index::OL_GROUP_ONLY);
2427 index.setSortNumber(sortNumber);
2428 index.setTitle(group->getGname());
2429 indexid_t groupXID;
2430 ret = insertIndexInternal( sid, &index, &groupXID );
2431 if ( ret == RES_OK ){
2432 // xnpaccuont_groups??roup_index_id???吾??????
2433 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET group_index_id="
2434 + unsignedIntToString(groupXID) + " WHERE gid=" + unsignedIntToString(*gid);
2435 ret = querySimple( "insertGroup", sql );
2436 }
2437 }
2438 }
2439 }
2440
2441 return ret;
2442 }
2443
2444 /**
2445 *
2446 * ?違???若?????宴??紊??眼????
2447 *
2448 * @param sid ?祉???激?с??D
2449 * @param group ?違?????違???若??????/span>
2450 * @return RES_OK
2451 * @return RES_ERROR
2452 * @return RES_DB_NOT_INITIALIZED
2453 * @return RES_NO_SUCH_SESSION
2454 * @return RES_NO_SUCH_GROUP
2455 * @return RES_DB_QUERY_ERROR
2456 *
2457 */
2458 result_t updateGroup( sessionid_t sid, const group_t* group )
2459 {
2460 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2461 if( group == NULL ) return RES_ERROR;
2462 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2463 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2464
2465 result_t ret = RES_ERROR;
2466 string sql;
2467 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2468 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2469 SQLRETURN sqlcode;
2470
2471 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2472 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2473 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2474 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2475 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2476 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2477 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2478 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2479 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2480 SQLINTEGER count = 0;
2481 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2482 ret = RES_OK;
2483 }else{
2484 string s( "SQLRowCount in updateGroup sql=" );
2485 s += string( sql );
2486 setLastErrorString( s.c_str( ) );
2487 ret = RES_DB_QUERY_ERROR;
2488 }
2489 }else{
2490 string s( "SQLExecute in updateGroup " );
2491 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2492 setLastErrorString( s.c_str( ) );
2493 ret = RES_DB_QUERY_ERROR;
2494 }
2495 }else{
2496 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2497 ret = RES_ERROR;
2498 }
2499 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2500 }else{
2501 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2502 ret = RES_ERROR;
2503 }
2504 return RES_OK;
2505 }
2506
2507 /**
2508 *
2509 * ?違???若?????怨??
2510 *
2511 * @param sid ?祉???激?с??D
2512 * @param gid ??緇????????違???若????ID
2513 * @param group ??緇??????違???若?????宴???≪?????鴻???吾??莨若?????ゃ?潟??/span>
2514 * @return RES_OK
2515 * @return RES_DB_NOT_INITIALIZED
2516 * @return RES_NO_SUCH_SESSION
2517 * @return RES_NO_SUCH_GROUP
2518 * @return RES_DB_QUERY_ERROR
2519 *
2520 */
2521 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2522 {
2523 int len;
2524 static criteria c;
2525 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2526 if( len == 0 ) return RES_NO_SUCH_GROUP;
2527 return res;
2528 }
2529
2530 /**
2531 *
2532 * 茲??違???違???若?????宴??筝?綺?????????.
2533 *
2534 * @param sid ?祉???激?с??D
2535 * @param gids ??緇????????違???若????ID??????
2536 * @param gidsLen gids???????膣???/span>
2537 * @param cri 腟???????膀??駕??純?若???>散????絎?
2538 * @param groups ??緇?腟??????違???若?????宴?????????≪?????鴻???吾??莨若?????ゃ?潟??/span>
2539 * @param groupsLen ??緇?腟????????????膣???/span>
2540 * @return RES_OK
2541 * @return RES_DB_NOT_INITIALIZED
2542 * @return RES_NO_SUCH_SESSION
2543 * @return RES_DB_QUERY_ERROR
2544 *
2545 */
2546 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2547 {
2548 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2549 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2550
2551 #ifdef USE_SYSLOG
2552 openlog( "commonal", LOG_ODELAY, LOG_USER );
2553 #endif
2554
2555 SQLRETURN sqlcode;
2556 SQLHANDLE hstmt = NULL;
2557 result_t ret = RES_ERROR;
2558 string sql;
2559 group_t* dst = new group_t[ gidsLen ];
2560
2561 sql += "SELECT gid, gname, gdesc, group_index_id ";
2562 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2563 if( gidsLen > 0 ){
2564 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2565 for( int i = 1; i < gidsLen; i++ ){
2566 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2567 }
2568 }
2569 sql += criteria2str( cri );
2570
2571 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2572 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2573 SQLINTEGER len;
2574 groupid_t gid = 0;
2575 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2576 *groupsLen=0;
2577 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2578 dst[ i ].setGID( gid );
2579 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2580 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2581 dst[ i ].setGroupIndexID( atoi(getResultCol( hstmt, 4 ).c_str()) );
2582 ( *groupsLen )++;
2583 }
2584 *groups = dst;
2585 #ifdef USE_SYSLOG
2586 syslog( LOG_DEBUG, "getGroups succeed" );
2587 #endif
2588 ret = RES_OK;
2589 }else{
2590 string s( "SQLExecDirect in getGroups" );
2591 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2592 s += string( ", sql=" ) + string( sql );
2593 setLastErrorString( s.c_str( ) );
2594 #ifdef USE_SYSLOG
2595 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2596 #endif
2597 ret = RES_DB_QUERY_ERROR;
2598 }
2599 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2600 }else{
2601 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2602 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2603 setLastErrorString( s.c_str( ) );
2604 #ifdef USE_SYSLOG
2605 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2606 #endif
2607 ret = RES_DB_QUERY_ERROR;
2608 }
2609 #ifdef USE_SYSLOG
2610 closelog( );
2611 #endif
2612 return ret;
2613 }
2614
2615 /**
2616 *
2617 * ?≪?????若?炊┤???????<??菴???
2618 *
2619 * @param sid ?祉???激?с??D
2620 * @param uid ???????????????若?吟??ID
2621 * @return true 罔???????
2622 * @return false 罔???????
2623 *
2624 */
2625 bool isModerator( sessionid_t sid, userid_t uid )
2626 {
2627 if( hdbc == NULL ) return false;
2628 if( !isValidSessionID( sid ) ) return false;
2629 if( !uidExists( uid ) ) return false;
2630
2631 bool ret = false;
2632 SQLRETURN sqlcode;
2633 SQLHANDLE hstmt = NULL;
2634 SQLINTEGER count = 0;
2635 string sql;
2636 groupid_t moderator_gid;
2637
2638 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2639 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2640 sql += " WHERE name='moderator_gid'";
2641 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2642 SQLINTEGER len = 0;
2643 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2644 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2645 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2646 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2647 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2648 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2649 if( count > 0 ){
2650 ret = true;
2651 }
2652 }
2653 }else{
2654 setLastErrorString( "SQLFetch in isModerator " );
2655 }
2656 }else{
2657 string s( "SQLExecDirect in isModerator " );
2658 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2659 s += ", sql=";
2660 s += string( sql );
2661 setLastErrorString( s.c_str( ) );
2662 }
2663 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2664 }else{
2665 setLastErrorString( "SQLAllocHandle in isModerator " );
2666 }
2667 return ret;
2668 }
2669
2670 /**
2671 *
2672 * ???若??D??緇?
2673 *
2674 * @param uname ID????緇??????????若?吟?弱??
2675 * @param uid ID??篁e?ャ??????紊??違?????ゃ?潟??/span>
2676 * @return RES_ERROR
2677 * @return RES_OK
2678 * @refer result_t
2679 *
2680 */
2681 result_t getUid( const char* uname, userid_t* uid )
2682 {
2683 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2684 if( uname == NULL ) return RES_ERROR;
2685
2686 result_t ret = RES_ERROR;
2687 SQLRETURN sqlcode;
2688 SQLHANDLE hstmt = NULL;
2689 string sql;
2690 string uname2 = addSlashes( uname );
2691
2692 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2693 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2694 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2695 userid_t _uid = 0;
2696 SQLINTEGER len;
2697 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2698 sqlcode = SQLFetch( hstmt );
2699 if( sqlcode == SQL_SUCCESS ){
2700 *uid = _uid;
2701 ret = RES_OK;
2702 }else {
2703 string s( "SQLFetch in getUid sql=" );
2704 s += string( sql );
2705 setLastErrorString( s.c_str( ) );
2706 ret = RES_NO_SUCH_USER;
2707 }
2708 }else{
2709 setLastErrorString( "SQLExecDirect in getUid" );
2710 ret = RES_DB_QUERY_ERROR;
2711 }
2712 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2713 }else{
2714 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2715 ret = RES_DB_QUERY_ERROR;
2716 }
2717
2718 return ret;
2719 }
2720
2721 /**
2722 *
2723 * ?祉???激?с?潟??篏?????xoops_xnpaccount_session???吾??莨若???? sessionid_t??session???????
2724 *
2725 * @param uid xoops_users??id
2726 * @param session sessionid_t???????????????????ゃ?潟?帥??
2727 * @return RES_OK ????
2728 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2729 */
2730 static result_t addSession( userid_t uid, sessionid_t* session )
2731 {
2732 char *functionName = "addSession";
2733 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2734 unsignedIntToString(uid) + ")";
2735 result_t ret = querySimple( functionName, sql );
2736 if ( ret == RES_OK ){
2737 sql = "SELECT LAST_INSERT_ID()";
2738 ret = queryGetUnsignedInt( functionName, sql, (unsigned int*)session );
2739 }
2740 return ret;
2741 }
2742
2743
2744 /**
2745 *
2746 * ???違?ゃ?活?荐若???祉???激?с?割???
2747 *
2748 * @param uname ???違?ゃ?喝??
2749 * @param passwd ???鴻???若??
2750 * @param session sessionid_t???????????????????ゃ?潟?帥??
2751 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????<br>
2752 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻<br>
2753 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2754 *
2755 */
2756 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2757 {
2758 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2759
2760 result_t ret;
2761 string sql;
2762 SQLRETURN sqlcode;
2763
2764 // uname, passwd -> uid
2765 string escUname = addSlashes( uname );
2766 string escPasswd = addSlashes( passwd );
2767 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2768
2769 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2770 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2771 userid_t uid = 0;
2772 SQLINTEGER len;
2773 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2774 sqlcode = SQLFetch( hstmt );
2775 if( sqlcode == SQL_SUCCESS ){
2776 ret = addSession( uid, session );
2777 }else {
2778 string s( "SQLFetch in loginUser" );
2779 setLastErrorString( s.c_str( ) );
2780 ret = RES_LOGIN_FAILURE;//illegal loginname or password
2781 }
2782 }else{
2783 setLastErrorString( "SQLExecDirect in loginUser" );
2784 ret = RES_DB_QUERY_ERROR;
2785 }
2786 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2787 }else{
2788 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in loginUser" );
2789 ret = RES_DB_QUERY_ERROR;
2790 }
2791
2792 return ret;
2793 }
2794
2795 /**
2796 *
2797 * ???違?≪???????祉???激?с?括?篋?
2798 *
2799 * @param sid session id
2800 * @return ????
2801 *
2802 */
2803 void logoutUser( sessionid_t sid )
2804 {
2805 if( hdbc == NULL ) return; // RES_DB_NOT_INITIALIZED;
2806
2807 result_t ret;
2808 string sql;
2809 SQLRETURN sqlcode;
2810 SQLHANDLE hstmt = NULL;
2811
2812 sql = "DELETE FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + intToString((int)sid);
2813 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2814 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2815 ;
2816 }
2817 else {
2818 setLastErrorString( "SQLExecDirect in logoutUser" );
2819 }
2820 }
2821 else {
2822 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in logoutUser" );
2823 }
2824 }
2825
2826 /**
2827 *
2828 * ?祉???激?с?潟?????.<br>
2829 * XOOPS??ession???若????????蚊??????sess_id?????ess_id??膈??????
2830 * uid??Platform???若?吟??????ctivate????????????essionid_t??篏?????????
2831 * ???若?帥???若?鴻???祉???激?с?潟????違?????宴??荐??蚊????
2832 *
2833 * @param sessionid xoops??ession_id
2834 * @param uid xoops_users??id
2835 * @param session sessionid_t???????????????????ゃ?潟?帥??
2836 * @return RES_OK
2837 * @return RES_ERROR
2838 * @return RES_DB_QUERY_ERROR
2839 * @return RES_NO_SUCH_USER
2840 *
2841 */
2842 result_t createSession( const char* sess_id, userid_t uid, sessionid_t* session )
2843 {
2844 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2845
2846 result_t ret;
2847 string sql;
2848 SQLHANDLE hstmt = NULL;
2849 SQLRETURN sqlcode;
2850
2851 sql = "SELECT count(*) from " + dbprefix + "_xnpaccount_users where uid=" + unsignedIntToString( uid ) + " and activate=1";
2852 unsigned int count;
2853 ret = queryGetUnsignedInt( "createSession", sql, &count );
2854 if ( ret != RES_OK )
2855 return ret;
2856 if ( count = 0 )
2857 return RES_NO_SUCH_USER; // bad uid or activate=0
2858
2859 string escSess_id = addSlashes(sess_id);
2860 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STM