Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.43 - (show annotations) (download) (as text)
Wed Jan 19 01:42:15 2005 UTC (19 years, 2 months ago) by aga
Branch: MAIN
Changes since 1.42: +19 -12 lines
File MIME type: text/x-c++src 
。ヲx_xnpaccount_index、ホgid,uid、ャ0、ヒ、ハ、鬢ハ、、、隍ヲス、タオ.
1 /*
2 *
3 * $Revision: 1.42 $
4 * $Log: commonal.cc,v $
5 * Revision 1.42 2005/01/19 00:51:29 aga
6 * 繝サinsertIndex縺ァx_xnpaccount_index.index_id縺後♀縺九@縺??繧剃ソョ豁」.
7 *
8 * Revision 1.41 2005/01/19 00:06:51 aga
9 * 繝サupdateIndex縺ァ縲∝酔縺伜錐蜑阪?蜈?シ溘′縺ゅk縺句錐蜑阪′遨コ縺ァ縺ゅk縺ェ繧峨お繝ゥ繝シ縺ォ縺励◆.
10 * 繝サcreateSession縺ァ縲「id縺訓latform繝ヲ繝シ繧カ縺ァ縺ェ縺?°activate縺輔l縺ヲ縺?↑縺?↑繧峨お繝ゥ繝シ縺ォ縺励◆.
11 *
12 * Revision 1.40 2005/01/17 00:15:05 aga
13 * 繝サdeleteIndex, updateIndex縺ォ螟ア謨励☆繧九%縺ィ縺後≠繧九?繧剃ソョ豁」.
14 *
15 * Revision 1.39 2005/01/15 05:38:10 youi
16 * insertAccount: 譁?ュ怜?繝舌ャ繝輔ぃ縺ョ繧オ繧、繧コ隱ソ謨エ縺ェ縺ゥ.
17 * updateAccount: 譁?ュ怜?繝舌ャ繝輔ぃ縺ョ繧オ繧、繧コ隱ソ謨エ縺ェ縺ゥ.
18 * 繧「繧、繝?Β邂。逅?未謨ー繧貞ョ夂セゥ縺励◆.
19 * insertItem, getItem, getItems, dumpItemID, updateItem, deleteItem縺ェ縺ゥ.
20 * freeGID, freeUID: 蠑墓焚縺ョ蝙九r菫ョ豁」.
21 *
22 * Revision 1.38 2005/01/15 00:39:16 aga
23 * 繝サx_xnpaccount_item_basic縺ョ讒矩??繧貞、画峩.
24 *
25 * Revision 1.37 2005/01/14 10:36:59 aga
26 * 繝サindex髢「菫ゅ?蜃ヲ逅?r霑ス蜉?.
27 * 繝サinsertAccount縺ァprivate index繧剃ス懈?縺吶k繧医≧菫ョ豁」.
28 * 繝サinsertGroup縺ァgroup index 繧剃ス懈?縺吶k繧医≧菫ョ豁」.
29 *
30 * Revision 1.36 2005/01/13 04:19:22 aga
31 * 繝サVP繧湛NP縺ォ螟画鋤.
32 *
33 * Revision 1.35 2005/01/06 07:20:17 youi
34 * WIN32螳夂セゥ譎ゅ?繧、繝ウ繧ッ繝ォ繝シ繝峨?霑ス蜉?.
35 * MySQL API縺ォ髢「縺吶k繝倥ャ繝?繝輔ぃ繧、繝ォ繧貞炎髯、.
36 * deleteAccount: 謇?螻槭☆繧輝latform繧ー繝ォ繝シ繝励°繧峨?蜑企勁繧貞?阡オ縺励◆.
37 * insertAccount: 繝ヲ繝シ繧カ逋サ骭イ縺ィ蜷梧凾縺ォ繝?ヵ繧ゥ繝ォ繝?latform繧ー繝ォ繝シ繝励∈逋サ骭イ縺吶k.
38 * deleteMember: 繝?ヵ繧ゥ繝ォ繝?latform繧ー繝ォ繝シ繝励°繧峨?蜑企勁繧堤ヲ∵ュ「縺吶k.
39 * deleteMemberNoLimit縺ョ螳夂セゥ.
40 *
41 * Revision 1.34 2004/12/28 04:38:14 aga
42 * 繝サlogoutUser()縺ョ菫ョ豁」.
43 *
44 * Revision 1.33 2004/12/27 05:56:23 youi
45 * odbcDiagString: STMT莉・螟悶?繝上Φ繝峨Ν繧ょ?逅?☆繧九h縺?↓螟画峩縺励◆.
46 * syslog繝。繝?そ繝シ繧ク縺ョ蜃ヲ逅?r霑ス蜉?縺励◆.
47 *
48 * Revision 1.32 2004/12/25 09:46:47 youi
49 * MySQL+MyODBC縺ァ蜍穂ス懊☆繧九h縺?↓菫ョ豁」縺励◆.
50 *
51 * Revision 1.31 2004/12/21 11:42:59 youi
52 * 繧ウ繝。繝ウ繝医?蠑墓焚?梧綾繧雁?、縺ョ隱ャ譏弱↑縺ゥ繧定ソス蜉?.
53 *
54 * Revision 1.30 2004/12/18 10:24:54 youi
55 * IMPORT_MYSQLDLL繧貞ョ夂セゥ縺励◆縺ィ縺搾シ勲YSQL縺ョDLL繧貞虚逧?Μ繝ウ繧ッ縺吶k繝励Ο繝医ち繧、繝怜ョ」險?縺?/span>
56 * 譛牙柑縺ォ縺ェ繧九h縺?↓菫ョ豁」縺励◆.
57 *
58 * Revision 1.29 2004/12/18 01:12:29 youi
59 * freeResult縺ョ髢「謨ー蜷阪rfree<繝??繧ソ蝙?gt;縺ォ螟画峩縺励◆.
60 *
61 * Revision 1.28 2004/12/14 12:02:08 youi
62 * __WIN__繧貞ョ夂セゥ縺励◆縺ィ縺阪?windows縺ョdll菴懈?縺ォ蠢?ヲ√↑蜃ヲ逅?r陦後↑縺?
63 * USE_SYSLOG繧貞ョ夂セゥ縺励◆縺ィ縺阪?syslogd縺ク繝。繝?そ繝シ繧ク繧貞?蜉帙☆繧?
64 * getAccounts: uidsLen縺?縺ョ縺ィ縺阪?蜃ヲ逅?r霑ス蜉?縺励◆.
65 *
66 * Revision 1.27 2004/12/06 11:34:47 aga
67 * 繝サuninitializeDB()繧定ソス蜉?.
68 *
69 * Revision 1.26 2004/12/06 10:17:36 youi
70 * mysql_use_result縺ョ蜿門セ礼オ先棡繧呈ョ九&縺壼叙繧雁?縺吶◆繧?シ?/span>
71 * while( row = mysql_fetch_row(result) );繧呈諺蜈・??/span>
72 *
73 * Revision 1.25 2004/12/06 07:24:33 youi
74 * insertAccount, insertGroup:
75 * 譁ー隕剰ソス蜉?縺励◆諠??ア縺ォ蟇セ蠢懊☆繧九Θ繝シ繧カID?後げ繝ォ繝シ繝悠D繧堤ャャ荳牙シ墓焚縺ォ譖ク縺崎セシ繧?.
76 *
77 * Revision 1.24 2004/12/06 01:45:50 aga
78 * 繝サ繧ウ繝。繝ウ繝医▽縺?
79 * 繝サ髢区叛蠢倥l菫ョ豁」.
80 *
81 * Revision 1.23 2004/12/04 09:21:10 aga
82 * 繝サxnp_config 竊 xnpaccount_config.
83 *
84 * Revision 1.22 2004/12/03 07:17:21 youi
85 * isModerator縺ァ繧「繧ッ繧サ繧ケ縺吶k繝??繧ソ繝吶?繧ケ繝??繝悶Ν蜷阪r菫ョ豁」.
86 *
87 * Revision 1.21 2004/12/01 10:28:58 youi
88 * DB繧ォ繝ゥ繝?蜷阪?螟画峩縺ォ莨エ縺?ソョ豁」
89 * institute -> division
90 * organizaion -> company_name
91 *
92 * Revision 1.20 2004/12/01 04:37:04 youi
93 * freeResult: unsigned int* 繧 int* 縺ク菫ョ豁」.
94 * 繧ウ繝。繝ウ繝磯Κ縺ォ髢「謨ー縺ョ隱ャ譏弱r霑ス險?
95 *
96 * Revision 1.19 2004/11/30 06:40:11 youi
97 * 髢「謨ー繧定ソス蜉?(gidExists, uidExists)
98 * getGroupCount繧貞ョ夂セゥ.
99 * getGroupsByUid繧貞ョ夂セゥ.
100 * isGroupAdmin繧剃ソョ豁」.
101 * dumpGroupAdmins繧貞ョ夂セゥ.
102 * deleteMember繧貞ョ夂セゥ.
103 * insertMember繧貞ョ夂セゥ.
104 * getMembers繧貞ョ夂セゥ.
105 * isModerator繧貞ョ夂セゥ.
106 *
107 * Revision 1.18 2004/11/30 05:46:32 aga
108 * 繝サsession縺九iremoteHost繧貞炎髯、.
109 *
110 * Revision 1.17 2004/11/27 09:35:49 youi
111 * isActivated繧貞ョ夂セゥ.
112 * activate繧貞ョ夂セゥ.
113 * dumpUid繧貞ョ夂セゥ.
114 *
115 * Revision 1.16 2004/11/27 06:29:29 youi
116 * getAccountCount繧貞ョ夂セゥ.
117 * dumpGids繧貞ョ夂セゥ.
118 * insertGroup, deleteGroup, updateGroup繧貞ョ夂セゥ.
119 * getGroup, getGroups繧貞ョ夂セゥ.
120 * 繝??繧ソ繝吶?繧ケ蛻晄悄蜑阪?蜻シ蜃コ縺ォ蟇セ縺暦シ軍ES_DB_NOT_INITIALIZED繧定ソ斐☆蜃ヲ逅?r蜷?未謨ー縺ォ霑ス蜉?
121 * (譛ェ蟇セ蠢懊?髢「謨ー縺梧ョ九▲縺ヲ縺?k)
122 *
123 * Revision 1.15 2004/11/27 02:22:22 aga
124 * 繝サinitializeDB蜑阪↓addSlashes()繧貞他縺カ縺ィ關ス縺。繧九?繧剃ソョ豁」.
125 *
126 * Revision 1.14 2004/11/27 01:07:31 youi
127 * criteria2str: LIMIT縺ィORDER BY縺ョ鬆?分繧貞?繧梧崛縺医◆.
128 *
129 * Revision 1.13 2004/11/27 00:35:39 youi
130 * getAccounts繧貞ョ夂セゥ.
131 * getAccount繧剃ソョ豁」?悟?驛ィ縺ァgetAccounts繧貞他縺ウ蜃コ縺?
132 * criteria2str繧貞ョ夂セゥ.
133 *
134 * Revision 1.12 2004/11/26 09:45:28 youi
135 * getAccount繧貞ョ夂セゥ.
136 *
137 * Revision 1.11 2004/11/26 08:16:26 aga
138 * 繝サgetSession, loginUser, createSession, freeResult(const session_t*) 菫ョ豁」.
139 *
140 * Revision 1.10 2004/11/26 07:57:42 youi
141 * updateAccount, deleteAccount繧貞ョ夂セゥ.
142 * mysql_query螟ア謨玲凾縺ッstderr縺ク繧ィ繝ゥ繝シ繧ウ繝シ繝峨→繧ィ繝ゥ繝シ繝。繝?そ繝シ繧ク繧貞?蜉?
143 *
144 * Revision 1.9 2004/11/26 07:38:02 aga
145 * 繝サFAILUE -> FAILURE.
146 *
147 * Revision 1.8 2004/11/26 06:36:55 aga
148 * 繝サcreateSession, getSession 繧剃ス懈?.
149 *
150 * Revision 1.7 2004/11/26 04:51:47 youi
151 * dbprefix繧貞ョ夂セゥ縺励◆.
152 * insertAccount繧貞ョ夂セゥ縺励◆.
153 * isValidSessionID繧貞ョ夂セゥ縺励◆.
154 *
155 * Revision 1.6 2004/11/26 04:35:55 aga
156 * 繝サloginUser(), logoutUser()繧剃ス懈?.
157 *
158 * Revision 1.5 2004/11/26 01:08:25 aga
159 * 繝サaddSlashes()菴懈?.
160 *
161 * Revision 1.4 2004/11/25 12:14:29 youi
162 * getUid縺ョ蜃ヲ逅?r螳夂セゥ縺励◆.
163 *
164 * Revision 1.3 2004/11/25 11:13:59 youi
165 * getLastErrorString/setLastErrorString繧貞ョ夂セゥ.
166 *
167 * Revision 1.2 2004/11/25 08:55:19 youi
168 * 蠑墓焚縺ョ蝙九r菫ョ豁」.
169 * freeResult繧定ソス蜉?.
170 *
171 * Revision 1.1 2004/11/25 05:14:58 youi
172 * initial version
173 *
174 *
175 */
176 #ifdef WIN32
177 #include <windows.h>
178 #endif
179
180 #ifdef USE_SYSLOG
181 #include <syslog.h>
182 #endif
183
184 #include <stdio.h>
185 #include <stdlib.h>
186 #include <string.h>
187 #include <string>
188 #include <assert.h>
189 #include <sql.h>
190 #include <sqlext.h>
191 using namespace std;
192
193 #include "common.h"
194 #include "account.h"
195 #include "group.h"
196 #include "session.h"
197 #include "item.h"
198 #include "itemtype.h"
199 #include "criteria.h"
200 #include "commonal.h"
201 #include "item.h"
202 #include "index.h"
203
204 static string dbprefix; //!< XOOPS繝??繧ソ繝吶?繧ケ繝??繝悶Ν縺ョPREFIX
205
206 static SQLHANDLE henv = NULL;
207 static SQLHANDLE hdbc = NULL;
208 static SQLHANDLE hstmt = NULL;
209
210 static result_t insertIndexInternal( sessionid_t sid, index_t *index, indexid_t *xid );
211
212 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
213 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
214
215 static result_t countResultRows( const char* sql, SQLINTEGER* count )
216 {
217 result_t ret = RES_ERROR;
218 SQLRETURN sqlcode;
219 SQLHANDLE hstmt = NULL;
220 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
221 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
222 *count = 0;
223 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
224 ret = RES_OK;
225 }else{
226 string s( "SQLExecDirect in countResultRows " );
227 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
228 s += "sql=";
229 s += string( sql );
230 setLastErrorString( s.c_str( ) );
231 ret = RES_DB_QUERY_ERROR;
232 }
233 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
234 }
235 return ret;
236 }
237
238 /**
239 *
240 * 繧サ繝?す繝ァ繝ウ縺ォ蟇セ蠢應サ倥¢繧峨l縺溘Θ繝シ繧カID繧貞セ励k
241 *
242 * @param sid 繧サ繝?す繝ァ繝ウID
243 * @param uid 繝ヲ繝シ繧カID繧貞女縺大叙繧九?繧、繝ウ繧ソ蠑墓焚
244 * @return RES_OK
245 * @return RES_ERROR
246 *
247 */
248 static result_t getUIDFromSession( sessionid_t sid, userid_t* uid )
249 {
250 const session_t* session;
251 if( getSession( sid, &session ) == RES_OK ){
252 *uid = session -> getUID( );
253 freeSession( session );
254 return RES_OK;
255 }
256 return RES_ERROR;
257 }
258
259 /**
260 *
261 * 繧サ繝?す繝ァ繝ウ縺ォ蟇セ蠢應サ倥¢繧峨l縺溘Θ繝シ繧カ縺鯉シ訓latform繝ヲ繝シ繧カ縺ィ縺励※Activate縺?/span>
262 * 繧後※縺?k縺九r霑斐☆
263 *
264 * @param sid 繧サ繝?す繝ァ繝ウID
265 * @return true Activate縺輔l縺ヲ縺?k
266 * @return false Activate縺輔l縺ヲ縺?k?後∪縺溘?繧ィ繝ゥ繝シ
267 *
268 */
269 static bool isActivatedBySession( sessionid_t sid )
270 {
271 const session_t* session;
272 if( getSession( sid, &session ) == RES_OK ){
273 userid_t sess_uid = session -> getUID( );
274 freeSession( session );
275 return isActivated( sid, sess_uid );
276 }
277 return false;
278 }
279
280 /**
281 *
282 * 繧サ繝?す繝ァ繝ウ縺ォ蟇セ蠢應サ倥¢繧峨l縺溘Θ繝シ繧カ縺鯉シ後Δ繝?Ξ繝シ繧ソ縺ァ縺ゅk縺具シ?/span>
283 *
284 *
285 * @param sid 繧サ繝?す繝ァ繝ウID
286 * @return true 繝「繝?Ξ繝シ繧ソ
287 * @return false 繝「繝?Ξ繝シ繧ソ縺ァ縺ェ縺?シ後∪縺溘?繧ィ繝ゥ繝シ
288 *
289 */
290 static bool isModeratorBySession( sessionid_t sid )
291 {
292 const session_t* session;
293 if( getSession( sid, &session ) == RES_OK ){
294 userid_t sess_uid = session -> getUID( );
295 freeSession( session );
296 return isModerator( sid, sess_uid );
297 }
298 return false;
299 }
300
301 /** SQL繧貞ョ溯。後☆繧九?らオ先棡縺ッ謐ィ縺ヲ繧九??/span>
302 * @param sql sql
303 * @return result_t
304 */
305 static result_t querySimple( const char *functionName, string &sql ){
306 result_t ret = RES_ERROR;
307 SQLRETURN sqlcode;
308 SQLHANDLE hstmt = NULL;
309 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
310 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
311 ret = RES_OK;
312 }else{
313 string s( "SQLExecDirect in querySimple " );
314 s += functionName;
315 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
316 s += "sql=";
317 s += sql;
318 setLastErrorString( s.c_str( ) );
319 ret = RES_DB_QUERY_ERROR;
320 }
321 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
322 }
323 else {
324 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in querySimple " );
325 ret = RES_ERROR;
326 }
327 return ret;
328 }
329
330 /** SQL繧貞ョ溯。後@縲?陦檎岼縺ョ譛?蛻昴?謨エ謨ー蛟、(NULL縺ェ繧?縺ィ縺ソ縺ェ縺?縺ョ縺ソ蜿励¢蜿悶k縲?/span>
331 * @param sql sql
332 * @param u 謨エ謨ー蛟、繧貞女縺大叙繧句、画焚縲?/span>
333 * @return result_t
334 */
335 static result_t queryGetUnsignedInt( const char *functionName, string &sql, unsigned int *u ){
336 result_t ret = RES_ERROR;
337 SQLRETURN sqlcode;
338 SQLHANDLE hstmt = NULL;
339 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
340 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
341 SQLUINTEGER sInt = 0;
342 SQLINTEGER len;
343 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sInt, 0, &len );
344 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
345 if ( len == SQL_NULL_DATA )
346 sInt = 0;
347 *u = sInt;
348 ret = RES_OK;
349 }else{
350 string s( "SQLFetch in queryGetUnsignedInt " );
351 s += functionName;
352 setLastErrorString( s.c_str( ) );
353 ret = RES_ERROR;
354 }
355 }else{
356 string s( "SQLExecDirect in queryGetUnsignedInt " );
357 s += functionName;
358 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
359 s += "sql=";
360 s += sql;
361 setLastErrorString( s.c_str( ) );
362 ret = RES_DB_QUERY_ERROR;
363 }
364 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
365 }
366 else {
367 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in queryGetUnsignedInt " );
368 ret = RES_ERROR;
369 }
370 return ret;
371 }
372
373 /** sid縺九iuid繧貞セ励k縲?/span>
374 * @param sid session id
375 * @param uid uid繧貞女縺大叙繧句、画焚
376 * @return
377 */
378 static result_t sessionID2UID( sessionid_t sid, userid_t *uid ){
379 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
380
381 SQLRETURN sqlcode;
382 SQLHANDLE hstmt = NULL;
383
384 string sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString(sid);
385 return queryGetUnsignedInt( "sessionID2UID", sql, (unsigned int*)uid );
386 }
387
388 /**
389 *
390 * 譁?ュ怜?繧ウ繝斐???/span>
391 * 謖?ョ壽枚蟄玲焚繧偵さ繝斐?縺暦シ後ヰ繝?ヵ繧。縺ョ譛?蠕後rNULL邨らォッ縺吶k??/span>
392 * ( dst縺ョ繧オ繧、繧コ >= len + 1 )縺ァ縺ゅk縺薙→
393 *
394 */
395 static char* strncpy2( char* dst, const char* src, int len )
396 {
397 strncpy( dst, src, len );
398 dst[ len ] = '\0';
399 // fprintf( stderr, "strncpy2 '%s'\n", dst );
400 return dst;
401 }
402
403 /**
404 *
405 * SQL縺ョ螳溯。檎オ先棡縺九i繧ィ繝ゥ繝シ譁?ュ怜?繧堤函謌舌☆繧?/span>
406 *
407 * @param hstmt SQL譁??繝上Φ繝峨Ν
408 * @param sqlcode SQLExecDirect,SQLExecute縺ョ謌サ繧雁?、
409 * @return 繧ィ繝ゥ繝シ譁?ュ怜?
410 */
411 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
412 {
413 string s;
414 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
415 SQLCHAR SQLState[6];
416 SQLINTEGER NativeError;
417 SQLCHAR MessageText[ 1024 ];
418 SQLSMALLINT BufferLength;
419 SQLSMALLINT TextLength;
420 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
421
422 s += string( (char*)MessageText );
423 s += " SQLSTATE=";
424 s += string( (char*)SQLState );
425
426 }
427 s += " sqlcode=";
428 s += intToString( sqlcode );
429 return s;
430 }
431
432 /**
433 *
434 * 謖?ョ壹き繝ゥ繝?縺ョ蛟、繧貞叙繧雁?縺励※縺昴?譁?ュ怜?繧定ソ斐☆
435 *
436 */
437 string getResultCol( SQLHANDLE hstmt, int col )
438 {
439 string s;
440 SQLRETURN sqlcode;
441 SQLCHAR BinaryPtr[5000];
442 SQLUINTEGER PartID;
443 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
444 SQLRETURN rc;
445
446 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
447 &BinaryLenOrInd)) != SQL_NO_DATA) {
448 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
449 if( NumBytes >= 0 ){
450 s += string( (char*)BinaryPtr, NumBytes );
451 }
452 }
453 #ifdef USE_SYSLOG
454 // openlog( "commonal", LOG_ODELAY, LOG_USER );
455 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
456 // closelog( );
457 #endif
458 return s;
459 }
460
461
462 /**
463 *
464 * 繧ッ繧ゥ繝シ繝医↑縺ゥ繧箪險伜捷縺ァ繧ィ繧ケ繧ア繝シ繝励☆繧?/span>
465 *
466 * @param str addslashes縺吶∋縺肴枚蟄怜?縲?ULL謖?ョ壻ク榊庄縲?/span>
467 * @return 螟画鋤蠕後?譁?ュ怜?
468 */
469 string addSlashes( const char *str )
470 {
471 if ( hdbc == NULL ){
472 string s;
473 return s;
474 }else{
475 string s( str );
476 return s;
477 }
478
479 int len = strlen(str) * 3;
480 char* dst = new char[ len ];
481 const char* from = str;
482 char* to = dst;
483 while( *from != '\0' ){
484 switch( *from ){
485 case '\'':
486 case '\"':
487 case ';':
488 *to = '\\'; to++;
489 break;
490 }
491 *to = *from; to++;
492 from++;
493 }
494 *to = '\0';
495 string s( dst );
496 delete[] dst;
497 return s;
498 }
499
500 /**
501 *
502 * gid縺ョ蟄伜惠繧偵メ繧ァ繝?け.
503 * DB縺ョ繧「繧ッ繧サ繧ケ螟ア謨励↑縺ゥ繧Galse縺ィ縺ェ繧具シ?/span>
504 *
505 * @param gid 繝√ぉ繝?け縺励◆縺ЖID
506 * @return true 蟄伜惠縺吶k
507 * @return false 蟄伜惠縺励↑縺?/span>
508 *
509 */
510 static bool gidExists( groupid_t gid )
511 {
512 string sql;
513 SQLRETURN sqlcode;
514 SQLHANDLE hstmt = NULL;
515
516 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
517 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
518 return false;
519 }
520
521 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
522 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
523 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
524 setLastErrorString( "SQLExecDirect in gidExists" );
525 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
526 return false;
527 }
528
529 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
530 setLastErrorString( "SQLFetch in gidExists" );
531 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
532 return false;
533 }
534
535 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
536 return true;
537 }
538
539
540 /**
541 *
542 * Platform繝ヲ繝シ繧カ諠??ア縺ォuid縺悟ュ伜惠縺吶k縺九r繝√ぉ繝?け.
543 * DB縺ョ繧「繧ッ繧サ繧ケ螟ア謨励↑縺ゥ繧Galse縺ィ縺ェ繧具シ?/span>
544 *
545 * @param uid 繝√ぉ繝?け縺励◆縺ФID
546 * @return true 蟄伜惠縺吶k
547 * @return false 蟄伜惠縺励↑縺?/span>
548 *
549 */
550 static bool uidExists( userid_t uid )
551 {
552 bool ret = false;
553 string sql;
554 SQLRETURN sqlcode;
555 SQLINTEGER count = 0;
556
557 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
558 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
559 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
560 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
561 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
562 ret = true;
563 }else{
564 string s( "SQLFetch in uidExists ");
565 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
566 s += string( ", sql=" ) + string( sql );
567 setLastErrorString( s.c_str( ) );
568 ret = false;
569 }
570 }else{
571 string s( "SQLExecDirect in uidExists ");
572 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
573 s += string( ", sql=" ) + string( sql );
574 setLastErrorString( s.c_str( ) );
575 ret = false;
576 }
577 }else{
578 string s( "SQLAllocHandle in uidExists ");
579 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
580 setLastErrorString( s.c_str( ) );
581 ret = false;
582 }
583 return ret;
584 }
585
586
587 /**
588 *
589 * criteria 繧 SQL縺ォ螟画鋤縺吶k
590 *
591 *
592 *
593 */
594 string criteria2str( criteria* cri )
595 {
596 string sql;
597
598 const orderby* odrby = cri -> headOrderBy( );
599 if( odrby != 0 ){
600 sql += " ORDER BY " + string( odrby -> getColumn( ) );
601 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
602 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
603 sql += ", " + string( odrby -> getColumn( ) );
604 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
605 }
606 }
607
608 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
609 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
610 + ", " + string( intToString( cri -> getLimitRows( ) ) );
611 }
612 return sql;
613 }
614
615
616 /**
617 *
618 * 繝??繧ソ繝吶?繧ケ縺ョ蛻晄悄蛹?/span>
619 *
620 * @param dsn DSN
621 * @param user 繝??繧ソ繝吶?繧ケ縺ォ繧「繧ッ繧サ繧ケ縺吶k繝ヲ繝シ繧カ蜷?/span>
622 * @param password 荳願ィ倥Θ繝シ繧カ縺ョ繝代せ繝ッ繝シ繝?/span>
623 * @param dbname 繝?繝溘?
624 * @param prefix XOOPS繝??繧ソ繝吶?繧ケ繝??繝悶Ν縺ョPREFIX
625 * @return RES_OK
626 * @return RES_DB_INITIALIZE_ERROR
627 * @return RES_DB_CONNECT_ERROR
628 * @refer result_t
629 */
630 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
631 {
632 SQLRETURN sqlcode;
633
634 #ifdef USE_SYSLOG
635 openlog( "commonal", LOG_ODELAY, LOG_USER );
636 #endif
637 // 譌「縺ォ謗・邯壻クュ縺ェ繧峨?∽ク?譌ヲ蛻?妙
638 if ( hdbc != NULL )
639 SQLDisconnect( hdbc );
640
641 dbprefix = prefix;
642
643 // 蛻晄悄蛹悶→謗・邯?/span>
644 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
645 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
646 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
647 #ifdef USE_SYSLOG
648 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
649 closelog( );
650 #endif
651 return RES_DB_INITIALIZE_ERROR;
652 }
653 //ODBC Ver.3 縺ィ縺励※謖ッ闊槭≧繧医≧縺ォ螻樊?ァ繧定ィュ螳?/span>
654 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
655
656 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
657 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
658 #ifdef USE_SYSLOG
659 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
660 closelog( );
661 #endif
662 return RES_DB_INITIALIZE_ERROR;
663 }
664 //繝ュ繧ー繧、繝ウ縺ォ5遘剃サ・荳願ヲ√@縺溘i繧ソ繧、繝?繧「繧ヲ繝医☆繧玖ィュ螳?/span>
665 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
666
667 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
668 string s( "SQLConnect in initializeDB " );
669 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
670 setLastErrorString( s.c_str( ) );
671 #ifdef USE_SYSLOG
672 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
673 closelog( );
674 #endif
675 return RES_DB_CONNECT_ERROR;
676 }
677 #ifdef USE_SYSLOG
678 syslog( LOG_DEBUG, "initializeDB succeed" );
679 closelog( );
680 #endif
681 return RES_OK;
682 }
683
684 /**
685 *
686 * DB謗・邯壹′縺ゅl縺ー縲√◎繧後r髢区叛縺吶k縲?/span>
687 *
688 * @param 縺ェ縺?/span>
689 * @return RES_OK
690 */
691 result_t uninitializeDB()
692 {
693 if ( hdbc != NULL ){
694 SQLDisconnect( hdbc );
695 hdbc = NULL;
696 }
697 return RES_OK;
698 }
699
700 /**
701 *
702 * Platform繝ヲ繝シ繧カ謇ソ隱咲憾諷句叙蠕?/span>
703 *
704 * @param sid 繧サ繝?す繝ァ繝ウID
705 * @param uid 迥カ諷九r蜿門セ励@縺溘>繝ヲ繝シ繧カ縺ョUID
706 * @return true 謇ソ隱肴ク医∩
707 * @return false 譛ェ謇ソ隱?/span>
708 *
709 */
710 bool isActivated( sessionid_t sid, userid_t uid )
711 {
712 if( hdbc == NULL ) return false;
713 if( !isValidSessionID( sid ) ) return false;
714
715 bool ret = false;
716 string sql;
717 SQLRETURN sqlcode;
718 SQLHANDLE hstmt = NULL;
719
720 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
721 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
722 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
723 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
724 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
725 ret = true;
726 }else{
727 string s( "SQLFetch in isActivated " );
728 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
729 s += ", sql=" + sql;
730 setLastErrorString( s.c_str() );
731 ret = false;
732 }
733 }else{
734 string s( "SQLExecDirect in isActivated " );
735 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
736 s += ", sql=" + sql;
737 setLastErrorString( s.c_str() );
738 ret = false;
739 }
740 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
741 }else{
742 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
743 ret = false;
744 }
745 return ret;
746 }
747
748 /**
749 *
750 * Platform繝ヲ繝シ繧カ謇ソ隱咲憾諷句、画峩
751 *
752 * @param sid 繧サ繝?す繝ァ繝ウID
753 * @param uid 螟画峩縺励◆縺?Θ繝シ繧カ縺ョUID
754 * @param activate 謇ソ隱?true) / 譛ェ謇ソ隱?false)縺ョ謖?ョ?/span>
755 * @return RES_OK
756 * @return RES_DB_QUERY_ERROR
757 * @return RES_NO_SUCH_USER
758 */
759 result_t activate( sessionid_t sid, userid_t uid, bool activate )
760 {
761 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
762 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
763
764 string sql;
765 SQLRETURN sqlcode;
766 result_t ret = RES_ERROR;
767
768 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
769 sql += "SET activate=" + string( activate ? "1" : "0" );
770 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
771 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
772 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
773 SQLINTEGER count = 0;
774 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
775 ret = RES_OK;
776 }else{
777 string s( "SQLRowCount in activate ");
778 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
779 s += string( ", sql=" ) + string( sql );
780 setLastErrorString( s.c_str( ) );
781 ret = RES_NO_SUCH_USER;
782 }
783 }else{
784 string s( "SQLExecDirect in activate " );
785 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
786 s += ", sql=";
787 s += string( sql );
788 setLastErrorString( s.c_str( ) );
789 ret = RES_DB_QUERY_ERROR;
790 }
791 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
792 }else{
793 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
794 ret = RES_ERROR;
795 }
796 return ret;
797 }
798
799 /**
800 *
801 * 繧「繧ォ繧ヲ繝ウ繝域焚繧貞叙蠕励☆繧具シ?/span>
802 *
803 * @param sid 繧サ繝?す繝ァ繝ウID
804 * @return 繧「繧ォ繧ヲ繝ウ繝域焚
805 *
806 */
807 int getAccountCount( sessionid_t sid )
808 {
809 if( hdbc == NULL ) return 0;
810 if( !isValidSessionID( sid ) ) return 0;
811
812 int ret = 0;
813 string sql;
814 SQLRETURN sqlcode;
815 SQLHANDLE hstmt = NULL;
816
817 //繧「繧ォ繧ヲ繝ウ繝域焚繧呈アゅa繧?/span>
818 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
819 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
820 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
821 SQLUINTEGER count = 0;
822 SQLINTEGER len;
823 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
824 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
825 ret = count;
826 }else {
827 string s( "SQLFetch in getAccountCount sql=" );
828 s += string( sql );
829 setLastErrorString( s.c_str( ) );
830 ret = 0;
831 }
832 }else{
833 setLastErrorString( "SQLExecDirect in getAccountCount" );
834 ret = 0;
835 }
836 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
837 }else{
838 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
839 ret = 0;
840 }
841 return ret;
842 }
843
844 /**
845 *
846 * 繧「繧ォ繧ヲ繝ウ繝亥炎髯、
847 * 繧ー繝ォ繝シ繝励°繧峨?蜑企勁縺ィ繝ヲ繝シ繧カ諠??ア縺ョ蜑企勁繧定。後↑縺?∪縺呻シ?/span>
848 *
849 * @param
850 * @return RES_OK
851 * @return RES_ERROR
852 * @return RES_DB_NOT_INITIALIZED
853 * @return RES_NO_SUCH_SESSION
854 * @return RES_DB_QUERY_ERROR
855 *
856 */
857 result_t deleteAccount( sessionid_t sid, userid_t uid )
858 {
859 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
860 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
861
862 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
863 criteria_t c;
864 string sql;
865 groupid_t* gids;
866 int gidsLen;
867 SQLRETURN sqlcode;
868 SQLHANDLE hstmt = NULL;
869
870 /*
871 1. delete user from default platform group
872 2. delete user profile from xoops_users
873 3. delete platform user from xnpaccount_users
874 */
875
876 //1. delete user from platform groups
877 c.clearAll();
878 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
879 for( int i = 0; i < gidsLen; i++ )
880 deleteMemberNoLimit( sid, gids[ i ], uid );
881 freeGID( gids );
882 }
883
884 //2. delete user profile from xoops_users
885 sql = "DELETE FROM " + dbprefix + "_users ";
886 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
887 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
888 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
889 SQLINTEGER count = 0;
890 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
891 ret1 = RES_OK;
892 }else{
893 string s( "SQLRowCount in deleteAccount" );
894 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
895 s += string( ", sql=" ) + string( sql );
896 setLastErrorString( s.c_str( ) );
897 ret1 = RES_NO_SUCH_USER;
898 }
899 }else{
900 string s( "SQLExecDirect in deleteAccount" );
901 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
902 s += ", sql=";
903 s += string( sql );
904 setLastErrorString( s.c_str( ) );
905 ret1 = RES_DB_QUERY_ERROR;
906 }
907 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
908 }else{
909 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
910 ret1 = RES_ERROR;
911 }
912
913 //3. delete platform user from xnpaccount_users
914 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
915 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
916 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
917 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
918 SQLINTEGER count = 0;
919 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
920 ret2 = RES_OK;
921 }else{
922 string s( "SQLRowCount in deleteAccount" );
923 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
924 s += string( ", sql=" ) + string( sql );
925 setLastErrorString( s.c_str( ) );
926 ret2 = RES_NO_SUCH_USER;
927 }
928 }else{
929 string s( "SQLExecDirect in deleteAccount" );
930 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
931 s += ", sql=";
932 s += string( sql );
933 setLastErrorString( s.c_str( ) );
934 ret2 = RES_DB_QUERY_ERROR;
935 }
936 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
937 }else{
938 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
939 ret2 = RES_ERROR;
940 }
941
942 //荳?譁ケ縺ァ繧ゅお繝ゥ繝シ縺ェ繧峨お繝ゥ繝シ繧定ソ斐☆
943 return ret1 != RES_OK ? ret1 : ret2;
944 }
945
946 /**
947 *
948 * 繧「繧ォ繧ヲ繝ウ繝域ュ蝣ア蜿門セ?/span>
949 *
950 * @param sid 繧サ繝?す繝ァ繝ウID
951 * @param uid 蜿門セ励@縺溘>繝ヲ繝シ繧カ縺ョUID
952 * @param acc 蜿門セ励@縺溘い繧ォ繧ヲ繝ウ繝域ュ蝣ア(account_t)縺ョ繝昴う繝ウ繧ソ繧呈嶌縺崎セシ繧?蠑墓焚
953 * @return RES_OK
954 * @return RES_DB_NOT_INITIALIZED
955 * @return RES_NO_SUCH_USER
956 * @return RES_NO_SUCH_SESSION
957 * @return RES_DB_QUERY_ERROR
958 *
959 */
960 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
961 {
962 int len;
963 static criteria c;
964 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
965 if( len == 0 ) return RES_NO_SUCH_USER;
966 return res;
967 }
968
969 /**
970 *
971 * 繧「繧ォ繧ヲ繝ウ繝域ュ蝣ア蜿門セ?/span>
972 *
973 * @param sid 繧サ繝?す繝ァ繝ウID
974 * @param uids 蜿門セ励@縺溘>繝ヲ繝シ繧カ縺ョUID縺ョ驟榊?
975 * @param uidsLen uids驟榊?縺ョ隕∫エ?謨ー
976 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
977 * @param accounts 讀懃エ「邨先棡縺ョ驟榊?縺ョ繝昴う繝ウ繧ソ繧呈嶌縺崎セシ繧?蠑墓焚
978 * @param accountsLen 讀懃エ「邨先棡縺ョ謨ー(驟榊?*accounts縺ョ隕∫エ?謨ー)
979 * @return RES_OK
980 * @return RES_DB_NOT_INITIALIZED
981 * @return RES_NO_SUCH_SESSION
982 * @return RES_DB_QUERY_ERROR
983 *
984 */
985 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
986 {
987 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
988 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
989 if( uidsLen <= 0 ){
990 *accounts = new account_t[ 0 ];
991 *accountsLen = 0;
992 #ifdef USE_SYSLOG
993 openlog( "commonal", LOG_ODELAY, LOG_USER );
994 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
995 closelog( );
996 #endif
997 return RES_OK;
998 }
999
1000 #ifdef USE_SYSLOG
1001 openlog( "commonal", LOG_ODELAY, LOG_USER );
1002 syslog( LOG_DEBUG, "begin of getAccounts" );
1003 #endif
1004 result_t ret = RES_ERROR;
1005 SQLRETURN sqlcode;
1006 SQLHANDLE hstmt = NULL;
1007 string sql;
1008 account_t* dst = new account_t[ uidsLen ];
1009
1010 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since, u2.private_index_id ";
1011 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
1012 sql += "WHERE u1.uid = u2.uid ";
1013 if( uidsLen > 0 ){
1014 #ifdef USE_SYSLOG
1015 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
1016 #endif
1017 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
1018 for( int i = 1; i < uidsLen; i++ ){
1019 #ifdef USE_SYSLOG
1020 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
1021 #endif
1022 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
1023 }
1024 sql += " ) ";
1025 }
1026 sql += criteria2str( cri );
1027 #ifdef USE_SYSLOG
1028 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
1029 #endif
1030
1031 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1032 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1033 SQLINTEGER len;
1034 userid_t uid = 0;
1035 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1036 *accountsLen=0;
1037 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
1038 dst[ i ].setUID( uid );
1039 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
1040 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
1041 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
1042 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
1043 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
1044 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
1045 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
1046 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
1047 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
1048 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
1049 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
1050 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
1051 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
1052 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
1053 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
1054 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
1055 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
1056 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
1057 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
1058 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
1059 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
1060 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
1061 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
1062 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
1063 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
1064 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
1065 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
1066 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
1067 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
1068 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
1069 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
1070 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
1071 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
1072 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
1073 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
1074 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
1075 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
1076 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
1077 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
1078 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
1079 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
1080 dst[ i ].setPrivateIndexID( atoi( getResultCol( hstmt, 43 ).c_str() ));
1081 #ifdef USE_SYSLOG
1082 syslog( LOG_DEBUG, "set to account_t %d", i );
1083 #endif
1084 ( *accountsLen )++;
1085 }
1086 *accounts = dst;
1087 #ifdef USE_SYSLOG
1088 syslog( LOG_DEBUG, "getAccounts succeed" );
1089 #endif
1090 ret = RES_OK;
1091 }else{
1092 string s( "SQLExecDirect in getAccounts" );
1093 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1094 s += string( ", sql=" ) + string( sql );
1095 setLastErrorString( s.c_str( ) );
1096 #ifdef USE_SYSLOG
1097 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1098 #endif
1099 ret = RES_DB_QUERY_ERROR;
1100 }
1101 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1102 }else{
1103 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
1104 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1105 setLastErrorString( s.c_str( ) );
1106 #ifdef USE_SYSLOG
1107 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1108 #endif
1109 ret = RES_DB_QUERY_ERROR;
1110 }
1111 #ifdef USE_SYSLOG
1112 closelog( );
1113 #endif
1114 return ret;
1115 }
1116
1117 /**
1118 *
1119 * 繧「繧ォ繧ヲ繝ウ繝育匳骭イ.
1120 *
1121 * 繝ヲ繝シ繧カ諠??ア繧偵ョ繝シ繧ソ繝吶?繧ケ縺ォ逋サ骭イ縺励∪縺呻シ?/span>
1122 * 逋サ骭イ縺励◆繝ヲ繝シ繧カ諠??ア縺ォ蟇セ蠢懊☆繧九Θ繝シ繧カID繧置id縺ォ譬シ邏阪@縺セ縺呻シ?/span>
1123 *
1124 * @param sid 繧サ繝?す繝ァ繝ウ
1125 * @param account 逋サ骭イ縺吶k繧「繧ォ繧ヲ繝ウ繝域ュ蝣ア
1126 * @param uid 逋サ骭イ縺励◆繧「繧ォ繧ヲ繝ウ繝域ュ蝣ア縺ォ蟇セ蠢懊☆繧九Θ繝シ繧カID
1127 * @return RES_OK
1128 * @return RES_NO_SUCH_SESSION
1129 * @return RES_DB_QUERY_ERROR
1130 * @return RES_DB_NOT_INITIALIZED
1131 *
1132 */
1133 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
1134 {
1135 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1136 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1137
1138 string sql;
1139 string tmp;
1140 char buf[ 12 ];
1141 SQLRETURN sqlcode;
1142 result_t ret = RES_ERROR;
1143
1144 /*
1145 1. insert user profile into xoops_users
1146 2. insert platform user profile into xnpaccount_users
1147 3. add user to default platform group
1148 4. create private index
1149 5. update account set private_index_id=...
1150 */
1151
1152 //1.xoops縺ョ繝ヲ繝シ繧カ繝??繝悶Ν縺ォ譖ク縺崎セシ繧?
1153 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1154 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1155 SQLDOUBLE timezone_offset;
1156
1157 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1158 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1159
1160 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1161 string sql;
1162 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
1163 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1164 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1165 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1166 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1167 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1168 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1169 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1170 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1171 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1172 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1173 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1174 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1175 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1176 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1177 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1178 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1179 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1180 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1181 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1182 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1183 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1184 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1185 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1186 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1187 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1188 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1189 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1190 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1191 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1192 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1193 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1194 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1195
1196 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1197 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1198 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1199 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1200 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1201 user_regdate = time( NULL );
1202 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1203 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1204 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1205 user_viewemail = account -> getUserViewemail( );
1206 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1207 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1208 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1209 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1210 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1211 posts = account -> getPosts( );
1212 attachsig = account -> getAttachsig( );
1213 rank = account -> getRank( );
1214 level = account -> getLevel( );
1215 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1216 timezone_offset = account -> getTimezoneOffset( );
1217 last_login = 0;
1218 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1219 uorder = account -> getUorder( );
1220 notify_method = account -> getNotifyMethod( );
1221 notify_mode = account -> getNotifyMode( );
1222 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1223 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1224 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1225 user_mailok = account -> getUserMailok( );
1226
1227 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1228 SQLINTEGER count = 0;
1229 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1230 //繝ヲ繝シ繧カID繧貞叙蠕励☆繧?/span>
1231 SQLHANDLE hstmt2 = NULL;
1232 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1233 sql = "SELECT LAST_INSERT_ID()"; // MySQL
1234 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
1235 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1236 SQLUINTEGER last_insert_id;
1237 SQLINTEGER len;
1238 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
1239 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
1240 *uid = last_insert_id;
1241 ret = RES_OK;
1242 }else{
1243 ret = RES_DB_QUERY_ERROR;
1244 string s( "SQLFetch in insertAccount " );
1245 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1246 setLastErrorString( s.c_str( ) );
1247 }
1248 }else{
1249 string s( "SQLExecDirect in insertAccount " );
1250 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1251 setLastErrorString( s.c_str( ) );
1252 ret = RES_DB_QUERY_ERROR;
1253 }
1254 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1255 }
1256 }else{
1257 string s( "SQLRowCount in insertAccount sql=" );
1258 s += string( sql );
1259 setLastErrorString( s.c_str( ) );
1260 ret = RES_DB_QUERY_ERROR;
1261 }
1262 }else{
1263 string s( "SQLExecute in insertAccount " );
1264 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1265 setLastErrorString( s.c_str( ) );
1266 ret = RES_DB_QUERY_ERROR;
1267 }
1268 }else{
1269 string s( "SQLPrepare in insertAccount " );
1270 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1271 setLastErrorString( s.c_str( ) );
1272 ret = RES_ERROR;
1273 }
1274 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1275 }else{
1276 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1277 ret = RES_ERROR;
1278 }
1279
1280 if( ret == RES_OK ){
1281 //2.xnpaccount縺ョ繝ヲ繝シ繧カ繝??繝悶Ν縺ォ谿九j縺ョ諠??ア繧呈嶌縺崎セシ繧?
1282 SQLUINTEGER activate;
1283 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1284 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1285 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1286 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1287 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1288 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1289 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1290 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1291 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1292 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1293 SQLUINTEGER notice_mail;
1294 SQLUINTEGER notice_mail_since;
1295 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1296 string sql;
1297 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1298 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1299 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1300 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1301 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1302 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1303 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1304 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1305 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1306 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1307 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1308 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1309 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1310 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1311 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1312
1313 activate = account -> getActivate() ? 1 : 0;
1314 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1315 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1316 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1317 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1318 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1319 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1320 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1321 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1322 notice_mail = account -> getNoticeMail( );
1323 notice_mail_since = account -> getNoticeMailSince( );
1324
1325 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1326 SQLINTEGER count = 0;
1327 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1328 ret = RES_OK;
1329 if( ret == RES_OK ){
1330 //3.add new user to default group(not a group admin)
1331 ret = insertMember( sid, group_t::GID_DEFAULT, *uid, false );
1332 }else{
1333 //xoops_users縺クinsert縺励◆繝ャ繧ウ繝シ繝峨r蜑企勁縺吶k
1334 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1335 sql += unsignedIntToString( *uid );
1336 SQLHANDLE hstmt2 = NULL;
1337 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1338 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1339 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1340 }
1341 setLastErrorString( "insertMember in insertAccount" );
1342 ret = RES_DB_QUERY_ERROR;
1343 }
1344 }else{
1345 string s( "SQLRowCount in insertAccount sql=" );
1346 s += string( sql );
1347 setLastErrorString( s.c_str( ) );
1348 ret = RES_DB_QUERY_ERROR;
1349 }
1350 }else{
1351 string s( "SQLExecute in insertAccount " );
1352 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1353 setLastErrorString( s.c_str( ) );
1354 ret = RES_DB_QUERY_ERROR;
1355 }
1356 }else{
1357 //xoops_users縺クinsert縺励◆繝ャ繧ウ繝シ繝峨r蜑企勁縺吶k
1358 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1359 sql += unsignedIntToString( *uid );
1360 SQLHANDLE hstmt2 = NULL;
1361 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1362 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1363 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1364 }
1365 string s( "SQLExecDirect in insertAccount sql=" );
1366 s += string( sql );
1367 setLastErrorString( s.c_str( ) );
1368 ret = RES_DB_QUERY_ERROR;
1369 }
1370 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1371 }else{
1372 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1373 ret = RES_ERROR;
1374 }
1375 }
1376
1377 if ( ret == RES_OK ){
1378 //4.private index繧剃ス懈?
1379
1380 // private index逕ィ縺ョsort_number逕滓?
1381 string sql = "select min(sort_number) from " +
1382 dbprefix + "_xnpaccount_index where parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
1383 " and open_level=" + unsignedIntToString(index::OL_PRIVATE);
1384 unsigned int sortNumber;
1385 ret = queryGetUnsignedInt( "insertAccount", sql, &sortNumber );
1386 sortNumber--;
1387 if ( ret == RES_OK ){
1388 // private index菴懈?
1389 index_t index;
1390 index.setItemTypeID(item::ITID_INDEX);
1391 index.setContributorUID(*uid);
1392 index.setParentIndexID(item::IID_ROOT);
1393 index.setOwnerUID(*uid);
1394 index.setOpenLevel(index::OL_PRIVATE);
1395 index.setSortNumber(sortNumber);
1396 index.setTitle(account->getUname());
1397 indexid_t privateXID;
1398 ret = insertIndexInternal( sid, &index, &privateXID );
1399 if ( ret == RES_OK ){
1400 // xnpaccuont_users縺ョprivate_index_id縺ョ譖ク縺肴鋤縺?/span>
1401 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET private_index_id="
1402 + unsignedIntToString(privateXID) + " WHERE uid=" + unsignedIntToString(*uid);
1403 ret = querySimple( "insertAccount", sql );
1404 }
1405 }
1406 }
1407
1408 return ret;
1409 }
1410
1411 /**
1412 *
1413 * 繧「繧ォ繧ヲ繝ウ繝域ュ蝣ア繧貞、画峩縺吶k.
1414 *
1415 *
1416 * @param sid 繧サ繝?す繝ァ繝ウID
1417 * @param account 螟画峩縺励◆縺?い繧ォ繧ヲ繝ウ繝域ュ蝣ア
1418 * @return RES_OK
1419 * @return RES_DB_NOT_INITIALIZED
1420 * @return RES_NO_SUCH_SESSION
1421 * @return RES_DB_QUERY_ERROR
1422 * @return RES_NO_SUCH_USER
1423 * @return RES_ERROR
1424 *
1425 */
1426 result_t updateAccount( sessionid_t sid, const account_t* account )
1427 {
1428 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1429 if( account == NULL ) return RES_ERROR;
1430 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1431 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1432
1433 SQLRETURN sqlcode;
1434 result_t ret = RES_ERROR;
1435 SQLHANDLE hstmt = NULL;
1436
1437 //xoops縺ョ繝ヲ繝シ繧カ繝??繝悶Ν縺ォ譖ク縺崎セシ繧?
1438 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1439 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1440 SQLDOUBLE timezone_offset;
1441
1442 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1443 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1444
1445 SQLUINTEGER activate;
1446 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1447 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1448 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1449 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1450 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1451 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1452 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1453 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1454 SQLINTEGER cbActivate = 0, cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1455 SQLUINTEGER notice_mail, notice_mail_since;
1456 SQLINTEGER cbNotice_mail = 0, cbNotice_mail_since = 0;
1457
1458 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1459 string sql;
1460
1461 sql = "UPDATE " + dbprefix + "_users SET ";
1462 sql += "uname=?";
1463 sql += ", name=?";
1464 sql += ", email=?";
1465 sql += ", url=?";
1466 sql += ", user_avatar=?";
1467 sql += ", user_regdate=?";
1468 sql += ", user_icq=?";
1469 sql += ", user_from=?";
1470 sql += ", user_sig=?";
1471 sql += ", user_viewemail=?";
1472 sql += ", actkey=?";
1473 sql += ", user_aim=?";
1474 sql += ", user_yim=?";
1475 sql += ", user_msnm=?";
1476 sql += ", pass=?";
1477 sql += ", posts=?";
1478 sql += ", attachsig=?";
1479 sql += ", rank=?";
1480 sql += ", level=?";
1481 sql += ", theme=?";
1482 sql += ", timezone_offset=?";
1483 sql += ", last_login=?";
1484 sql += ", umode=?";
1485 sql += ", uorder=?";
1486 sql += ", notify_method=?";
1487 sql += ", notify_mode=?";
1488 sql += ", user_occ=?";
1489 sql += ", bio=?";
1490 sql += ", user_intrest=?";
1491 sql += ", user_mailok=? ";
1492 sql += " WHERE uid = ?";
1493
1494 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1495 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1496 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1497 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1498 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1499 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1500 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1501 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1502 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1503 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1504 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1505 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1506 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1507 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1508 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1509 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1510 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1511 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1512 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1513 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1514 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1515 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1516 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1517 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1518 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1519 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1520 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1521 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1522 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1523 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1524 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1525 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1526 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1527
1528 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1529 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1530 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1531 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1532 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1533 user_regdate = time( NULL );
1534 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1535 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1536 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1537 user_viewemail = account -> getUserViewemail( );
1538 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1539 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1540 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1541 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1542 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1543 posts = account -> getPosts( );
1544 attachsig = account -> getAttachsig( );
1545 rank = account -> getRank( );
1546 level = account -> getLevel( );
1547 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1548 timezone_offset = account -> getTimezoneOffset( );
1549 last_login = 0;
1550 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1551 uorder = account -> getUorder( );
1552 notify_method = account -> getNotifyMethod( );
1553 notify_mode = account -> getNotifyMode( );
1554 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1555 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1556 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1557 user_mailok = account -> getUserMailok( );
1558 uid = account -> getUID( );
1559
1560 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1561 SQLINTEGER count = 0;
1562 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1563 ret = RES_OK;
1564 }else{
1565 string s( "SQLRowCount in updateAccount sql=" );
1566 s += string( sql );
1567 setLastErrorString( s.c_str( ) );
1568 ret = RES_DB_QUERY_ERROR;
1569 }
1570 }else{
1571 string s( "SQLExecute in updateAccount 1 " );
1572 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1573 setLastErrorString( s.c_str( ) );
1574 ret = RES_DB_QUERY_ERROR;
1575 }
1576 }else{
1577 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1578 ret = RES_ERROR;
1579 }
1580 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1581 hstmt = NULL;
1582 }else{
1583 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1584 ret = RES_ERROR;
1585 }
1586
1587 if( ret != RES_OK ){
1588 return ret;
1589 }
1590
1591 //xnpaccount縺ョ繝ヲ繝シ繧カ繝??繝悶Ν縺ォ谿九j縺ョ諠??ア繧剃ク頑嶌縺阪☆繧?/span>
1592 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1593 string sql;
1594
1595 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1596 sql += "activate=?, ";
1597 sql += "address=?, ";
1598 sql += "division=?, ";
1599 sql += "tel=?, ";
1600 sql += "company_name=?, ";
1601 sql += "country=?, ";
1602 sql += "zipcode=?, ";
1603 sql += "fax=?, ";
1604 sql += "base_url=?, ";
1605 sql += "notice_mail=?, ";
1606 sql += "notice_mail_since=? ";
1607 sql += "WHERE uid=?";
1608
1609 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1610 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1611 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1612 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1613 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1614 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1615 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1616 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1617 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1618 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1619 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1620 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1621 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1622 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1623
1624 activate = account -> getActivate() ? 1 : 0;
1625 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1626 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1627 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1628 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1629 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1630 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1631 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1632 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1633 notice_mail = account -> getNoticeMail( );
1634 notice_mail_since = account -> getNoticeMailSince( );
1635 uid = account -> getUID( );
1636
1637 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1638 SQLINTEGER count = 0;
1639 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1640 ret = RES_OK;
1641 }else{
1642 string s( "SQLRowCount in updateAccount sql=" );
1643 s += string( sql );
1644 setLastErrorString( s.c_str( ) );
1645 ret = RES_DB_QUERY_ERROR;
1646 }
1647 }else{
1648 string s( "SQLExecute in updateAccount 2 " );
1649 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1650 setLastErrorString( s.c_str( ) );
1651 ret = RES_DB_QUERY_ERROR;
1652 }
1653 }else{
1654 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1655 ret = RES_ERROR;
1656 }
1657 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1658 }else{
1659 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1660 ret = RES_ERROR;
1661 }
1662 return ret;
1663 }
1664
1665 /**
1666 *
1667 * criteria_t縺ァ謖?ョ壹&繧後◆遽?峇縺ョ繝ヲ繝シ繧カID繧定ソ斐☆.
1668 * 繝ヲ繝シ繧カID縺ョ驟榊?繧堤「コ菫昴@縺ヲ縺昴%縺ォ譖ク縺崎セシ縺ソ?碁?蛻励?繧「繝峨Ξ繧ケ繧?uids縺ォ譖ク縺崎セシ繧?.
1669 * 驟榊?縺ョ繧オ繧、繧コ繧?uidsLen縺ォ譖ク縺崎セシ繧?
1670 *
1671 * @param sid 繧サ繝?す繝ァ繝ウID
1672 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
1673 * @param uids 繝ヲ繝シ繧カ縺ョUID縺ョ驟榊?縺ョ蜃コ蜉帛?
1674 * @param uidsLen uids驟榊?縺ョ隕∫エ?謨ー縺ョ蜃コ蜉帛?
1675 * @return RES_OK
1676 * @return RES_DB_NOT_INITIALIZED
1677 * @return RES_NO_SUCH_SESSION
1678 * @return RES_DB_QUERY_ERROR
1679 *
1680 */
1681 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1682 {
1683 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1684 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1685
1686 #ifdef USE_SYSLOG
1687 openlog( "commonal", LOG_ODELAY, LOG_USER );
1688 #endif
1689
1690 result_t ret = RES_ERROR;
1691 userid_t* dst = 0;
1692 string sql;
1693 SQLRETURN sqlcode;
1694 SQLINTEGER count = 0;
1695
1696
1697 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1698 sql += criteria2str( cri );
1699 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1700 *uidsLen = count;
1701 dst = new userid_t[ *uidsLen ];
1702 *uids = dst;
1703 }else{
1704 return RES_ERROR;
1705 }
1706 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1707 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1708 userid_t uid;
1709 SQLINTEGER len = 0;
1710 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1711
1712 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1713 dst[ i ] = uid;
1714 }
1715
1716 #ifdef USE_SYSLOG
1717 syslog( LOG_DEBUG, "dumpUids succeed" );
1718 #endif
1719 ret = RES_OK;
1720 }else{
1721 string s( "SQLExecDirect in dumpUids " );
1722 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1723 s += "sql=";
1724 s += string( sql );
1725 setLastErrorString( s.c_str( ) );
1726 #ifdef USE_SYSLOG
1727 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1728 #endif
1729 ret = RES_DB_QUERY_ERROR;
1730 }
1731 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1732 }else{
1733 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1734 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1735 setLastErrorString( s.c_str( ) );
1736 #ifdef USE_SYSLOG
1737 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1738 #endif
1739 ret = RES_DB_QUERY_ERROR;
1740 }
1741 return ret;
1742 }
1743
1744 /**
1745 *
1746 * 繧ー繝ォ繝シ繝玲焚繧定ソ斐☆.
1747 * 荳肴ュ」縺ェ繧サ繝?す繝ァ繝ウID縺ェ繧?繧定ソ斐☆.
1748 *
1749 * @param sid 繧サ繝?す繝ァ繝ウID
1750 * @return 繧ー繝ォ繝シ繝玲焚
1751 *
1752 */
1753 int getGroupCount( sessionid_t sid )
1754 {
1755 if( hdbc == NULL ) return 0;
1756 if( !isValidSessionID( sid ) ) return 0;
1757
1758 SQLRETURN sqlcode;
1759 SQLHANDLE hstmt = NULL;
1760 string sql;
1761 int ret = 0;
1762
1763 //繧ー繝ォ繝シ繝玲焚繧呈アゅa繧?/span>
1764 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1765 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1766 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1767 SQLUINTEGER count = 0;
1768 SQLINTEGER len;
1769 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1770 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1771 ret = count;
1772 }else {
1773 string s( "SQLFetch in getGroupCount sql=" );
1774 s += string( sql );
1775 setLastErrorString( s.c_str( ) );
1776 ret = 0;
1777 }
1778 }else{
1779 setLastErrorString( "SQLExecDirect in getGroupCount" );
1780 ret = 0;
1781 }
1782 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1783 }else{
1784 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1785 ret = 0;
1786 }
1787 return ret;
1788 }
1789
1790 /**
1791 *
1792 * 謇?螻槭げ繝ォ繝シ繝嶺ク?隕ァ蜿門セ?
1793 * 繝ヲ繝シ繧カ縺梧園螻槭@縺ヲ縺?k繧ー繝ォ繝シ繝励?ID繧貞叙蠕励☆繧?/span>
1794 *
1795 * @param sid 繧サ繝?す繝ァ繝ウID
1796 * @param uid 繝ヲ繝シ繧カ縺ョUID
1797 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
1798 * @param gids 繧ー繝ォ繝シ繝悠D縺ョ驟榊?縺ョ蜃コ蜉帛?
1799 * @param gidsLen gids驟榊?縺ョ隕∫エ?謨ー縺ョ蜃コ蜉帛?
1800 * @return RES_DB_NOT_INITIALIZED
1801 * @return RES_NO_SUCH_SESSION
1802 * @return RES_NO_SUCH_USER
1803 * @return RES_DB_QUERY_ERROR
1804 * @return RES_OK
1805 *
1806 */
1807 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1808 {
1809 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1810 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1811 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid縺ョ蟄伜惠繧偵メ繧ァ繝?け
1812
1813 result_t ret = RES_ERROR;
1814 string sql;
1815 SQLRETURN sqlcode;
1816 SQLHANDLE hstmt = NULL;
1817 SQLINTEGER count = 0;
1818 groupid_t* dst = 0;
1819 int len = 0;
1820
1821 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1822 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1823 sql += criteria2str( cri );
1824 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1825 *gidsLen = count;
1826 dst = new groupid_t[ *gidsLen ];
1827 *gids = dst;
1828 }else{
1829 return RES_ERROR;
1830 }
1831
1832 //謇?螻槭☆繧九げ繝ォ繝シ繝励?譛?螟ァ蛟区焚繧呈アゅa繧?/span>
1833 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1834 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1835 if( count > 0 ){
1836 SQLHANDLE hstmt2 = NULL;
1837 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1838 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1839 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1840 sql += criteria2str( cri );
1841 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1842 SQLINTEGER len;
1843 groupid_t gid = 0;
1844 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1845 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1846 dst[ i ] = gid;
1847 }
1848 ret = RES_OK;
1849 }else{
1850 string s( "SQLExecDirect in getGroupsByUid " );
1851 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1852 s += string( ", sql=" ) + string( sql );
1853 ret = RES_DB_QUERY_ERROR;
1854 }
1855 }else{
1856 string s( "SQLAllocHandle in getGroupsByUid " );
1857 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1858 ret = RES_DB_QUERY_ERROR;
1859 }
1860 }else{
1861 ret = RES_OK;
1862 }
1863 }else{
1864 string s( "SQLExecDirect in getGroupsByUid " );
1865 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1866 s += string( ", sql=" ) + string( sql );
1867 ret = RES_DB_QUERY_ERROR;
1868 }
1869 }else{
1870 string s( "SQLAllocHandle in getGroupsByUid " );
1871 setLastErrorString( s.c_str( ) );
1872 ret = RES_DB_QUERY_ERROR;
1873 }
1874 return ret;
1875 }
1876
1877 /**
1878 *
1879 * 繧ー繝ォ繝シ繝礼ョ。逅?ィゥ髯仙撫蜷医○.
1880 * 繝ヲ繝シ繧カ縺ォ繝ォ繝シ繝励?邂。逅?ィゥ髯舌′縺ゅk縺?繧ー繝ォ繝シ繝礼ョ。逅???〒縺ゅk縺?繧貞撫縺?粋繧上○繧?
1881 * 繝ヲ繝シ繧カ繧?げ繝ォ繝シ繝励′蟄伜惠縺励↑縺?↑縺ゥ縺ョ逡ー蟶ク縺ョ蝣エ蜷茨シ掲alse繧定ソ斐☆.
1882 *
1883 * @param sid 繧サ繝?す繝ァ繝ウID
1884 * @param gid 繧ー繝ォ繝シ繝励?UID
1885 * @param uid 繝ヲ繝シ繧カ縺ョUID
1886 * @return true 邂。逅?ィゥ髯舌≠繧?/span>
1887 * @return false 邂。逅?ィゥ髯舌↑縺暦シ後∪縺溘?荳肴?
1888 *
1889 */
1890 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1891 {
1892 if( hdbc == NULL ) return false;
1893 if( !isValidSessionID( sid ) ) return false;
1894 if( !uidExists( uid ) ) return false;
1895 if( !gidExists( gid ) ) return false;
1896
1897 bool ret = false;
1898 string sql;
1899 SQLRETURN sqlcode;
1900 SQLINTEGER count = 0;
1901
1902 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
1903 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
1904 sql += " AND uid=" + string( unsignedIntToString( uid ) );
1905 sql += " AND is_admin=1";
1906 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1907 if( count > 0 ){
1908 ret = true;
1909 }else{
1910 ret = false;
1911 }
1912 }else{
1913 ret = false;
1914 }
1915 return ret;
1916 }
1917
1918 /**
1919 *
1920 * 繧ー繝ォ繝シ繝悠D荳?隕ァ.
1921 * 逋サ骭イ縺輔l縺ヲ縺?k繧ー繝ォ繝シ繝励?ID荳?隕ァ繧貞叙蠕励☆繧?
1922 *
1923 * @param sid 繧サ繝?す繝ァ繝ウID
1924 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
1925 * @param gids 繧ー繝ォ繝シ繝悠D縺ョ驟榊?縺ョ蜃コ蜉帛?
1926 * @param gidsLen gids驟榊?縺ョ隕∫エ?謨ー縺ョ蜃コ蜉帛?
1927 * @return RES_DB_NOT_INITIALIZED
1928 * @return RES_NO_SUCH_SESSION
1929 * @return RES_DB_QUERY_ERROR
1930 * @return RES_OK
1931 *
1932 */
1933 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1934 {
1935 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1936 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1937
1938 result_t ret = RES_ERROR;
1939 groupid_t* dst = 0;
1940 string sql;
1941 SQLRETURN sqlcode;
1942 SQLINTEGER count = 0;
1943
1944 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
1945 sql += criteria2str( cri );
1946 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1947 *gidsLen = count;
1948 dst = new groupid_t[ *gidsLen ];
1949 *gids = dst;
1950 }else{
1951 return RES_ERROR;
1952 }
1953
1954 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1955 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1956 groupid_t gid;
1957 SQLINTEGER len = 0;
1958 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1959 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1960 dst[ i ] = gid;
1961 }
1962
1963 ret = RES_OK;
1964 }else{
1965 string s( "SQLExecDirect in dumpGids " );
1966 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1967 s += "sql=";
1968 s += string( sql );
1969 setLastErrorString( s.c_str( ) );
1970 ret = RES_DB_QUERY_ERROR;
1971 }
1972 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1973 }
1974 return ret;
1975 }
1976
1977 /**
1978 *
1979 * 繧ー繝ォ繝シ繝礼ョ。逅???D繧貞叙蠕励☆繧?
1980 * 縺ゅk繧ー繝ォ繝シ繝励?邂。逅????繝ヲ繝シ繧カID繧貞叙蠕励☆繧?
1981 *
1982 * @param sid 繧サ繝?す繝ァ繝ウID
1983 * @param gid 蝠上>蜷医o縺帙k繧ー繝ォ繝シ繝励rID縺ァ謖?ョ壹☆繧?/span>
1984 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
1985 * @param uids 邂。逅????UID縺ョ驟榊?繧貞女縺大叙繧九?繧、繝ウ繧ソ
1986 * @param uidsLen uids驟榊?縺ョ隕∫エ?謨ー
1987 * @return RES_OK
1988 * @return RES_DB_NOT_INITIALIZED
1989 * @return RES_NO_SUCH_SESSION
1990 * @return RES_DB_QUERY_ERROR
1991 * @return RES_ERROR
1992 *
1993 */
1994 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
1995 {
1996 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1997 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1998
1999 result_t ret = RES_ERROR;
2000 groupid_t* dst = 0;
2001 string sql;
2002 SQLRETURN sqlcode;
2003 SQLINTEGER count = 0;
2004
2005 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2006 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
2007 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2008 *uidsLen = count;
2009 *uids = new groupid_t[ *uidsLen ];
2010 }else{
2011 return RES_ERROR;
2012 }
2013 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2014 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2015 userid_t uid;
2016 SQLINTEGER len = 0;
2017 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2018 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
2019 (*uids)[ i ] = uid;
2020 }
2021 ret = RES_OK;
2022 }else{
2023 string s( "SQLExecDirect in dumpGroupAdmins " );
2024 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2025 s += "sql=";
2026 s += string( sql );
2027 setLastErrorString( s.c_str( ) );
2028 ret = RES_DB_QUERY_ERROR;
2029 }
2030 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2031 }
2032 return ret;
2033 }
2034
2035 /**
2036 *
2037 * 繧ー繝ォ繝シ繝玲園螻槭Θ繝シ繧カ蜑企勁.
2038 * 繧ー繝ォ繝シ繝励↓謇?螻槭☆繧九Θ繝シ繧カ繧抵シ後げ繝ォ繝シ繝励°繧牙炎髯、縺吶k.
2039 * 繝?ヵ繧ゥ繝ォ繝医げ繝ォ繝シ繝励°繧峨?蜑企勁縺ァ縺阪↑縺?/span>
2040 *
2041 * @param sid 繧サ繝?す繝ァ繝ウID
2042 * @param gid 縺ゥ縺ョ繧ー繝ォ繝シ繝励°繧牙炎髯、縺吶k縺九r謖?ョ壹☆繧九げ繝ォ繝シ繝悠D
2043 * @param uid 蜑企勁蟇セ雎。縺ョ繝ヲ繝シ繧カ縺ョID
2044 * @return RES_DB_NOT_INITIALIZED
2045 * @return RES_NO_SUCH_SESSION
2046 * @return RES_NO_SUCH_USER
2047 * @return RES_NO_SUCH_GROUP
2048 * @return RES_DB_QUERY_ERROR
2049 * @return RES_OK
2050 * @return RES_ERROR
2051 *
2052 */
2053 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
2054 {
2055 if( gid == group_t::GID_DEFAULT ) return RES_ERROR;
2056 return deleteMemberNoLimit( sid, gid, uid );
2057 }
2058
2059 /**
2060 *
2061 * 繧ー繝ォ繝シ繝玲園螻槭Θ繝シ繧カ蜑企勁.
2062 * 繧ー繝ォ繝シ繝励↓謇?螻槭☆繧九Θ繝シ繧カ繧抵シ後げ繝ォ繝シ繝励°繧牙炎髯、縺吶k.
2063 * 繝?ヵ繧ゥ繝ォ繝医げ繝ォ繝シ繝励°繧峨b蜑企勁縺ァ縺阪k轤ケ縺鯉シ慧eleteMember縺ィ逡ー縺ェ繧?/span>
2064 *
2065 * @param sid 繧サ繝?す繝ァ繝ウID
2066 * @param gid 縺ゥ縺ョ繧ー繝ォ繝シ繝励°繧牙炎髯、縺吶k縺九r謖?ョ壹☆繧九げ繝ォ繝シ繝悠D
2067 * @param uid 蜑企勁蟇セ雎。縺ョ繝ヲ繝シ繧カ縺ョID
2068 * @return RES_DB_NOT_INITIALIZED
2069 * @return RES_NO_SUCH_SESSION
2070 * @return RES_NO_SUCH_USER
2071 * @return RES_NO_SUCH_GROUP
2072 * @return RES_DB_QUERY_ERROR
2073 * @return RES_OK
2074 * @return RES_ERROR
2075 *
2076 */
2077 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
2078 {
2079 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2080 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2081 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid縺ョ蟄伜惠繧偵メ繧ァ繝?け
2082 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid縺ョ蟄伜惠繧偵メ繧ァ繝?け
2083
2084 result_t ret = RES_ERROR;
2085 string sql;
2086 SQLRETURN sqlcode;
2087 SQLHANDLE hstmt = NULL;
2088
2089 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2090 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2091 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2092 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2093 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2094 SQLINTEGER count = 0;
2095 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2096 ret = RES_OK;
2097 }else{
2098 string s( "SQLRowCount in deleteMember" );
2099 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2100 s += string( ", sql=" ) + string( sql );
2101 setLastErrorString( s.c_str( ) );
2102 ret = RES_NO_SUCH_USER;
2103 }
2104 }else{
2105 string s( "SQLExecDirect in deleteMember" );
2106 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2107 s += ", sql=";
2108 s += string( sql );
2109 setLastErrorString( s.c_str( ) );
2110 ret = RES_DB_QUERY_ERROR;
2111 }
2112 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2113 }else{
2114 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
2115 ret = RES_ERROR;
2116 }
2117 return ret;
2118 }
2119
2120 /**
2121 *
2122 * 繧ー繝ォ繝シ繝玲園螻槭Θ繝シ繧カ霑ス蜉?.
2123 * 繧ー繝ォ繝シ繝励?繝。繝ウ繝舌?縺ォ繝ヲ繝シ繧カ繧定ソス蜉?縺吶k.
2124 *
2125 * @param sid 繧サ繝?す繝ァ繝ウID
2126 * @param gid 謇?螻槫?繧ー繝ォ繝シ繝励?ID
2127 * @param uid 謇?螻槭&縺帙k繝ヲ繝シ繧カ縺ョID
2128 * @param admin 邂。逅???ィゥ髯舌r荳弱∴繧九↑繧液rue
2129 * @return RES_OK
2130 * @return RES_DB_NOT_INITIALIZED
2131 * @return RES_NO_SUCH_SESSION
2132 * @return RES_NO_SUCH_USER
2133 * @return RES_NO_SUCH_GROUP
2134 * @return RES_DB_QUERY_ERROR
2135 *
2136 */
2137 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
2138 {
2139 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2140 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2141 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid縺ョ蟄伜惠繧偵メ繧ァ繝?け
2142 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid縺ョ蟄伜惠繧偵メ繧ァ繝?け
2143
2144 result_t ret = RES_ERROR;
2145 string sql;
2146 SQLRETURN sqlcode;
2147
2148 //繝。繝ウ繝舌?繧定ソス蜉?
2149 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2150 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
2151 sql += string( unsignedIntToString( gid ) ) + ", ";
2152 sql += string( unsignedIntToString( uid ) ) + ", ";
2153 sql += string( admin ? "1" : "0" ) + ") ";
2154 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2155 SQLINTEGER count = 0;
2156 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2157 ret = RES_OK;
2158 }else{
2159 string s( "SQLRowCount in insertMember " );
2160 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2161 s += string( ", sql=" ) + string( sql );
2162 setLastErrorString( s.c_str( ) );
2163 ret = RES_DB_QUERY_ERROR;
2164 }
2165 }else{
2166 string s( "SQLExecDirect in insertMember " );
2167 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2168 s += string( ", sql=" ) + string( sql );
2169 setLastErrorString( s.c_str( ) );
2170 ret = RES_DB_QUERY_ERROR;
2171 }
2172 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2173 }else{
2174 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
2175 ret = RES_DB_QUERY_ERROR;
2176 }
2177 return ret;
2178 }
2179
2180 /**
2181 *
2182 * 繧ー繝ォ繝シ繝玲園螻槭Θ繝シ繧カ蜿門セ?
2183 * 縺ゅk繧ー繝ォ繝シ繝励?謇?螻槭@縺ヲ縺?k繝ヲ繝シ繧カ縺ョ繝ヲ繝シ繧カID繧貞叙蠕励☆繧?/span>
2184 *
2185 * @param sid 繧サ繝?す繝ァ繝ウID
2186 * @param gid 縺ゥ縺ョ繧ー繝ォ繝シ繝励?謇?螻槭Θ繝シ繧カ繧貞撫縺?粋繧上○繧九°繧偵げ繝ォ繝シ繝励rID縺ァ謖?ョ?/span>
2187 * @param cri 邨先棡縺ョ遽?峇謖?ョ夲シ後た繝シ繝域擅莉カ謖?ョ?/span>
2188 * @param uids 謇?螻槭Θ繝シ繧カ縺ョUID縺ョ驟榊?繧貞女縺大叙繧九?繧、繝ウ繧ソ
2189 * @param uidsLen uids驟榊?縺ョ隕∫エ?謨ー
2190 * @return RES_OK
2191 * @return RES_DB_NOT_INITIALIZED
2192 * @return RES_NO_SUCH_SESSION
2193 * @return RES_NO_SUCH_GROUP
2194 * @return RES_DB_QUERY_ERROR
2195 * @return RES_ERROR
2196 *
2197 */
2198 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2199 {
2200 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2201 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2202 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid縺ョ蟄伜惠繧偵メ繧ァ繝?け
2203
2204 result_t ret = RES_ERROR;
2205 string sql;
2206 SQLRETURN sqlcode;
2207 SQLHANDLE hstmt = NULL;
2208 userid_t* dst = 0;
2209
2210 //how many members ?
2211 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2212 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2213 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2214 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2215 SQLUINTEGER count = 0;
2216 SQLINTEGER len;
2217 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
2218 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2219 dst = new userid_t[ count ];
2220 *uids = dst;
2221 *uidsLen = count;
2222 if( count > 0 ){
2223 //retrive member's IDs
2224 SQLHANDLE hstmt2 = NULL;
2225 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2226 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2227 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2228 sql += " " + string( criteria2str( cri ) );
2229 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2230 SQLUINTEGER uid = 0;
2231 SQLINTEGER len;
2232 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2233 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2234 dst[ i ] = uid;
2235 }
2236 ret = RES_OK;
2237 }else{
2238 setLastErrorString( "SQLExecDirect in getMembers" );
2239 ret = RES_DB_QUERY_ERROR;
2240 }
2241 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2242 }else{
2243 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2244 ret = RES_DB_QUERY_ERROR;
2245 }
2246 }else{
2247 ret = RES_OK;
2248 }
2249 }else{
2250 string s( "SQLFetch in getMembers sql=" );
2251 s += string( sql );
2252 setLastErrorString( s.c_str( ) );
2253 ret = RES_DB_QUERY_ERROR;
2254 }
2255 }else{
2256 setLastErrorString( "SQLExecDirect in getMembers" );
2257 ret = RES_DB_QUERY_ERROR;
2258 }
2259 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2260 }else{
2261 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2262 ret = RES_DB_QUERY_ERROR;
2263 }
2264 return ret;
2265 }
2266
2267 /**
2268 *
2269 * 繧ー繝ォ繝シ繝励?蜑企勁.
2270 * 繝??繧ソ繝吶?繧ケ縺九i繧ー繝ォ繝シ繝励r蜑企勁縺励∪縺?
2271 *
2272 * @param sid 繧サ繝?す繝ァ繝ウID
2273 * @param gid 縺ゥ縺ョ繧ー繝ォ繝シ繝励?謇?螻槭Θ繝シ繧カ繧貞撫縺?粋繧上○繧九°繧偵げ繝ォ繝シ繝励rID縺ァ謖?ョ?/span>
2274 * @return RES_OK
2275 * @return RES_DB_QUERY_ERROR
2276 * @return RES_NO_SUCH_SESSION
2277 * @return RES_DB_NOT_INITIALIZED
2278 *
2279 */
2280 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2281 {
2282 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2283 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2284
2285 result_t ret = RES_ERROR;
2286 string sql;
2287 SQLRETURN sqlcode;
2288 SQLHANDLE hstmt = NULL;
2289
2290 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2291 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2292 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2293 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2294 SQLINTEGER count = 0;
2295 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2296 ret = RES_OK;
2297 }else{
2298 string s( "SQLRowCount in deleteGroup" );
2299 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2300 s += string( ", sql=" ) + string( sql );
2301 setLastErrorString( s.c_str( ) );
2302 ret = RES_NO_SUCH_USER;
2303 }
2304 }else{
2305 string s( "SQLExecDirect in deleteGroup" );
2306 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2307 s += ", sql=";
2308 s += string( sql );
2309 setLastErrorString( s.c_str( ) );
2310 ret = RES_DB_QUERY_ERROR;
2311 }
2312 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2313 }else{
2314 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2315 ret = RES_ERROR;
2316 }
2317 return ret;
2318 }
2319
2320 /**
2321 *
2322 * 繧ー繝ォ繝シ繝礼匳骭イ.
2323 * 繧ー繝ォ繝シ繝励?諠??ア繧偵ョ繝シ繧ソ繝吶?繧ケ縺ォ險倬鹸縺吶k??/span>
2324 * 逋サ骭イ縺励◆繧ー繝ォ繝シ繝励↓蟇セ蠢懊☆繧九げ繝ォ繝シ繝悠D繧暖id縺ォ譬シ邏阪☆繧具シ?/span>
2325 *
2326 * @param sid 繧サ繝?す繝ァ繝ウID
2327 * @param group 逋サ骭イ縺励◆縺?げ繝ォ繝シ繝励?諠??ア
2328 * @param gid 逋サ骭イ縺励◆繧ー繝ォ繝シ繝励↓蟇セ蠢懊☆繧九げ繝ォ繝シ繝悠D
2329 * @return RES_OK
2330 * @return RES_DB_NOT_INITIALIZED
2331 * @return RES_NO_SUCH_SESSION
2332 * @return RES_DB_QUERY_ERROR
2333 *
2334 */
2335 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2336 {
2337 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2338 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2339
2340 result_t ret = RES_ERROR;
2341 string sql;
2342 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2343 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2344 SQLRETURN sqlcode;
2345
2346 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2347 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2348 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2349 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2350 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2351 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2352 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2353 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2354 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2355 SQLINTEGER count = 0;
2356 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2357 //繧ー繝ォ繝シ繝悠D繧貞叙蠕励☆繧?/span>
2358 SQLHANDLE hstmt2 = NULL;
2359 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2360 sql = "SELECT LAST_INSERT_ID()"; // MySQL
2361 // sql = "SELECT LAST_INSERT_ROWID()"; // SQLite
2362 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2363 SQLUINTEGER last_insert_id;
2364 SQLINTEGER len;
2365 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &last_insert_id, 0, &len );
2366 if( ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS ){
2367 *gid = last_insert_id;
2368 ret = RES_OK;
2369 }else{
2370 ret = RES_DB_QUERY_ERROR;
2371 string s( "SQLFetch in insertGroup " );
2372 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2373 setLastErrorString( s.c_str( ) );
2374 }
2375 }else{
2376 string s( "SQLExecDirect in insertGroup " );
2377 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2378 setLastErrorString( s.c_str( ) );
2379 ret = RES_DB_QUERY_ERROR;
2380 }
2381 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2382 }
2383 }else{
2384 string s( "SQLRowCount in insertGroup sql=" );
2385 s += string( sql );
2386 setLastErrorString( s.c_str( ) );
2387 ret = RES_DB_QUERY_ERROR;
2388 }
2389 }else{
2390 string s( "SQLExecute in insertGroup " );
2391 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2392 setLastErrorString( s.c_str( ) );
2393 ret = RES_DB_QUERY_ERROR;
2394 }
2395 }else{
2396 string s( "SQLPrepare in insertGroup " );
2397 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2398 setLastErrorString( s.c_str( ) );
2399 ret = RES_ERROR;
2400 }
2401 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2402 }else{
2403 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2404 ret = RES_ERROR;
2405 }
2406
2407 //
2408 if ( ret == RES_OK ){
2409 //group index繧剃ス懈?
2410
2411 //group index逕ィ縺ョsort_num逕滓?
2412 string sql = "SELECT MAX(sort_number) FROM " +
2413 dbprefix + "_xnpaccount_index WHERE parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
2414 " AND (open_level=" + unsignedIntToString(index::OL_GROUP_ONLY) +
2415 " OR open_level=" + unsignedIntToString(index::OL_PUBLIC) + ")";
2416 unsigned int sortNumber;
2417 ret = queryGetUnsignedInt( "insertGroup", sql, &sortNumber );
2418 sortNumber++;
2419 if ( ret == RES_OK ){
2420 // group index菴懈?
2421 index_t index;
2422 userid_t uid;
2423 ret = sessionID2UID( sid, &uid );
2424 if ( ret == RES_OK ){
2425 index.setItemTypeID(item::ITID_INDEX);
2426 index.setContributorUID(uid);
2427 index.setParentIndexID(item::IID_ROOT);
2428 index.setOwnerGID(*gid);
2429 index.setOpenLevel(index::OL_GROUP_ONLY);
2430 index.setSortNumber(sortNumber);
2431 index.setTitle(group->getGname());
2432 indexid_t groupXID;
2433 ret = insertIndexInternal( sid, &index, &groupXID );
2434 if ( ret == RES_OK ){
2435 // xnpaccuont_groups縺ョgroup_index_id縺ョ譖ク縺肴鋤縺?/span>
2436 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET group_index_id="
2437 + unsignedIntToString(groupXID) + " WHERE gid=" + unsignedIntToString(*gid);
2438 ret = querySimple( "insertGroup", sql );
2439 }
2440 }
2441 }
2442 }
2443
2444 return ret;
2445 }
2446
2447 /**
2448 *
2449 * 繧ー繝ォ繝シ繝玲ュ蝣ア繧貞、画峩縺吶k
2450 *
2451 * @param sid 繧サ繝?す繝ァ繝ウID
2452 * @param group 譁ー縺励>繧ー繝ォ繝シ繝玲ュ蝣ア
2453 * @return RES_OK
2454 * @return RES_ERROR
2455 * @return RES_DB_NOT_INITIALIZED
2456 * @return RES_NO_SUCH_SESSION
2457 * @return RES_NO_SUCH_GROUP
2458 * @return RES_DB_QUERY_ERROR
2459 *
2460 */
2461 result_t updateGroup( sessionid_t sid, const group_t* group )
2462 {
2463 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2464 if( group == NULL ) return RES_ERROR;
2465 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2466 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2467
2468 result_t ret = RES_ERROR;
2469 string sql;
2470 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2471 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2472 SQLRETURN sqlcode;
2473
2474 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2475 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2476 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2477 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2478 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2479 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2480 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2481 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2482 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2483 SQLINTEGER count = 0;
2484 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2485 ret = RES_OK;
2486 }else{
2487 string s( "SQLRowCount in updateGroup sql=" );
2488 s += string( sql );
2489 setLastErrorString( s.c_str( ) );
2490 ret = RES_DB_QUERY_ERROR;
2491 }
2492 }else{
2493 string s( "SQLExecute in updateGroup " );
2494 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2495 setLastErrorString( s.c_str( ) );
2496 ret = RES_DB_QUERY_ERROR;
2497 }
2498 }else{
2499 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2500 ret = RES_ERROR;
2501 }
2502 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2503 }else{
2504 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2505 ret = RES_ERROR;
2506 }
2507 return RES_OK;
2508 }
2509
2510 /**
2511 *
2512 * 繧ー繝ォ繝シ繝玲ュ蝣ア蜿門セ?/span>
2513 *
2514 * @param sid 繧サ繝?す繝ァ繝ウID
2515 * @param gid 蜿門セ励@縺溘>繧ー繝ォ繝シ繝励?GID
2516 * @param group 蜿門セ励@縺溘げ繝ォ繝シ繝玲ュ蝣ア縺ョ繧「繝峨Ξ繧ケ繧呈嶌縺崎セシ繧?繝昴う繝ウ繧ソ
2517 * @return RES_OK
2518 * @return RES_DB_NOT_INITIALIZED
2519 * @return RES_NO_SUCH_SESSION
2520 * @return RES_NO_SUCH_GROUP
2521 * @return RES_DB_QUERY_ERROR
2522 *
2523 */
2524 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2525 {
2526 int len;
2527 static criteria c;
2528 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2529 if( len == 0 ) return RES_NO_SUCH_GROUP;
2530 return res;
2531 }
2532
2533 /**
2534 *
2535 * 隍?焚縺ョ繧ー繝ォ繝シ繝玲ュ蝣ア繧剃ク?蠎ヲ縺ォ蜿門セ励☆繧?
2536 *
2537 * @param sid 繧サ繝?す繝ァ繝ウID
2538 * @param gids 蜿門セ励@縺溘>繧ー繝ォ繝シ繝励?GID縺ョ驟榊?
2539 * @param gidsLen gids驟榊?縺ョ隕∫エ?謨ー
2540 * @param cri 邨先棡縺ョ蜿門セ礼ッ?峇?後た繝シ繝域擅莉カ繧呈欠螳?/span>
2541 * @param groups 蜿門セ礼オ先棡縺ョ繧ー繝ォ繝シ繝玲ュ蝣ア縺ョ驟榊?縺ョ繧「繝峨Ξ繧ケ繧呈嶌縺崎セシ繧?繝昴う繝ウ繧ソ
2542 * @param groupsLen 蜿門セ礼オ先棡縺ョ驟榊?縺ョ隕∫エ?謨ー
2543 * @return RES_OK
2544 * @return RES_DB_NOT_INITIALIZED
2545 * @return RES_NO_SUCH_SESSION
2546 * @return RES_DB_QUERY_ERROR
2547 *
2548 */
2549 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2550 {
2551 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2552 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2553
2554 #ifdef USE_SYSLOG
2555 openlog( "commonal", LOG_ODELAY, LOG_USER );
2556 #endif
2557
2558 SQLRETURN sqlcode;
2559 SQLHANDLE hstmt = NULL;
2560 result_t ret = RES_ERROR;
2561 string sql;
2562 group_t* dst = new group_t[ gidsLen ];
2563
2564 sql += "SELECT gid, gname, gdesc, group_index_id ";
2565 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2566 if( gidsLen > 0 ){
2567 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2568 for( int i = 1; i < gidsLen; i++ ){
2569 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2570 }
2571 }
2572 sql += criteria2str( cri );
2573
2574 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2575 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2576 SQLINTEGER len;
2577 groupid_t gid = 0;
2578 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2579 *groupsLen=0;
2580 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2581 dst[ i ].setGID( gid );
2582 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2583 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2584 dst[ i ].setGroupIndexID( atoi(getResultCol( hstmt, 4 ).c_str()) );
2585 ( *groupsLen )++;
2586 }
2587 *groups = dst;
2588 #ifdef USE_SYSLOG
2589 syslog( LOG_DEBUG, "getGroups succeed" );
2590 #endif
2591 ret = RES_OK;
2592 }else{
2593 string s( "SQLExecDirect in getGroups" );
2594 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2595 s += string( ", sql=" ) + string( sql );
2596 setLastErrorString( s.c_str( ) );
2597 #ifdef USE_SYSLOG
2598 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2599 #endif
2600 ret = RES_DB_QUERY_ERROR;
2601 }
2602 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2603 }else{
2604 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2605 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2606 setLastErrorString( s.c_str( ) );
2607 #ifdef USE_SYSLOG
2608 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2609 #endif
2610 ret = RES_DB_QUERY_ERROR;
2611 }
2612 #ifdef USE_SYSLOG
2613 closelog( );
2614 #endif
2615 return ret;
2616 }
2617
2618 /**
2619 *
2620 * 繝「繝?Ξ繝シ繧ソ讓ゥ髯舌?譛臥┌繧定ソ斐☆
2621 *
2622 * @param sid 繧サ繝?す繝ァ繝ウID
2623 * @param uid 蝠上>蜷医o縺帙◆縺?Θ繝シ繧カ縺ョUID
2624 * @return true 讓ゥ髯舌≠繧?/span>
2625 * @return false 讓ゥ髯舌↑縺?/span>
2626 *
2627 */
2628 bool isModerator( sessionid_t sid, userid_t uid )
2629 {
2630 if( hdbc == NULL ) return false;
2631 if( !isValidSessionID( sid ) ) return false;
2632 if( !uidExists( uid ) ) return false;
2633
2634 bool ret = false;
2635 SQLRETURN sqlcode;
2636 SQLHANDLE hstmt = NULL;
2637 SQLINTEGER count = 0;
2638 string sql;
2639 groupid_t moderator_gid;
2640
2641 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2642 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2643 sql += " WHERE name='moderator_gid'";
2644 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2645 SQLINTEGER len = 0;
2646 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2647 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2648 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2649 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2650 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2651 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2652 if( count > 0 ){
2653 ret = true;
2654 }
2655 }
2656 }else{
2657 setLastErrorString( "SQLFetch in isModerator " );
2658 }
2659 }else{
2660 string s( "SQLExecDirect in isModerator " );
2661 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2662 s += ", sql=";
2663 s += string( sql );
2664 setLastErrorString( s.c_str( ) );
2665 }
2666 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2667 }else{
2668 setLastErrorString( "SQLAllocHandle in isModerator " );
2669 }
2670 return ret;
2671 }
2672
2673 /**
2674 *
2675 * 繝ヲ繝シ繧カID蜿門セ?/span>
2676 *
2677 * @param uname ID繧貞叙蠕励@縺溘>繝ヲ繝シ繧カ繝シ蜷?/span>
2678 * @param uid ID繧剃サ」蜈・縺励◆縺?、画焚縺ョ繝昴う繝ウ繧ソ
2679 * @return RES_ERROR
2680 * @return RES_OK
2681 * @refer result_t
2682 *
2683 */
2684 result_t getUid( const char* uname, userid_t* uid )
2685 {
2686 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2687 if( uname == NULL ) return RES_ERROR;
2688
2689 result_t ret = RES_ERROR;
2690 SQLRETURN sqlcode;
2691 SQLHANDLE hstmt = NULL;
2692 string sql;
2693 string uname2 = addSlashes( uname );
2694
2695 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2696 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2697 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2698 userid_t _uid = 0;
2699 SQLINTEGER len;
2700 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2701 sqlcode = SQLFetch( hstmt );
2702 if( sqlcode == SQL_SUCCESS ){
2703 *uid = _uid;
2704 ret = RES_OK;
2705 }else {
2706 string s( "SQLFetch in getUid sql=" );
2707 s += string( sql );
2708 setLastErrorString( s.c_str( ) );
2709 ret = RES_NO_SUCH_USER;
2710 }
2711 }else{
2712 setLastErrorString( "SQLExecDirect in getUid" );
2713 ret = RES_DB_QUERY_ERROR;
2714 }
2715 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2716 }else{
2717 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2718 ret = RES_DB_QUERY_ERROR;
2719 }
2720
2721 return ret;
2722 }
2723
2724 /**
2725 *
2726 * 繧サ繝?す繝ァ繝ウ繧剃ス懈?縺踊oops_xnpaccount_session縺ォ譖ク縺崎セシ繧?縲 sessionid_t繧痴ession縺ォ霑斐☆縲?/span>
2727 *
2728 * @param uid xoops_users縺ョuid
2729 * @param session sessionid_t繧貞女縺大叙繧九◆繧√?繝昴う繝ウ繧ソ縲?/span>
2730 * @return RES_OK 謌仙粥
2731 * @return RES_DB_QUERY_ERROR DB蝠上>蜷医o縺帑クュ縺ョ繧ィ繝ゥ繝シ
2732 */
2733 static result_t addSession( userid_t uid, sessionid_t* session )
2734 {
2735 char *functionName = "addSession";
2736 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2737 unsignedIntToString(uid) + ")";
2738 result_t ret = querySimple( functionName, sql );
2739 if ( ret == RES_OK ){
2740 sql = "SELECT LAST_INSERT_ID()";
2741 ret = queryGetUnsignedInt( functionName, sql, (unsigned int*)session );
2742 }
2743 return ret;
2744 }
2745
2746
2747 /**
2748 *
2749 * 繝ュ繧ー繧、繝ウ隱崎ィシ縺ィ繧サ繝?す繝ァ繝ウ菴懈?
2750 *
2751 * @param uname 繝ュ繧ー繧、繝ウ蜷?/span>
2752 * @param passwd 繝代せ繝ッ繝シ繝?/span>
2753 * @param session sessionid_t繧貞女縺大叙繧九◆繧√?繝昴う繝ウ繧ソ縲?/span>
2754 * @return RES_OK 繝ュ繧ー繧、繝ウ謌仙粥縲Tession縺ォsessionid_t繧呈嶌縺崎セシ繧薙□縲?lt;br>
2755 * @return RES_LOGIN_FAILURE uname縺セ縺溘?passwd縺檎焚蟶ク<br>
2756 * @return RES_DB_QUERY_ERROR DB蝠上>蜷医o縺帑クュ縺ョ繧ィ繝ゥ繝シ
2757 *
2758 */
2759 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2760 {
2761 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2762
2763 result_t ret;
2764 string sql;
2765 SQLRETURN sqlcode;
2766
2767 // uname, passwd -> uid
2768 string escUname = addSlashes( uname );
2769 string escPasswd = addSlashes( passwd );
2770 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2771
2772 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2773 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2774 userid_t uid = 0;
2775 SQLINTEGER len;
2776 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2777 sqlcode = SQLFetch( hstmt );
2778 if( sqlcode == SQL_SUCCESS ){
2779 ret = addSession( uid, session );
2780 }else {
2781 string s( "SQLFetch in loginUser" );
2782 setLastErrorString( s.c_str( ) );
2783 ret = RES_LOGIN_FAILURE;//illegal loginname or password
2784 }
2785 }else{
2786 setLastErrorString( "SQLExecDirect in loginUser" );
2787 ret = RES_DB_QUERY_ERROR;
2788 }
2789 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2790 }else{
2791 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in loginUser" );
2792 ret = RES_DB_QUERY_ERROR;
2793 }
2794
2795 return ret;
2796 }
2797
2798 /**
2799 *
2800 * 繝ュ繧ー繧「繧ヲ繝医→繧サ繝?す繝ァ繝ウ邨ゆコ?/span>
2801 *
2802 * @param sid session id
2803 * @return 縺ェ縺?/span>
2804 *
2805 */
2806 void logoutUser( sessionid_t sid )
2807 {
2808 if( hdbc == NULL ) return; // RES_DB_NOT_INITIALIZED;
2809
2810 result_t ret;
2811 string sql;
2812 SQLRETURN sqlcode;
2813 SQLHANDLE hstmt = NULL;
2814
2815 sql = "DELETE FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + intToString((int)sid);
2816 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2817 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2818 ;
2819 }
2820 else {
2821 setLastErrorString( "SQLExecDirect in logoutUser" );
2822 }
2823 }
2824 else {
2825 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in logoutUser" );
2826 }
2827 }
2828
2829 /**
2830 *
2831 * 繧サ繝?す繝ァ繝ウ縺ョ菴懈?.<br>
2832 * XOOPS縺ョsession繝??繝悶Ν縺ォ險倬鹸縺輔l縺殱ess_id縺ィ蠑墓焚sess_id縺檎ュ峨@縺上??/span>
2833 * uid縺訓latform繝ヲ繝シ繧カ縺ィ縺励※activate縺輔l縺ヲ縺?l縺ーsessionid_t繧剃ス懈?縺吶k縲?/span>
2834 * 繝??繧ソ繝吶?繧ケ縺ォ繧サ繝?す繝ァ繝ウ縺ィ蠑墓焚縺ョ諠??ア繧定ィ倬鹸縺吶k
2835 *
2836 * @param sessionid xoops縺ョsession_id
2837 * @param uid xoops_users縺ョuid
2838 * @param session sessionid_t繧貞女縺大叙繧九◆繧√?繝昴う繝ウ繧ソ縲?/span>
2839 * @return RES_OK
2840 * @return RES_ERROR
2841 * @return RES_DB_QUERY_ERROR
2842 * @return RES_NO_SUCH_USER
2843 *
2844 */
2845 result_t createSession( const char* sess_id, userid_t uid, sessionid_t* session )
2846 {
2847 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2848
2849 result_t ret;
2850 string sql;
2851 SQLHANDLE hstmt = NULL;
2852 SQLRETURN sqlcode;
2853
2854 sql = "SELECT count(*) from " + dbprefix + "_xnpaccount_users where uid=" + unsignedIntToString( uid ) + " and activate=1";
2855 unsigned int count;
2856 ret = queryGetUnsignedInt( "createSession", sql, &count );
2857 if