Develop and Download Open Source Software

XooNIps

Browse CVS Repository

/[OSDN]/xoonips/AL/commonal.cc

Contents of /xoonips/AL/commonal.cc

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.46 - (show annotations) (download) (as text)
Fri Jan 21 01:36:11 2005 UTC (19 years, 2 months ago) by youi
Branch: MAIN
Changes since 1.45: +259 -19 lines
File MIME type: text/x-c++src 
pubmed補完機能を追加した.
1 /*
2 *
3 * $Revision: 1.45 $
4 * $Log: commonal.cc,v $
5 * Revision 1.45 2005/01/19 10:07:53 aga
6 * ?祉?蚊?鴻?????若?九??????信罩?
7 *
8 * Revision 1.44 2005/01/19 06:01:59 youi
9 * ?∽?域申??
10 * getConfigValue
11 * setConfigValue
12 * getChangeLogs
13 * insertChangeLog
14 * getItemIDByBinderID
15 * registerBinderItem
16 * unregisterBinderItem
17 * getIndexPermission
18 * freeString
19 * freeChangeLog
20 * 綣??違??riteria_t??菴遵??
21 * getItemIDByIndexID
22 * 綣??違????綺??紊???/span>
23 * getCertifyState
24 * setCertifyState
25 * getCertifyPermission
26 * sessionID2UID,querySimple,queryGetUnsignedInt??????/span>
27 * insertItem????????rivateIndex?悟?脂?蚊??茵?????
28 * getItems: getItemPermission??篏帥?c??茯??粋昭?炊┤?????с????
29 *
30 * Revision 1.43 2005/01/19 01:42:15 aga
31 * ??_xnpaccount_index??id,uid??0??????????????篆??.
32 *
33 * Revision 1.42 2005/01/19 00:51:29 aga
34 * ??nsertIndex??_xnpaccount_index.index_id??????????????篆??.
35 *
36 * Revision 1.41 2005/01/19 00:06:51 aga
37 * ??pdateIndex?с??????????????綣???????????????腥冴?с?????????????若??????.
38 * ??reateSession?с??uid??Platform???若?吟?с??????activate?????????????????????若??????.
39 *
40 * Revision 1.40 2005/01/17 00:15:05 aga
41 * ??eleteIndex, updateIndex??け????????????????????篆??.
42 *
43 * Revision 1.39 2005/01/15 05:38:10 youi
44 * insertAccount: ??絖??????????<???泣?ゃ?肴??眼????
45 * updateAccount: ??絖??????????<???泣?ゃ?肴??眼????
46 * ?≪?ゃ????膊∞???∽?違??絎?臂?????.
47 * insertItem, getItem, getItems, dumpItemID, updateItem, deleteItem????
48 * freeGID, freeUID: 綣??違??????篆??.
49 *
50 * Revision 1.38 2005/01/15 00:39:16 aga
51 * ??_xnpaccount_item_basic???????紊???
52 *
53 * Revision 1.37 2005/01/14 10:36:59 aga
54 * ??ndex?≫?????????菴遵??.
55 * ??nsertAccount??rivate index??篏???????????篆??.
56 * ??nsertGroup??roup index ??篏???????????篆??.
57 *
58 * Revision 1.36 2005/01/13 04:19:22 aga
59 * ??P??XNP?????.
60 *
61 * Revision 1.35 2005/01/06 07:20:17 youi
62 * WIN32絎?臂??????ゃ?潟?????若????申??.
63 * MySQL API???≪?????????????<?ゃ????????
64 * deleteAccount: ??絮?????Platform?違???若???????????ゃ?????泣????.
65 * insertAccount: ???若?句?脂?蚊??????????????????Platform?違???若???悟?脂?蚊????.
66 * deleteMember: ??????????Platform?違???若???????????ゃ??胼?罩≪????.
67 * deleteMemberNoLimit???臂?
68 *
69 * Revision 1.34 2004/12/28 04:38:14 aga
70 * ??ogoutUser()??信罩?
71 *
72 * Revision 1.33 2004/12/27 05:56:23 youi
73 * odbcDiagString: STMT篁ュ?????潟??????????????????????眼????.
74 * syslog?<???祉?若?吾????????菴遵??????.
75 *
76 * Revision 1.32 2004/12/25 09:46:47 youi
77 * MySQL+MyODBC?у??篏???????????信罩c????.
78 *
79 * Revision 1.31 2004/12/21 11:42:59 youi
80 * ?潟?<?潟??????逸??祉???ゃ???????????菴遵??.
81 *
82 * Revision 1.30 2004/12/18 10:24:54 youi
83 * IMPORT_MYSQLDLL??絎?臂?????????鐚?MYSQL??LL?????????潟?????????????帥?ゃ??絎h???
84 * ???鴻????????????信罩c????.
85 *
86 * Revision 1.29 2004/12/18 01:12:29 youi
87 * freeResult???∽?医????free<???若?水??>????眼????.
88 *
89 * Revision 1.28 2004/12/14 12:02:08 youi
90 * __WIN__??絎?臂???????????indows??ll篏??????荀?????????茵?????.
91 * USE_SYSLOG??絎?臂???????????yslogd?吾?<???祉?若?吾???阪??????.
92 * getAccounts: uidsLen??0??????????????菴遵??????.
93 *
94 * Revision 1.27 2004/12/06 11:34:47 aga
95 * ??ninitializeDB()??菴遵??.
96 *
97 * Revision 1.26 2004/12/06 10:17:36 youi
98 * mysql_use_result????腟?????罧??????????冴??????鐚?
99 * while( row = mysql_fetch_row(result) );???水?ワ?
100 *
101 * Revision 1.25 2004/12/06 07:24:33 youi
102 * insertAccount, insertGroup:
103 * ?域?菴遵?????????宴???綽????????若??D鐚??違???若??ID??膃??綣??違???吾??莨若??.
104 *
105 * Revision 1.24 2004/12/06 01:45:50 aga
106 * ?祉?潟?<?潟???ゃ??.
107 * ?脂???上???篆??.
108 *
109 * Revision 1.23 2004/12/04 09:21:10 aga
110 * ??np_config ?? xnpaccount_config.
111 *
112 * Revision 1.22 2004/12/03 07:17:21 youi
113 * isModerator?с?≪???祉?鴻???????若?帥???若?鴻???若????????篆??.
114 *
115 * Revision 1.21 2004/12/01 10:28:58 youi
116 * DB????????????眼??軸??篆??
117 * institute -> division
118 * organizaion -> company_name
119 *
120 * Revision 1.20 2004/12/01 04:37:04 youi
121 * freeResult: unsigned int* ?? int* ?娯信罩?
122 * ?潟?<?潟???????∽?違???????菴処?.
123 *
124 * Revision 1.19 2004/11/30 06:40:11 youi
125 * ?∽?違??菴遵??(gidExists, uidExists)
126 * getGroupCount??絎?臂?
127 * getGroupsByUid??絎?臂?
128 * isGroupAdmin??篆??.
129 * dumpGroupAdmins??絎?臂?
130 * deleteMember??絎?臂?
131 * insertMember??絎?臂?
132 * getMembers??絎?臂?
133 * isModerator??絎?臂?
134 *
135 * Revision 1.18 2004/11/30 05:46:32 aga
136 * ??ession????remoteHost??????
137 *
138 * Revision 1.17 2004/11/27 09:35:49 youi
139 * isActivated??絎?臂?
140 * activate??絎?臂?
141 * dumpUid??絎?臂?
142 *
143 * Revision 1.16 2004/11/27 06:29:29 youi
144 * getAccountCount??絎?臂?
145 * dumpGids??絎?臂?
146 * insertGroup, deleteGroup, updateGroup??絎?臂?
147 * getGroup, getGroups??絎?臂?
148 * ???若?帥???若?劫?????????弱?冴?????鐚?RES_DB_NOT_INITIALIZED??菴????????????∽?違??申??
149 * (???綽????∽?違??罧??c??????)
150 *
151 * Revision 1.15 2004/11/27 02:22:22 aga
152 * ??nitializeDB????ddSlashes()???若?吟???純?<??????篆??.
153 *
154 * Revision 1.14 2004/11/27 01:07:31 youi
155 * criteria2str: LIMIT??RDER BY?????????ャ???帥????.
156 *
157 * Revision 1.13 2004/11/27 00:35:39 youi
158 * getAccounts??絎?臂?
159 * getAccount??篆??鐚???????etAccounts???若?喝?冴??.
160 * criteria2str??絎?臂?
161 *
162 * Revision 1.12 2004/11/26 09:45:28 youi
163 * getAccount??絎?臂?
164 *
165 * Revision 1.11 2004/11/26 08:16:26 aga
166 * ??etSession, loginUser, createSession, freeResult(const session_t*) 篆??.
167 *
168 * Revision 1.10 2004/11/26 07:57:42 youi
169 * updateAccount, deleteAccount??絎?臂?
170 * mysql_query紊掩??????tderr?吾?????若?潟?若?????????若?<???祉?若?吾???阪??.
171 *
172 * Revision 1.9 2004/11/26 07:38:02 aga
173 * ??AILUE -> FAILURE.
174 *
175 * Revision 1.8 2004/11/26 06:36:55 aga
176 * ??reateSession, getSession ??篏???.
177 *
178 * Revision 1.7 2004/11/26 04:51:47 youi
179 * dbprefix??絎?臂?????.
180 * insertAccount??絎?臂?????.
181 * isValidSessionID??絎?臂?????.
182 *
183 * Revision 1.6 2004/11/26 04:35:55 aga
184 * ??oginUser(), logoutUser()??篏???.
185 *
186 * Revision 1.5 2004/11/26 01:08:25 aga
187 * ??ddSlashes()篏???.
188 *
189 * Revision 1.4 2004/11/25 12:14:29 youi
190 * getUid????????絎?臂?????.
191 *
192 * Revision 1.3 2004/11/25 11:13:59 youi
193 * getLastErrorString/setLastErrorString??絎?臂?
194 *
195 * Revision 1.2 2004/11/25 08:55:19 youi
196 * 綣??違??????篆??.
197 * freeResult??菴遵??.
198 *
199 * Revision 1.1 2004/11/25 05:14:58 youi
200 * initial version
201 *
202 *
203 */
204 #ifdef WIN32
205 #include <windows.h>
206 #endif
207
208 #ifdef USE_SYSLOG
209 #include <syslog.h>
210 #endif
211
212 #include <stdio.h>
213 #include <stdlib.h>
214 #include <string.h>
215 #include <string>
216 #include <assert.h>
217 #include <sql.h>
218 #include <sqlext.h>
219 #include <libxml/xmlreader.h>
220
221 using namespace std;
222
223 #include "common.h"
224 #include "account.h"
225 #include "group.h"
226 #include "session.h"
227 #include "item.h"
228 #include "itemtype.h"
229 #include "criteria.h"
230 #include "commonal.h"
231 #include "item.h"
232 #include "index.h"
233 #include "changelog.h"
234 #include "pubmed.h"
235
236 static string dbprefix; //!< XOOPS???若?帥???若?鴻???若??????REFIX
237
238 static SQLHANDLE henv = NULL;
239 static SQLHANDLE hdbc = NULL;
240 static SQLHANDLE hstmt = NULL;
241
242 static void processEfetch(xmlTextReaderPtr reader, pubmed_t* p);
243 static int streamPubmedFile(const char *filename, pubmed_t* p);
244
245 static result_t insertIndexInternal( sessionid_t sid, index_t *index, indexid_t *xid );
246
247 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode );
248 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid );
249
250 static result_t countResultRows( const char* sql, SQLINTEGER* count )
251 {
252 result_t ret = RES_ERROR;
253 SQLRETURN sqlcode;
254 SQLHANDLE hstmt = NULL;
255 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
256 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql, strlen( sql ) ) ) == SQL_SUCCESS ){
257 *count = 0;
258 while( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ) ( *count )++;
259 ret = RES_OK;
260 }else{
261 string s( "SQLExecDirect in countResultRows " );
262 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
263 s += "sql=";
264 s += string( sql );
265 setLastErrorString( s.c_str( ) );
266 ret = RES_DB_QUERY_ERROR;
267 }
268 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
269 }
270 return ret;
271 }
272
273
274 /**
275 *
276 * ?ゃ?潟???????合?脂?駕??≪?ゃ?????贋?違??茵????c?????????粋??倶?????????ゃ??鐚?
277 * ?激?鴻????荐???????????c??????障??鐚?/span>
278 *
279 */
280 static certify_t getInitialCertifyStateFromConfig( )
281 {
282 char* certify_item_val;
283 certify_t ret = index::NOT_CERTIFIED;
284
285 if( getConfigValue( XNP_CONFIG_CERTIFY_ITEM_KEY, &certify_item_val ) == RES_OK ){
286 if( strcmp( certify_item_val, XNP_CONFIG_CERTIFY_ITEM_AUTO ) == 0 ){
287 //certify automatic
288 ret = index::CERTIFIED;
289 }else if( strcmp( certify_item_val, XNP_CONFIG_CERTIFY_ITEM_ON ) == 0 ){
290 //certify by moderator or group admin
291 ret = index::CERTIFY_REQUIRED;
292 }
293 freeString( certify_item_val );
294 }
295 return ret;
296 }
297
298 /**
299 *
300 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚?Platform???若?吟??????ctivate??
301 * ????????????菴???
302 *
303 * @param sid ?祉???激?с??D
304 * @return true Activate??????????
305 * @return false Activate??????????鐚??障??????????/span>
306 *
307 */
308 static bool isActivatedBySession( sessionid_t sid )
309 {
310 const session_t* session;
311 if( getSession( sid, &session ) == RES_OK ){
312 userid_t sess_uid = session -> getUID( );
313 freeSession( session );
314 return isActivated( sid, sess_uid );
315 }
316 return false;
317 }
318
319 /**
320 *
321 * ?祉???激?с?潟???綽?篁????????????若?吟??鐚??≪?????若?帥?с??????鐚?
322 *
323 *
324 * @param sid ?祉???激?с??D
325 * @return true ?≪?????若??/span>
326 * @return false ?≪?????若?帥?с????鐚??障??????????/span>
327 *
328 */
329 static bool isModeratorBySession( sessionid_t sid )
330 {
331 const session_t* session;
332 if( getSession( sid, &session ) == RES_OK ){
333 userid_t sess_uid = session -> getUID( );
334 freeSession( session );
335 return isModerator( sid, sess_uid );
336 }
337 return false;
338 }
339
340
341
342
343 /** SQL??絎?茵???????腟?????????????
344 * @param sql sql
345 * @return result_t
346 */
347 static result_t querySimple( const char *functionName, string &sql ){
348 result_t ret = RES_ERROR;
349 SQLRETURN sqlcode;
350 SQLHANDLE hstmt = NULL;
351 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
352 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
353 ret = RES_OK;
354 }else{
355 string s( "SQLExecDirect in querySimple " );
356 s += functionName;
357 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
358 s += "sql=";
359 s += sql;
360 setLastErrorString( s.c_str( ) );
361 ret = RES_DB_QUERY_ERROR;
362 }
363 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
364 }
365 else {
366 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in querySimple " );
367 ret = RES_ERROR;
368 }
369 return ret;
370 }
371
372 /** SQL??絎?茵?????1茵????????????贋?医??NULL????0???帥????)???水?????????
373 * @param sql sql
374 * @param u ?贋?医?ゃ??????????紊??違??
375 * @return result_t
376 */
377 static result_t queryGetUnsignedInt( const char *functionName, string &sql, unsigned int *u ){
378 result_t ret = RES_ERROR;
379 SQLRETURN sqlcode;
380 SQLHANDLE hstmt = NULL;
381 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
382 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
383 SQLUINTEGER sInt = 0;
384 SQLINTEGER len = 0;
385 SQLBindCol( hstmt, 1, SQL_C_ULONG, &sInt, 0, &len );
386 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
387 if ( len == SQL_NULL_DATA )
388 sInt = 0;
389 *u = sInt;
390 ret = RES_OK;
391 }else{
392 string s( "SQLFetch in queryGetUnsignedInt " );
393 s += functionName;
394 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
395 setLastErrorString( s.c_str( ) );
396 ret = RES_ERROR;
397 }
398 }else{
399 string s( "SQLExecDirect in queryGetUnsignedInt " );
400 s += functionName;
401 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
402 s += "sql=";
403 s += sql;
404 setLastErrorString( s.c_str( ) );
405 ret = RES_DB_QUERY_ERROR;
406 }
407 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
408 }
409 else {
410 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in queryGetUnsignedInt " );
411 ret = RES_ERROR;
412 }
413 return ret;
414 }
415
416 /**
417 *
418 * ??絖????潟???種?
419 * ??絎???絖??違???潟???若??鐚????????<????緇???NULL腟?腴?????鐚?/span>
420 * ( dst???泣?ゃ? >= len + 1 )?с????????/span>
421 *
422 */
423 static char* strncpy2( char* dst, const char* src, int len )
424 {
425 strncpy( dst, src, len );
426 dst[ len ] = '\0';
427 //fprintf( stderr, "\nstrncpy2 '%s'\n", dst );
428 return dst;
429 }
430
431 /**
432 *
433 * SQL???茵?腟????????????惹??絖?????????????
434 *
435 * @param hstmt SQL??????潟????/span>
436 * @param sqlcode SQLExecDirect,SQLExecute???祉????/span>
437 * @return ?????惹??絖???
438 */
439 static string odbcDiagString( SQLSMALLINT HandleType, SQLHANDLE hstmt, SQLRETURN sqlcode )
440 {
441 string s;
442 if( sqlcode == SQL_ERROR || sqlcode == SQL_SUCCESS_WITH_INFO ){
443 SQLCHAR SQLState[6];
444 SQLINTEGER NativeError;
445 SQLCHAR MessageText[ 1024 ];
446 SQLSMALLINT BufferLength;
447 SQLSMALLINT TextLength;
448 SQLGetDiagRec( HandleType, hstmt, 1, SQLState, &NativeError, MessageText, 1024, &TextLength );
449
450 s += string( (char*)MessageText );
451 s += " SQLSTATE=";
452 s += string( (char*)SQLState );
453
454 }
455 s += " sqlcode=";
456 s += intToString( sqlcode );
457 return s;
458 }
459
460 /**
461 *
462 * ??絎??????????ゃ???????冴??????????絖?????菴???
463 *
464 */
465 string getResultCol( SQLHANDLE hstmt, int col )
466 {
467 string s;
468 SQLRETURN sqlcode;
469 SQLCHAR BinaryPtr[5000];
470 SQLUINTEGER PartID;
471 SQLINTEGER PartIDInd, BinaryLenOrInd, NumBytes;
472 SQLRETURN rc;
473
474 while ( ( sqlcode = SQLGetData(hstmt, col, SQL_C_CHAR, BinaryPtr, sizeof(BinaryPtr),
475 &BinaryLenOrInd)) != SQL_NO_DATA) {
476 NumBytes = (BinaryLenOrInd > 5000) || (BinaryLenOrInd == SQL_NO_TOTAL) ? 5000 : BinaryLenOrInd;
477 if( NumBytes >= 0 ){
478 s += string( (char*)BinaryPtr, NumBytes );
479 }
480 }
481 #ifdef USE_SYSLOG
482 // openlog( "commonal", LOG_ODELAY, LOG_USER );
483 // syslog( LOG_DEBUG, "getResultCol col=%d ret='%s'\n", col, s.c_str());
484 // closelog( );
485 #endif
486 return s;
487 }
488
489
490 /**
491 *
492 * ?????若????????\荐??激?с???鴻?宴?若??????
493 *
494 * @param str addslashes???鴻????絖?????NULL??絎?筝?????
495 * @return 紊???緇?????絖???
496 */
497 string addSlashes( const char *str )
498 {
499 if ( hdbc == NULL ){
500 string s;
501 return s;
502 }else{
503 string s( str );
504 return s;
505 }
506
507 int len = strlen(str) * 3;
508 char* dst = new char[ len ];
509 const char* from = str;
510 char* to = dst;
511 while( *from != '\0' ){
512 switch( *from ){
513 case '\'':
514 case '\"':
515 case ';':
516 *to = '\\'; to++;
517 break;
518 }
519 *to = *from; to++;
520 from++;
521 }
522 *to = '\0';
523 string s( dst );
524 delete[] dst;
525 return s;
526 }
527
528 /** Xoops Module ??┃絎???茯帥?鴻??
529 * @param module ?≪?吾?ャ?若????irname
530 * @param key 荐????ey
531 * @param value 荐????菴???紊??違??
532 * @return
533 */
534 static result_t getXoopsModuleConfigValue( const char *module, const char *key, char **value ){
535 SQLRETURN sqlcode;
536 SQLHANDLE hstmt = NULL;
537 result_t result = RES_ERROR;
538
539 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
540 string sql = "SELECT conf_value "
541 " from " + dbprefix + "_config as tc, " + dbprefix + "_modules as tm "
542 " where tm.mid=tc.conf_modid and tm.dirname = ? and tc.conf_name = ? ";
543 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
544 SQLINTEGER cbModule = SQL_NTS, cbKey = SQL_NTS;
545 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_VARCHAR, strlen(module), 0, (SQLCHAR *)module, 0, &cbModule );
546 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_VARCHAR, strlen(key), 0, (SQLCHAR *)key, 0, &cbKey );
547 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), strlen( sql.c_str() ) ) ) == SQL_SUCCESS ){
548 if ( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
549 string s = getResultCol( hstmt, 1 );
550 *value = new char[s.length()+1];
551 strcpy( *value, s.c_str() );
552 result = RES_OK;
553 }
554 else if ( sqlcode == SQL_NO_DATA ){
555 value = 0;
556 result = RES_OK;
557 }
558 else {
559 string s( "SQLFetch in getXoopsModuleConfig " );
560 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
561 s += "sql=";
562 s += sql;
563 setLastErrorString( s.c_str( ) );
564 result = RES_ERROR;
565 }
566 }else{
567 string s( "SQLExecDirect in getXoopsModuleConfig " );
568 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
569 s += "sql=";
570 s += sql;
571 setLastErrorString( s.c_str( ) );
572 result = RES_DB_QUERY_ERROR;
573 }
574 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
575 }
576 else {
577 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getXoopsModuleConfig " );
578 result = RES_ERROR;
579 }
580 return result;
581 }
582
583 /** ?蚊?鴻?????若?吟??XooNiPs??ublic???≪?ゃ??????荀??????????с??????????????菴?????
584 */
585 static bool isGuestEnabled(){
586 char *value = 0;
587 result_t result = getXoopsModuleConfigValue( "xnpaccount", "public_item_target_user", &value );
588 if ( result != RES_OK )
589 return false;
590 if ( value == 0 )
591 return false;
592 bool enabled = ( strcmp( value, "all" ) == 0 );
593 freeString( value );
594 return enabled;
595 }
596
597 /** sid????uid??緇?????
598 * @param sid session id
599 * @param uid uid??????????紊???/span>
600 * @return RES_OK
601 * sid?????鴻??essionid?с???????????翫??*uid???????鴻??id???ャ????
602 * ???????????????≪?ゃ????????XooNiPs???若?吟?????? ????id??session::SID_GUEST(=0)?с???????????翫????*uid????ccount::UID_GUEST(=0)???ャ????
603 * @return ????? ??????/span>
604 */
605 static result_t sessionID2UID( sessionid_t sid, userid_t *uid ){
606 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
607
608 SQLRETURN sqlcode;
609 SQLHANDLE hstmt = NULL;
610
611 if ( sid == session::SID_GUEST ){
612 if ( isGuestEnabled() ){
613 *uid = account::UID_GUEST;
614 return RES_OK;
615 }
616 return RES_NO_SUCH_SESSION;
617 }
618 else {
619 string sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_session WHERE sid=" + unsignedIntToString(sid);
620 return queryGetUnsignedInt( "sessionID2UID", sql, uid );
621 }
622 }
623
624
625
626 /**
627 *
628 * gid??????????с????
629 * DB???≪???祉?劫け????????false??????鐚?/span>
630 *
631 * @param gid ???с??????????GID
632 * @return true 絖???????
633 * @return false 絖?????????
634 *
635 */
636 static bool gidExists( groupid_t gid )
637 {
638 string sql;
639 SQLRETURN sqlcode;
640 SQLHANDLE hstmt = NULL;
641
642 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) != SQL_SUCCESS ) {
643 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in gidExists" );
644 return false;
645 }
646
647 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups ";
648 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
649 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) != SQL_SUCCESS ){
650 setLastErrorString( "SQLExecDirect in gidExists" );
651 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
652 return false;
653 }
654
655 if( ( sqlcode = SQLFetch( hstmt ) ) != SQL_SUCCESS ){
656 setLastErrorString( "SQLFetch in gidExists" );
657 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
658 return false;
659 }
660
661 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
662 return true;
663 }
664
665
666 /**
667 *
668 * Platform???若?倶???宴??id??絖??????????????с????
669 * DB???≪???祉?劫け????????false??????鐚?/span>
670 *
671 * @param uid ???с??????????UID
672 * @return true 絖???????
673 * @return false 絖?????????
674 *
675 */
676 static bool uidExists( userid_t uid )
677 {
678 bool ret = false;
679 string sql;
680 SQLRETURN sqlcode;
681 SQLINTEGER count = 0;
682
683 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
684 sql += "WHERE uid=" + string( unsignedIntToString( uid ) );
685 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
686 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
687 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
688 ret = true;
689 }else{
690 string s( "SQLFetch in uidExists ");
691 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
692 s += string( ", sql=" ) + string( sql );
693 setLastErrorString( s.c_str( ) );
694 ret = false;
695 }
696 }else{
697 string s( "SQLExecDirect in uidExists ");
698 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
699 s += string( ", sql=" ) + string( sql );
700 setLastErrorString( s.c_str( ) );
701 ret = false;
702 }
703 }else{
704 string s( "SQLAllocHandle in uidExists ");
705 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
706 setLastErrorString( s.c_str( ) );
707 ret = false;
708 }
709 return ret;
710 }
711
712
713 /**
714 *
715 * criteria ?? SQL?????????
716 *
717 *
718 *
719 */
720 string criteria2str( criteria* cri )
721 {
722 string sql;
723
724 const orderby* odrby = cri -> headOrderBy( );
725 if( odrby != 0 ){
726 sql += " ORDER BY " + string( odrby -> getColumn( ) );
727 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
728 while( ( odrby = cri -> nextOrderBy( ) ) != 0 ){
729 sql += ", " + string( odrby -> getColumn( ) );
730 sql += ( odrby -> getOrder( ) == orderby::DESC ) ? " DESC" : " ";
731 }
732 }
733
734 if( cri -> getLimitStart( ) != 0 || cri -> getLimitRows( ) != 0 ){
735 sql += " LIMIT " + string( intToString( cri -> getLimitStart( ) ) )
736 + ", " + string( intToString( cri -> getLimitRows( ) ) );
737 }
738 return sql;
739 }
740
741
742 /**
743 *
744 * ???若?帥???若?鴻????????
745 *
746 * @param dsn DSN
747 * @param user ???若?帥???若?鴻???≪???祉?鴻???????若?九??
748 * @param password 筝?荐????若?吟?????鴻???若??
749 * @param dbname ??????/span>
750 * @param prefix XOOPS???若?帥???若?鴻???若??????REFIX
751 * @return RES_OK
752 * @return RES_DB_INITIALIZE_ERROR
753 * @return RES_DB_CONNECT_ERROR
754 * @refer result_t
755 */
756 result_t initializeDB( const char* dsn, const char* user, const char* password, const char* dbname, const char* prefix )
757 {
758 SQLRETURN sqlcode;
759
760 #ifdef USE_SYSLOG
761 openlog( "commonal", LOG_ODELAY, LOG_USER );
762 #endif
763 // ?≪??・膓?筝???????筝???????/span>
764 if ( hdbc != NULL )
765 SQLDisconnect( hdbc );
766
767 dbprefix = prefix;
768
769 // ????????・膓?
770 // if( SQLAllocEnv( &henv ) != SQL_SUCCESS ) {
771 if( SQLAllocHandle( SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv ) != SQL_SUCCESS ) {
772 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_ENV,...) in initializeDB" );
773 #ifdef USE_SYSLOG
774 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
775 closelog( );
776 #endif
777 return RES_DB_INITIALIZE_ERROR;
778 }
779 //ODBC Ver.3 ????????????????????с??荐??
780 SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0);
781
782 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_DBC, henv, &hdbc ) ) != SQL_SUCCESS ) {
783 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_DBC,...) in initializeDB" );
784 #ifdef USE_SYSLOG
785 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
786 closelog( );
787 #endif
788 return RES_DB_INITIALIZE_ERROR;
789 }
790 //???違?ゃ?潟??腱?篁ヤ?荀????????帥?ゃ???≪????????荐??
791 SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (SQLPOINTER *)5, 0);
792
793 if ( ( sqlcode = SQLConnect( hdbc, (SQLCHAR*)dsn, strlen( dsn ), (SQLCHAR*)user, strlen( user ), (SQLCHAR*)password, strlen( password ) ) ) != SQL_SUCCESS ){
794 string s( "SQLConnect in initializeDB " );
795 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
796 setLastErrorString( s.c_str( ) );
797 #ifdef USE_SYSLOG
798 syslog( LOG_DEBUG, "initializeDB %s", getLastErrorString( ) );
799 closelog( );
800 #endif
801 return RES_DB_CONNECT_ERROR;
802 }
803 #ifdef USE_SYSLOG
804 syslog( LOG_DEBUG, "initializeDB succeed" );
805 closelog( );
806 #endif
807 return RES_OK;
808 }
809
810 /**
811 *
812 * DB?ョ????????違???????????障??????
813 *
814 * @param ????
815 * @return RES_OK
816 */
817 result_t uninitializeDB()
818 {
819 if ( hdbc != NULL ){
820 SQLDisconnect( hdbc );
821 hdbc = NULL;
822 }
823 return RES_OK;
824 }
825
826 /**
827 *
828 * Platform???若?倶?粋??倶????緇?
829 *
830 * @param sid ?祉???激?с??D
831 * @param uid ?倶??????緇??????????若?吟??ID
832 * @return true ?粋?羝???/span>
833 * @return false ???粋?
834 *
835 */
836 bool isActivated( sessionid_t sid, userid_t uid )
837 {
838 if( hdbc == NULL ) return false;
839 if( !isValidSessionID( sid ) ) return false;
840
841 bool ret = false;
842 string sql;
843 SQLRETURN sqlcode;
844 SQLHANDLE hstmt = NULL;
845
846 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_users ";
847 sql += "WHERE activate=1 and uid=" + string( unsignedIntToString( uid ) );
848 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
849 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
850 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
851 ret = true;
852 }else{
853 string s( "SQLFetch in isActivated " );
854 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
855 s += ", sql=" + sql;
856 setLastErrorString( s.c_str() );
857 ret = false;
858 }
859 }else{
860 string s( "SQLExecDirect in isActivated " );
861 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
862 s += ", sql=" + sql;
863 setLastErrorString( s.c_str() );
864 ret = false;
865 }
866 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
867 }else{
868 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in isActivated" );
869 ret = false;
870 }
871 return ret;
872 }
873
874 /**
875 *
876 * Platform???若?倶?粋??倶??紊???/span>
877 *
878 * @param sid ?祉???激?с??D
879 * @param uid 紊??眼?????????若?吟??ID
880 * @param activate ?粋?(true) / ???粋?(false)????絎?
881 * @return RES_OK
882 * @return RES_DB_QUERY_ERROR
883 * @return RES_NO_SUCH_USER
884 */
885 result_t activate( sessionid_t sid, userid_t uid, bool activate )
886 {
887 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
888 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
889
890 string sql;
891 SQLRETURN sqlcode;
892 result_t ret = RES_ERROR;
893
894 sql = "UPDATE " + dbprefix + "_xnpaccount_users ";
895 sql += "SET activate=" + string( activate ? "1" : "0" );
896 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
897 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
898 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
899 SQLINTEGER count = 0;
900 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
901 ret = RES_OK;
902 }else{
903 string s( "SQLRowCount in activate ");
904 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
905 s += string( ", sql=" ) + string( sql );
906 setLastErrorString( s.c_str( ) );
907 ret = RES_NO_SUCH_USER;
908 }
909 }else{
910 string s( "SQLExecDirect in activate " );
911 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
912 s += ", sql=";
913 s += string( sql );
914 setLastErrorString( s.c_str( ) );
915 ret = RES_DB_QUERY_ERROR;
916 }
917 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
918 }else{
919 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in activate" );
920 ret = RES_ERROR;
921 }
922 return ret;
923 }
924
925 /**
926 *
927 * ?≪?????潟???違????緇?????鐚?/span>
928 *
929 * @param sid ?祉???激?с??D
930 * @return ?≪?????潟????/span>
931 *
932 */
933 int getAccountCount( sessionid_t sid )
934 {
935 if( hdbc == NULL ) return 0;
936 if( !isValidSessionID( sid ) ) return 0;
937
938 int ret = 0;
939 string sql;
940 SQLRETURN sqlcode;
941 SQLHANDLE hstmt = NULL;
942
943 //?≪?????潟???違??羆?????
944 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_users ";
945 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
946 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
947 SQLUINTEGER count = 0;
948 SQLINTEGER len = 0;
949 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
950 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
951 ret = count;
952 }else {
953 string s( "SQLFetch in getAccountCount sql=" );
954 s += string( sql );
955 setLastErrorString( s.c_str( ) );
956 ret = 0;
957 }
958 }else{
959 setLastErrorString( "SQLExecDirect in getAccountCount" );
960 ret = 0;
961 }
962 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
963 }else{
964 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccountCount" );
965 ret = 0;
966 }
967 return ret;
968 }
969
970 /**
971 *
972 * ?≪?????潟??????/span>
973 * ?違???若???????????ゃ?????若?倶???宴?????ゃ??茵??????障??鐚?/span>
974 *
975 * @param
976 * @return RES_OK
977 * @return RES_ERROR
978 * @return RES_DB_NOT_INITIALIZED
979 * @return RES_NO_SUCH_SESSION
980 * @return RES_DB_QUERY_ERROR
981 *
982 */
983 result_t deleteAccount( sessionid_t sid, userid_t uid )
984 {
985 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
986 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
987
988 result_t ret1 = RES_ERROR, ret2 = RES_ERROR;
989 criteria_t c;
990 string sql;
991 groupid_t* gids;
992 int gidsLen;
993 SQLRETURN sqlcode;
994 SQLHANDLE hstmt = NULL;
995
996 /*
997 1. delete user from default platform group
998 2. delete user profile from xoops_users
999 3. delete platform user from xnpaccount_users
1000 */
1001
1002 //1. delete user from platform groups
1003 c.clearAll();
1004 if( getGroupsByUid( sid, uid, &c, &gids, &gidsLen ) == RES_OK ){
1005 for( int i = 0; i < gidsLen; i++ )
1006 deleteMemberNoLimit( sid, gids[ i ], uid );
1007 freeGID( gids );
1008 }
1009
1010 //2. delete user profile from xoops_users
1011 sql = "DELETE FROM " + dbprefix + "_users ";
1012 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
1013 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1014 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1015 SQLINTEGER count = 0;
1016 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1017 ret1 = RES_OK;
1018 }else{
1019 string s( "SQLRowCount in deleteAccount" );
1020 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1021 s += string( ", sql=" ) + string( sql );
1022 setLastErrorString( s.c_str( ) );
1023 ret1 = RES_NO_SUCH_USER;
1024 }
1025 }else{
1026 string s( "SQLExecDirect in deleteAccount" );
1027 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1028 s += ", sql=";
1029 s += string( sql );
1030 setLastErrorString( s.c_str( ) );
1031 ret1 = RES_DB_QUERY_ERROR;
1032 }
1033 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1034 }else{
1035 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
1036 ret1 = RES_ERROR;
1037 }
1038
1039 //3. delete platform user from xnpaccount_users
1040 sql = "DELETE FROM " + dbprefix + "_xnpaccount_users ";
1041 sql += "WHERE uid = " + string( unsignedIntToString( uid ) );
1042 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1043 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1044 SQLINTEGER count = 0;
1045 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1046 ret2 = RES_OK;
1047 }else{
1048 string s( "SQLRowCount in deleteAccount" );
1049 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1050 s += string( ", sql=" ) + string( sql );
1051 setLastErrorString( s.c_str( ) );
1052 ret2 = RES_NO_SUCH_USER;
1053 }
1054 }else{
1055 string s( "SQLExecDirect in deleteAccount" );
1056 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1057 s += ", sql=";
1058 s += string( sql );
1059 setLastErrorString( s.c_str( ) );
1060 ret2 = RES_DB_QUERY_ERROR;
1061 }
1062 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1063 }else{
1064 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteAccount" );
1065 ret2 = RES_ERROR;
1066 }
1067
1068 //筝??鴻?с???????若?????????若??菴???
1069 return ret1 != RES_OK ? ret1 : ret2;
1070 }
1071
1072 /**
1073 *
1074 * ?≪?????潟?????怨??
1075 *
1076 * @param sid ?祉???激?с??D
1077 * @param uid ??緇??????????若?吟??ID
1078 * @param acc ??緇??????≪?????潟??????account_t)?????ゃ?潟?帥???吾??莨若??綣???/span>
1079 * @return RES_OK
1080 * @return RES_DB_NOT_INITIALIZED
1081 * @return RES_NO_SUCH_USER
1082 * @return RES_NO_SUCH_SESSION
1083 * @return RES_DB_QUERY_ERROR
1084 *
1085 */
1086 result_t getAccount( sessionid_t sid, userid_t uid, const account_t** acc )
1087 {
1088 int len;
1089 static criteria c;
1090 result_t res = getAccounts( sid, &uid, 1, &c, acc, &len );
1091 if( len == 0 ) return RES_NO_SUCH_USER;
1092 return res;
1093 }
1094
1095 /**
1096 *
1097 * ?≪?????潟?????怨??
1098 *
1099 * @param sid ?祉???激?с??D
1100 * @param uids ??緇??????????若?吟??ID??????
1101 * @param uidsLen uids???????膣???/span>
1102 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1103 * @param accounts 罎?膣∝??????????????ゃ?潟?帥???吾??莨若??綣???/span>
1104 * @param accountsLen 罎?膣∝???????????*accounts???膣???
1105 * @return RES_OK
1106 * @return RES_DB_NOT_INITIALIZED
1107 * @return RES_NO_SUCH_SESSION
1108 * @return RES_DB_QUERY_ERROR
1109 *
1110 */
1111 result_t getAccounts( sessionid_t sid, const userid_t* uids, int uidsLen, criteria_t* cri, const account_t** accounts, int* accountsLen )
1112 {
1113 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1114 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1115 if( uidsLen <= 0 ){
1116 *accounts = new account_t[ 0 ];
1117 *accountsLen = 0;
1118 #ifdef USE_SYSLOG
1119 openlog( "commonal", LOG_ODELAY, LOG_USER );
1120 syslog( LOG_DEBUG, "getAccounts succeed len=0" );
1121 closelog( );
1122 #endif
1123 return RES_OK;
1124 }
1125
1126 #ifdef USE_SYSLOG
1127 openlog( "commonal", LOG_ODELAY, LOG_USER );
1128 syslog( LOG_DEBUG, "begin of getAccounts" );
1129 #endif
1130 result_t ret = RES_ERROR;
1131 SQLRETURN sqlcode;
1132 SQLHANDLE hstmt = NULL;
1133 string sql;
1134 account_t* dst = new account_t[ uidsLen ];
1135
1136 sql += "SELECT u1.uid, u1.name, u1.uname, u1.email, u1.url, u1.user_avatar, u1.user_regdate, u1.user_icq, u1.user_from, u1.user_sig, u1.user_viewemail, u1.actkey, u1.user_aim, u1.user_yim, u1.user_msnm, u1.pass, u1.posts, u1.attachsig, u1.rank, u1.level, u1.theme, u1.timezone_offset, u1.last_login, u1.umode, u1.uorder, u1.notify_method, u1.notify_mode, u1.user_occ, u1.bio, u1.user_intrest, u1.user_mailok, u2.activate, u2.address, u2.division, u2.tel, u2.company_name, u2.country, u2.zipcode, u2.fax, u2.base_url, u2.notice_mail, u2.notice_mail_since, u2.private_index_id ";
1137 sql += "FROM " + dbprefix + "_users AS u1, " + dbprefix + "_xnpaccount_users AS u2 ";
1138 sql += "WHERE u1.uid = u2.uid ";
1139 if( uidsLen > 0 ){
1140 #ifdef USE_SYSLOG
1141 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", 0, uids[0] );
1142 #endif
1143 sql += "AND ( u1.uid=" + string( unsignedIntToString( uids[ 0 ] ) );
1144 for( int i = 1; i < uidsLen; i++ ){
1145 #ifdef USE_SYSLOG
1146 syslog( LOG_DEBUG, "set uid[%d] value=%d to ...", i, uids[i] );
1147 #endif
1148 sql += " OR u1.uid=" + string( unsignedIntToString( uids[ i ] ) );
1149 }
1150 sql += " ) ";
1151 }
1152 sql += criteria2str( cri );
1153 #ifdef USE_SYSLOG
1154 syslog( LOG_DEBUG, "sql=%s", sql.c_str() );
1155 #endif
1156
1157 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1158 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1159 SQLINTEGER len = 0;
1160 userid_t uid = 0;
1161 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1162 *accountsLen=0;
1163 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < uidsLen ; i++ ){
1164 dst[ i ].setUID( uid );
1165 dst[ i ].setName( getResultCol( hstmt, 2 ).c_str() );
1166 dst[ i ].setUname( getResultCol( hstmt, 3 ).c_str() );
1167 dst[ i ].setEmail( getResultCol( hstmt, 4 ).c_str() );
1168 dst[ i ].setURL( getResultCol( hstmt, 5 ).c_str() );
1169 dst[ i ].setUserAvatar( getResultCol( hstmt, 6 ).c_str() );
1170 dst[ i ].setUserRegdate( atoi( getResultCol( hstmt, 7 ).c_str() ) );
1171 dst[ i ].setUserIcq( getResultCol( hstmt, 8 ).c_str() );
1172 dst[ i ].setUserFrom( getResultCol( hstmt, 9 ).c_str() );
1173 dst[ i ].setUserSig( getResultCol( hstmt, 10 ).c_str() );
1174 dst[ i ].setUserViewemail( atoi( getResultCol( hstmt, 11 ).c_str() ));
1175 dst[ i ].setActkey( getResultCol( hstmt, 12 ).c_str() );
1176 dst[ i ].setUserAim( getResultCol( hstmt, 13 ).c_str() );
1177 dst[ i ].setUserYim( getResultCol( hstmt, 14 ).c_str() );
1178 dst[ i ].setUserMsnm( getResultCol( hstmt, 15 ).c_str() );
1179 dst[ i ].setPass( getResultCol( hstmt, 16 ).c_str() );
1180 dst[ i ].setPosts( atoi( getResultCol( hstmt, 17 ).c_str() ));
1181 dst[ i ].setAttachsig( atoi( getResultCol( hstmt, 18 ).c_str() ));
1182 dst[ i ].setRank( atoi( getResultCol( hstmt, 19 ).c_str() ));
1183 dst[ i ].setLevel( atoi( getResultCol( hstmt, 20 ).c_str() ));
1184 dst[ i ].setTheme( getResultCol( hstmt, 21 ).c_str() );
1185 dst[ i ].setTimezoneOffset( atof( getResultCol( hstmt, 22 ).c_str() ) );
1186 dst[ i ].setLastLogin( atoi( getResultCol( hstmt, 23 ).c_str() ));
1187 dst[ i ].setUmode( getResultCol( hstmt, 24 ).c_str() );
1188 dst[ i ].setUorder( atoi( getResultCol( hstmt, 25 ).c_str() ));
1189 dst[ i ].setNotifyMethod( atoi( getResultCol( hstmt, 26 ).c_str() ));
1190 dst[ i ].setNotifyMode( atoi( getResultCol( hstmt, 27 ).c_str() ));
1191 dst[ i ].setUserOcc( getResultCol( hstmt, 28 ).c_str() );
1192 dst[ i ].setBio( getResultCol( hstmt, 29 ).c_str() );
1193 dst[ i ].setUserIntrest( getResultCol( hstmt, 30 ).c_str() );
1194 dst[ i ].setUserMailok( atoi( getResultCol( hstmt, 31 ).c_str() ));
1195 dst[ i ].setActivate( atoi( getResultCol( hstmt, 32 ).c_str() ));
1196 dst[ i ].setAddress( getResultCol( hstmt, 33 ).c_str() );
1197 dst[ i ].setDivision( getResultCol( hstmt, 34 ).c_str() );
1198 dst[ i ].setTel( getResultCol( hstmt, 35 ).c_str() );
1199 dst[ i ].setCompanyName( getResultCol( hstmt, 36 ).c_str() );
1200 dst[ i ].setCountry( getResultCol( hstmt, 37 ).c_str() );
1201 dst[ i ].setZipcode( getResultCol( hstmt, 38 ).c_str() );
1202 dst[ i ].setFax( getResultCol( hstmt, 39 ).c_str() );
1203 dst[ i ].setBaseURL( getResultCol( hstmt, 40 ).c_str() );
1204 dst[ i ].setNoticeMail( atoi( getResultCol( hstmt, 41 ).c_str() ));
1205 dst[ i ].setNoticeMailSince( atoi( getResultCol( hstmt, 42 ).c_str() ));
1206 dst[ i ].setPrivateIndexID( atoi( getResultCol( hstmt, 43 ).c_str() ));
1207 #ifdef USE_SYSLOG
1208 syslog( LOG_DEBUG, "set to account_t %d", i );
1209 #endif
1210 ( *accountsLen )++;
1211 }
1212 *accounts = dst;
1213 #ifdef USE_SYSLOG
1214 syslog( LOG_DEBUG, "getAccounts succeed" );
1215 #endif
1216 ret = RES_OK;
1217 }else{
1218 string s( "SQLExecDirect in getAccounts" );
1219 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1220 s += string( ", sql=" ) + string( sql );
1221 setLastErrorString( s.c_str( ) );
1222 #ifdef USE_SYSLOG
1223 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1224 #endif
1225 ret = RES_DB_QUERY_ERROR;
1226 }
1227 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1228 }else{
1229 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getAccounts" );
1230 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1231 setLastErrorString( s.c_str( ) );
1232 #ifdef USE_SYSLOG
1233 syslog( LOG_DEBUG, "getAccounts %s", getLastErrorString( ) );
1234 #endif
1235 ret = RES_DB_QUERY_ERROR;
1236 }
1237 #ifdef USE_SYSLOG
1238 closelog( );
1239 #endif
1240 return ret;
1241 }
1242
1243 /**
1244 *
1245 * ?≪?????潟???脂??
1246 *
1247 * ???若?倶???宴?????若?帥???若?鴻???脂?蚊???障??鐚?/span>
1248 * ?脂?蚊???????若?倶???宴???綽????????若??D??uid???主????障??鐚?/span>
1249 *
1250 * @param sid ?祉???激?с??/span>
1251 * @param account ?脂?蚊?????≪?????潟??????/span>
1252 * @param uid ?脂?蚊?????≪?????潟?????宴???綽????????若??D
1253 * @return RES_OK
1254 * @return RES_NO_SUCH_SESSION
1255 * @return RES_DB_QUERY_ERROR
1256 * @return RES_DB_NOT_INITIALIZED
1257 *
1258 */
1259 result_t insertAccount( sessionid_t sid, const account_t* account, userid_t* uid )
1260 {
1261 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1262 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1263
1264 string sql;
1265 string tmp;
1266 char buf[ 12 ];
1267 SQLRETURN sqlcode;
1268 result_t ret = RES_ERROR;
1269
1270 /*
1271 1. insert user profile into xoops_users
1272 2. insert platform user profile into xnpaccount_users
1273 3. add user to default platform group
1274 4. create private index
1275 5. update account set private_index_id=...
1276 */
1277
1278 //1.xoops?????若?吟???若???????吾??莨若??
1279 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1280 SQLINTEGER user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1281 SQLDOUBLE timezone_offset;
1282
1283 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1284 SQLINTEGER cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1285
1286 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1287 string sql;
1288 sql = "INSERT INTO " + dbprefix + "_users (uname, name, email, url, user_avatar, user_regdate, user_icq, user_from, user_sig, user_viewemail, actkey, user_aim, user_yim, user_msnm, pass, posts, attachsig, rank, level, theme, timezone_offset, last_login, umode, uorder, notify_method, notify_mode, user_occ, bio, user_intrest, user_mailok) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, MD5(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
1289 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1290 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1291 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1292 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1293 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1294 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1295 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1296 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1297 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1298 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1299 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1300 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1301 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1302 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1303 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1304 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1305 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1306 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1307 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1308 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1309 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1310 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1311 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1312 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1313 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1314 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1315 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1316 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1317 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1318 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1319 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1320 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1321
1322 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1323 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1324 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1325 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1326 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1327 user_regdate = time( NULL );
1328 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1329 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1330 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1331 user_viewemail = account -> getUserViewemail( );
1332 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1333 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1334 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1335 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1336 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1337 posts = account -> getPosts( );
1338 attachsig = account -> getAttachsig( );
1339 rank = account -> getRank( );
1340 level = account -> getLevel( );
1341 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1342 timezone_offset = account -> getTimezoneOffset( );
1343 last_login = 0;
1344 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1345 uorder = account -> getUorder( );
1346 notify_method = account -> getNotifyMethod( );
1347 notify_mode = account -> getNotifyMode( );
1348 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1349 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1350 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1351 user_mailok = account -> getUserMailok( );
1352
1353 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1354 SQLINTEGER count = 0;
1355 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1356 //???若??D????緇?????
1357 sql = "SELECT LAST_INSERT_ID()";
1358 ret = queryGetUnsignedInt( "insertAccount", sql, (unsigned int*)uid );
1359 }else{
1360 string s( "SQLRowCount in insertAccount sql=" );
1361 s += string( sql );
1362 setLastErrorString( s.c_str( ) );
1363 ret = RES_DB_QUERY_ERROR;
1364 }
1365 }else{
1366 string s( "SQLExecute in insertAccount " );
1367 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1368 setLastErrorString( s.c_str( ) );
1369 ret = RES_DB_QUERY_ERROR;
1370 }
1371 }else{
1372 string s( "SQLPrepare in insertAccount " );
1373 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1374 setLastErrorString( s.c_str( ) );
1375 ret = RES_ERROR;
1376 }
1377 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1378 }else{
1379 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1380 ret = RES_ERROR;
1381 }
1382
1383 if( ret == RES_OK ){
1384 //2.xnpaccount?????若?吟???若??????????????宴???吾??莨若??
1385 SQLUINTEGER activate;
1386 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1387 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1388 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1389 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1390 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1391 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1392 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1393 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1394 SQLINTEGER cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1395 SQLINTEGER cbUid = 0, cbActivate = 0, cbNotice_mail = 0, cbNotice_mail_since = 0;
1396 SQLUINTEGER notice_mail;
1397 SQLUINTEGER notice_mail_since;
1398 if( ret == RES_OK && ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1399 string sql;
1400 sql = "INSERT INTO " + dbprefix + "_xnpaccount_users (uid, activate, address, division, tel, company_name, country, zipcode, fax, base_url, notice_mail, notice_mail_since) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )";
1401 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1402 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1403 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, uid, 0, &cbUid);
1404 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1405 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1406 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1407 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1408 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1409 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1410 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1411 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1412 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1413 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1414 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1415
1416 activate = account -> getActivate() ? 1 : 0;
1417 strncpy2( (char*)address, account -> getAddress(), XNP_ACCOUNT_ADDRESS_LEN );
1418 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1419 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1420 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1421 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1422 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1423 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1424 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1425 notice_mail = account -> getNoticeMail( );
1426 notice_mail_since = account -> getNoticeMailSince( );
1427
1428 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1429 SQLINTEGER count = 0;
1430 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1431 ret = RES_OK;
1432 if( ret == RES_OK ){
1433 //3.add new user to default group(not a group admin)
1434 ret = insertMember( sid, group_t::GID_DEFAULT, *uid, false );
1435 }else{
1436 //xoops_users??nsert???????潟?若???????ゃ????
1437 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1438 sql += unsignedIntToString( *uid );
1439 SQLHANDLE hstmt2 = NULL;
1440 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1441 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1442 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1443 }
1444 setLastErrorString( "insertMember in insertAccount" );
1445 ret = RES_DB_QUERY_ERROR;
1446 }
1447 }else{
1448 string s( "SQLRowCount in insertAccount sql=" );
1449 s += string( sql );
1450 setLastErrorString( s.c_str( ) );
1451 ret = RES_DB_QUERY_ERROR;
1452 }
1453 }else{
1454 string s( "SQLExecute in insertAccount " );
1455 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1456 setLastErrorString( s.c_str( ) );
1457 ret = RES_DB_QUERY_ERROR;
1458 }
1459 }else{
1460 //xoops_users??nsert???????潟?若???????ゃ????
1461 sql = "DELETE FROM " + dbprefix + "_users where uid=";
1462 sql += unsignedIntToString( *uid );
1463 SQLHANDLE hstmt2 = NULL;
1464 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1465 SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() );
1466 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
1467 }
1468 string s( "SQLExecDirect in insertAccount sql=" );
1469 s += string( sql );
1470 setLastErrorString( s.c_str( ) );
1471 ret = RES_DB_QUERY_ERROR;
1472 }
1473 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1474 }else{
1475 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertAccount" );
1476 ret = RES_ERROR;
1477 }
1478 }
1479
1480 if ( ret == RES_OK ){
1481 //4.private index??篏???
1482
1483 // private index????ort_number????
1484 string sql = "select min(sort_number) from " +
1485 dbprefix + "_xnpaccount_index where parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
1486 " and open_level=" + unsignedIntToString(index::OL_PRIVATE);
1487 unsigned int sortNumber;
1488 ret = queryGetUnsignedInt( "insertAccount", sql, &sortNumber );
1489 sortNumber--;
1490 if ( ret == RES_OK ){
1491 // private index篏???
1492 index_t index;
1493 index.setItemTypeID(item::ITID_INDEX);
1494 index.setContributorUID(*uid);
1495 index.setParentIndexID(item::IID_ROOT);
1496 index.setOwnerUID(*uid);
1497 index.setOpenLevel(index::OL_PRIVATE);
1498 index.setSortNumber(sortNumber);
1499 index.setTitle(account->getUname());
1500 indexid_t privateXID;
1501 ret = insertIndexInternal( sid, &index, &privateXID );
1502 if ( ret == RES_OK ){
1503 // xnpaccuont_users??rivate_index_id???吾??????
1504 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET private_index_id="
1505 + unsignedIntToString(privateXID) + " WHERE uid=" + unsignedIntToString(*uid);
1506 ret = querySimple( "insertAccount", sql );
1507 }
1508 }
1509 }
1510
1511 return ret;
1512 }
1513
1514 /**
1515 *
1516 * ?≪?????潟?????宴??紊??眼????.
1517 *
1518 *
1519 * @param sid ?祉???激?с??D
1520 * @param account 紊??眼???????≪?????潟??????/span>
1521 * @return RES_OK
1522 * @return RES_DB_NOT_INITIALIZED
1523 * @return RES_NO_SUCH_SESSION
1524 * @return RES_DB_QUERY_ERROR
1525 * @return RES_NO_SUCH_USER
1526 * @return RES_ERROR
1527 *
1528 */
1529 result_t updateAccount( sessionid_t sid, const account_t* account )
1530 {
1531 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1532 if( account == NULL ) return RES_ERROR;
1533 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1534 if( !uidExists( account -> getUID( ) ) ) return RES_NO_SUCH_USER;
1535
1536 SQLRETURN sqlcode;
1537 result_t ret = RES_ERROR;
1538 SQLHANDLE hstmt = NULL;
1539
1540 //xoops?????若?吟???若???????吾??莨若??
1541 SQLCHAR uname[ACCOUNT_UNAME_LEN+1], name[ACCOUNT_NAME_LEN+1], email[ACCOUNT_EMAIL_LEN+1], url[ACCOUNT_URL_LEN+1], user_avatar[ACCOUNT_USER_AVATAR_LEN+1], user_icq[ACCOUNT_USER_ICQ_LEN+1], user_from[ACCOUNT_USER_FROM_LEN+1], user_sig[ACCOUNT_USER_SIG_LEN+1], actkey[ACCOUNT_ACTKEY_LEN+1], user_aim[ACCOUNT_USER_AIM_LEN+1], user_yim[ACCOUNT_USER_YIM_LEN+1], user_msnm[ACCOUNT_USER_MSNM_LEN+1], pass[ACCOUNT_PASS_LEN+1], theme[ACCOUNT_THEME_LEN+1], umode[ACCOUNT_UMODE_LEN+1], user_occ[ACCOUNT_USER_OCC_LEN+1], bio[ACCOUNT_BIO_LEN+1], user_intrest[ACCOUNT_USER_INTREST_LEN+1];
1542 SQLINTEGER uid, user_regdate, user_viewemail, posts, attachsig, rank, level, last_login, uorder, notify_method, notify_mode, user_mailok;
1543 SQLDOUBLE timezone_offset;
1544
1545 SQLINTEGER cbUname = SQL_NTS, cbName = SQL_NTS, cbEmail = SQL_NTS, cbUrl = SQL_NTS, cbUser_avatar = SQL_NTS, cbUser_icq = SQL_NTS, cbUser_from = SQL_NTS, cbUser_sig = SQL_NTS, cbActkey = SQL_NTS, cbUser_aim = SQL_NTS, cbUser_yim = SQL_NTS, cbUser_msnm = SQL_NTS, cbPass = SQL_NTS, cbTheme = SQL_NTS, cbUmode = SQL_NTS, cbUser_occ = SQL_NTS, cbBio = SQL_NTS, cbUser_intrest = SQL_NTS;
1546 SQLINTEGER cbUid = 0, cbUser_regdate = 0, cbUser_viewemail = 0, cbPosts = 0, cbAttachsig = 0, cbRank = 0, cbLevel = 0, cbLast_login = 0, cbUorder = 0, cbNotify_method = 0, cbNotify_mode = 0, cbUser_mailok = 0, cbTimezone_offset = 0;
1547
1548 SQLUINTEGER activate;
1549 SQLCHAR address[XNP_ACCOUNT_ADDRESS_LEN+1];
1550 SQLCHAR division[XNP_ACCOUNT_DIVISION_LEN+1];
1551 SQLCHAR tel[XNP_ACCOUNT_TEL_LEN+1];
1552 SQLCHAR company_name[XNP_ACCOUNT_COMPANY_NAME_LEN+1];
1553 SQLCHAR country[XNP_ACCOUNT_COUNTRY_LEN+1];
1554 SQLCHAR zipcode[XNP_ACCOUNT_ZIPCODE_LEN+1];
1555 SQLCHAR fax[XNP_ACCOUNT_FAX_LEN+1];
1556 SQLCHAR base_url[XNP_ACCOUNT_BASE_URL_LEN+1];
1557 SQLINTEGER cbActivate = 0, cbAddress = SQL_NTS, cbDivision = SQL_NTS, cbTel = SQL_NTS, cbCompany_name = SQL_NTS, cbCountry = SQL_NTS, cbZipcode = SQL_NTS, cbFax = SQL_NTS, cbBase_url = SQL_NTS;
1558 SQLUINTEGER notice_mail, notice_mail_since;
1559 SQLINTEGER cbNotice_mail = 0, cbNotice_mail_since = 0;
1560
1561 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1562 string sql;
1563
1564 sql = "UPDATE " + dbprefix + "_users SET ";
1565 sql += "uname=?";
1566 sql += ", name=?";
1567 sql += ", email=?";
1568 sql += ", url=?";
1569 sql += ", user_avatar=?";
1570 sql += ", user_regdate=?";
1571 sql += ", user_icq=?";
1572 sql += ", user_from=?";
1573 sql += ", user_sig=?";
1574 sql += ", user_viewemail=?";
1575 sql += ", actkey=?";
1576 sql += ", user_aim=?";
1577 sql += ", user_yim=?";
1578 sql += ", user_msnm=?";
1579 sql += ", pass=?";
1580 sql += ", posts=?";
1581 sql += ", attachsig=?";
1582 sql += ", rank=?";
1583 sql += ", level=?";
1584 sql += ", theme=?";
1585 sql += ", timezone_offset=?";
1586 sql += ", last_login=?";
1587 sql += ", umode=?";
1588 sql += ", uorder=?";
1589 sql += ", notify_method=?";
1590 sql += ", notify_mode=?";
1591 sql += ", user_occ=?";
1592 sql += ", bio=?";
1593 sql += ", user_intrest=?";
1594 sql += ", user_mailok=? ";
1595 sql += " WHERE uid = ?";
1596
1597 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1598 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1599 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UNAME_LEN, 0, uname, 0, &cbUname );
1600 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_NAME_LEN, 0, name, 0, &cbName );
1601 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_EMAIL_LEN, 0, email, 0, &cbEmail );
1602 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_URL_LEN, 0, url, 0, &cbUrl );
1603 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AVATAR_LEN, 0, user_avatar, 0, &cbUser_avatar );
1604 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_regdate, 0, &cbUser_regdate );
1605 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_ICQ_LEN, 0, user_icq, 0, &cbUser_icq );
1606 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_FROM_LEN, 0, user_from, 0, &cbUser_from );
1607 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_SIG_LEN, 0, user_sig, 0, &cbUser_sig );
1608 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_viewemail, 0, &cbUser_viewemail );
1609 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_ACTKEY_LEN, 0, actkey, 0, &cbActkey );
1610 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_AIM_LEN, 0, user_aim, 0, &cbUser_aim );
1611 SQLBindParameter(hstmt, 13, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_YIM_LEN, 0, user_yim, 0, &cbUser_yim );
1612 SQLBindParameter(hstmt, 14, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_MSNM_LEN, 0, user_msnm, 0, &cbUser_msnm );
1613 SQLBindParameter(hstmt, 15, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_PASS_LEN, 0, pass, 0, &cbPass );
1614 SQLBindParameter(hstmt, 16, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &posts, 0, &cbPosts );
1615 SQLBindParameter(hstmt, 17, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &attachsig, 0, &cbAttachsig );
1616 SQLBindParameter(hstmt, 18, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &rank, 0, &cbRank );
1617 SQLBindParameter(hstmt, 19, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &level, 0, &cbLevel );
1618 SQLBindParameter(hstmt, 20, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_THEME_LEN, 0, theme, 0, &cbTheme );
1619 SQLBindParameter(hstmt, 21, SQL_PARAM_INPUT, SQL_C_DOUBLE, SQL_DOUBLE, 0, 0, &timezone_offset, 0, &cbTimezone_offset );
1620 SQLBindParameter(hstmt, 22, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &last_login, 0, &cbLast_login );
1621 SQLBindParameter(hstmt, 23, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_UMODE_LEN, 0, umode, 0, &cbUmode );
1622 SQLBindParameter(hstmt, 24, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uorder, 0, &cbUorder );
1623 SQLBindParameter(hstmt, 25, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_method, 0, &cbNotify_method );
1624 SQLBindParameter(hstmt, 26, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &notify_mode, 0, &cbNotify_mode );
1625 SQLBindParameter(hstmt, 27, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_OCC_LEN, 0, user_occ, 0, &cbUser_occ );
1626 SQLBindParameter(hstmt, 28, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_BIO_LEN, 0, bio, 0, &cbBio );
1627 SQLBindParameter(hstmt, 29, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, ACCOUNT_USER_INTREST_LEN, 0, user_intrest, 0, &cbUser_intrest );
1628 SQLBindParameter(hstmt, 30, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &user_mailok, 0, &cbUser_mailok );
1629 SQLBindParameter(hstmt, 31, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1630
1631 strncpy2( (char*)uname, account -> getUname( ), ACCOUNT_UNAME_LEN );
1632 strncpy2( (char*)name, account -> getName( ), ACCOUNT_NAME_LEN );
1633 strncpy2( (char*)email, account -> getEmail( ), ACCOUNT_EMAIL_LEN );
1634 strncpy2( (char*)url, account -> getURL( ), ACCOUNT_URL_LEN );
1635 strncpy2( (char*)user_avatar, account -> getUserAvatar( ), ACCOUNT_USER_AVATAR_LEN );
1636 user_regdate = time( NULL );
1637 strncpy2( (char*)user_icq, account -> getUserIcq( ), ACCOUNT_USER_ICQ_LEN );
1638 strncpy2( (char*)user_from, account -> getUserFrom( ), ACCOUNT_USER_FROM_LEN );
1639 strncpy2( (char*)user_sig, account -> getUserSig( ), ACCOUNT_USER_SIG_LEN );
1640 user_viewemail = account -> getUserViewemail( );
1641 strncpy2( (char*)actkey, account -> getActkey( ), ACCOUNT_ACTKEY_LEN );
1642 strncpy2( (char*)user_aim, account -> getUserAim( ), ACCOUNT_USER_AIM_LEN );
1643 strncpy2( (char*)user_yim, account -> getUserYim( ), ACCOUNT_USER_YIM_LEN );
1644 strncpy2( (char*)user_msnm, account -> getUserMsnm( ), ACCOUNT_USER_MSNM_LEN );
1645 strncpy2( (char*)pass, account -> getPass( ), ACCOUNT_PASS_LEN );
1646 posts = account -> getPosts( );
1647 attachsig = account -> getAttachsig( );
1648 rank = account -> getRank( );
1649 level = account -> getLevel( );
1650 strncpy2( (char*)theme, account -> getTheme( ), ACCOUNT_THEME_LEN );
1651 timezone_offset = account -> getTimezoneOffset( );
1652 last_login = 0;
1653 strncpy2( (char*)umode, account -> getUmode( ), ACCOUNT_UMODE_LEN );
1654 uorder = account -> getUorder( );
1655 notify_method = account -> getNotifyMethod( );
1656 notify_mode = account -> getNotifyMode( );
1657 strncpy2( (char*)user_occ, account -> getUserOcc( ), ACCOUNT_USER_OCC_LEN );
1658 strncpy2( (char*)bio, account -> getBio( ), ACCOUNT_BIO_LEN );
1659 strncpy2( (char*)user_intrest, account -> getUserIntrest( ), ACCOUNT_USER_INTREST_LEN );
1660 user_mailok = account -> getUserMailok( );
1661 uid = account -> getUID( );
1662
1663 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1664 SQLINTEGER count = 0;
1665 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1666 ret = RES_OK;
1667 }else{
1668 string s( "SQLRowCount in updateAccount sql=" );
1669 s += string( sql );
1670 setLastErrorString( s.c_str( ) );
1671 ret = RES_DB_QUERY_ERROR;
1672 }
1673 }else{
1674 string s( "SQLExecute in updateAccount 1 " );
1675 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1676 setLastErrorString( s.c_str( ) );
1677 ret = RES_DB_QUERY_ERROR;
1678 }
1679 }else{
1680 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1681 ret = RES_ERROR;
1682 }
1683 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1684 hstmt = NULL;
1685 }else{
1686 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1687 ret = RES_ERROR;
1688 }
1689
1690 if( ret != RES_OK ){
1691 return ret;
1692 }
1693
1694 //xnpaccount?????若?吟???若??????????????宴??筝??吾??????
1695 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1696 string sql;
1697
1698 sql = "UPDATE " + dbprefix + "_xnpaccount_users SET ";
1699 sql += "activate=?, ";
1700 sql += "address=?, ";
1701 sql += "division=?, ";
1702 sql += "tel=?, ";
1703 sql += "company_name=?, ";
1704 sql += "country=?, ";
1705 sql += "zipcode=?, ";
1706 sql += "fax=?, ";
1707 sql += "base_url=?, ";
1708 sql += "notice_mail=?, ";
1709 sql += "notice_mail_since=? ";
1710 sql += "WHERE uid=?";
1711
1712 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
1713 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
1714 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &activate, 0, &cbActivate);
1715 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ADDRESS_LEN, 0, address, 0, &cbAddress);
1716 SQLBindParameter(hstmt, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_DIVISION_LEN, 0, division, 0, &cbDivision);
1717 SQLBindParameter(hstmt, 4, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_TEL_LEN, 0, tel, 0, &cbTel);
1718 SQLBindParameter(hstmt, 5, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COMPANY_NAME_LEN, 0, company_name, 0, &cbCompany_name);
1719 SQLBindParameter(hstmt, 6, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_COUNTRY_LEN, 0, country, 0, &cbCountry);
1720 SQLBindParameter(hstmt, 7, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_ZIPCODE_LEN, 0, zipcode, 0, &cbZipcode);
1721 SQLBindParameter(hstmt, 8, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_FAX_LEN, 0, fax, 0, &cbFax);
1722 SQLBindParameter(hstmt, 9, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_ACCOUNT_BASE_URL_LEN, 0, base_url, 0, &cbBase_url);
1723 SQLBindParameter(hstmt, 10, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail, 0, &cbNotice_mail);
1724 SQLBindParameter(hstmt, 11, SQL_PARAM_INPUT, SQL_C_SSHORT, SQL_INTEGER, 0, 0, &notice_mail_since, 0, &cbNotice_mail_since);
1725 SQLBindParameter(hstmt, 12, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &uid, 0, &cbUid );
1726
1727 activate = account -> getActivate() ? 1 : 0;
1728 strncpy2( (char*)address, account -> getAddress( ) , XNP_ACCOUNT_ADDRESS_LEN );
1729 strncpy2( (char*)division, account -> getDivision(), XNP_ACCOUNT_DIVISION_LEN );
1730 strncpy2( (char*)tel, account -> getTel(), XNP_ACCOUNT_TEL_LEN );
1731 strncpy2( (char*)company_name, account -> getCompanyName(), XNP_ACCOUNT_COMPANY_NAME_LEN );
1732 strncpy2( (char*)country, account -> getCountry(), XNP_ACCOUNT_COUNTRY_LEN );
1733 strncpy2( (char*)zipcode, account -> getZipcode(), XNP_ACCOUNT_ZIPCODE_LEN );
1734 strncpy2( (char*)fax, account -> getFax(), XNP_ACCOUNT_FAX_LEN );
1735 strncpy2( (char*)base_url, account -> getBaseURL(), XNP_ACCOUNT_BASE_URL_LEN );
1736 notice_mail = account -> getNoticeMail( );
1737 notice_mail_since = account -> getNoticeMailSince( );
1738 uid = account -> getUID( );
1739
1740 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
1741 SQLINTEGER count = 0;
1742 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
1743 ret = RES_OK;
1744 }else{
1745 string s( "SQLRowCount in updateAccount sql=" );
1746 s += string( sql );
1747 setLastErrorString( s.c_str( ) );
1748 ret = RES_DB_QUERY_ERROR;
1749 }
1750 }else{
1751 string s( "SQLExecute in updateAccount 2 " );
1752 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1753 setLastErrorString( s.c_str( ) );
1754 ret = RES_DB_QUERY_ERROR;
1755 }
1756 }else{
1757 setLastErrorString( "SQLPrepare in updateAccount sql=" );
1758 ret = RES_ERROR;
1759 }
1760 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1761 }else{
1762 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateAccount" );
1763 ret = RES_ERROR;
1764 }
1765 return ret;
1766 }
1767
1768 /**
1769 *
1770 * criteria_t?ф??絎???????膀??蚊?????若??D??菴???.
1771 * ???若??D????????腆坂????????????吾??莨若?随????????≪?????鴻??*uids???吾??莨若??.
1772 * ???????泣?ゃ?冴??*uidsLen???吾??莨若??
1773 *
1774 * @param sid ?祉???激?с??D
1775 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1776 * @param uids ???若?吟??ID?????????阪????
1777 * @param uidsLen uids???????膣??違???阪????
1778 * @return RES_OK
1779 * @return RES_DB_NOT_INITIALIZED
1780 * @return RES_NO_SUCH_SESSION
1781 * @return RES_DB_QUERY_ERROR
1782 *
1783 */
1784 result_t dumpUids( sessionid_t sid, criteria_t* cri, userid_t** uids, int* uidsLen )
1785 {
1786 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1787 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1788
1789 #ifdef USE_SYSLOG
1790 openlog( "commonal", LOG_ODELAY, LOG_USER );
1791 #endif
1792
1793 result_t ret = RES_ERROR;
1794 userid_t* dst = 0;
1795 string sql;
1796 SQLRETURN sqlcode;
1797 SQLINTEGER count = 0;
1798
1799
1800 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_users ";
1801 sql += criteria2str( cri );
1802 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1803 *uidsLen = count;
1804 dst = new userid_t[ *uidsLen ];
1805 *uids = dst;
1806 }else{
1807 return RES_ERROR;
1808 }
1809 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1810 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1811 userid_t uid = 0;
1812 SQLINTEGER len = 0;
1813 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
1814
1815 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
1816 dst[ i ] = uid;
1817 }
1818
1819 #ifdef USE_SYSLOG
1820 syslog( LOG_DEBUG, "dumpUids succeed" );
1821 #endif
1822 ret = RES_OK;
1823 }else{
1824 string s( "SQLExecDirect in dumpUids " );
1825 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1826 s += "sql=";
1827 s += string( sql );
1828 setLastErrorString( s.c_str( ) );
1829 #ifdef USE_SYSLOG
1830 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1831 #endif
1832 ret = RES_DB_QUERY_ERROR;
1833 }
1834 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1835 }else{
1836 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in dumpUids" );
1837 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1838 setLastErrorString( s.c_str( ) );
1839 #ifdef USE_SYSLOG
1840 syslog( LOG_DEBUG, "dumpUids %s", getLastErrorString( ) );
1841 #endif
1842 ret = RES_ERROR;
1843 }
1844 return ret;
1845 }
1846
1847 /**
1848 *
1849 * ?違???若???違??菴???.
1850 * 筝?罩c???祉???激?с??D????0??菴???.
1851 *
1852 * @param sid ?祉???激?с??D
1853 * @return ?違???若????/span>
1854 *
1855 */
1856 int getGroupCount( sessionid_t sid )
1857 {
1858 if( hdbc == NULL ) return 0;
1859 if( !isValidSessionID( sid ) ) return 0;
1860
1861 SQLRETURN sqlcode;
1862 SQLHANDLE hstmt = NULL;
1863 string sql;
1864 int ret = 0;
1865
1866 //?違???若???違??羆?????
1867 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups";
1868 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1869 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1870 SQLUINTEGER count = 0;
1871 SQLINTEGER len = 0;
1872 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
1873 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
1874 ret = count;
1875 }else {
1876 string s( "SQLFetch in getGroupCount sql=" );
1877 s += string( sql );
1878 setLastErrorString( s.c_str( ) );
1879 ret = 0;
1880 }
1881 }else{
1882 setLastErrorString( "SQLExecDirect in getGroupCount" );
1883 ret = 0;
1884 }
1885 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
1886 }else{
1887 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroupCount" );
1888 ret = 0;
1889 }
1890 return ret;
1891 }
1892
1893 /**
1894 *
1895 * ??絮??違???若??筝?荀у??.
1896 * ???若?吟????絮??????????違???若????D????緇?????
1897 *
1898 * @param sid ?祉???激?с??D
1899 * @param uid ???若?吟??ID
1900 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
1901 * @param gids ?違???若??ID?????????阪????
1902 * @param gidsLen gids???????膣??違???阪????
1903 * @return RES_DB_NOT_INITIALIZED
1904 * @return RES_NO_SUCH_SESSION
1905 * @return RES_NO_SUCH_USER
1906 * @return RES_DB_QUERY_ERROR
1907 * @return RES_OK
1908 *
1909 */
1910 result_t getGroupsByUid( sessionid_t sid, userid_t uid, criteria_t* cri, groupid_t** gids, int* gidsLen )
1911 {
1912 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
1913 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
1914 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
1915
1916 result_t ret = RES_ERROR;
1917 string sql;
1918 SQLRETURN sqlcode;
1919 SQLHANDLE hstmt = NULL;
1920 SQLINTEGER count = 0;
1921 groupid_t* dst = 0;
1922 int len = 0;
1923
1924 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups_users_link";
1925 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1926 sql += criteria2str( cri );
1927 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
1928 *gidsLen = count;
1929 dst = new groupid_t[ *gidsLen ];
1930 *gids = dst;
1931 }else{
1932 return RES_ERROR;
1933 }
1934
1935 //??絮??????違???若??????紊у???違??羆?????
1936 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
1937 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1938 if( count > 0 ){
1939 SQLHANDLE hstmt2 = NULL;
1940 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
1941 sql = "SELECT gid, uid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link";
1942 sql += " WHERE uid=" + string( unsignedIntToString( uid ) );
1943 sql += criteria2str( cri );
1944 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
1945 SQLINTEGER len = 0;
1946 groupid_t gid = 0;
1947 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
1948 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
1949 dst[ i ] = gid;
1950 }
1951 ret = RES_OK;
1952 }else{
1953 string s( "SQLExecDirect in getGroupsByUid " );
1954 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1955 s += string( ", sql=" ) + string( sql );
1956 ret = RES_DB_QUERY_ERROR;
1957 }
1958 }else{
1959 string s( "SQLAllocHandle in getGroupsByUid " );
1960 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
1961 ret = RES_ERROR;
1962 }
1963 }else{
1964 ret = RES_OK;
1965 }
1966 }else{
1967 string s( "SQLExecDirect in getGroupsByUid " );
1968 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
1969 s += string( ", sql=" ) + string( sql );
1970 ret = RES_DB_QUERY_ERROR;
1971 }
1972 }else{
1973 string s( "SQLAllocHandle in getGroupsByUid " );
1974 setLastErrorString( s.c_str( ) );
1975 ret = RES_ERROR;
1976 }
1977 return ret;
1978 }
1979
1980 /**
1981 *
1982 * ?違???若??膊∞??罔????????.
1983 * ???若?吟?????若???????罔???????????(?違???若??膊∞?????с??????)????????????.
1984 * ???若?吟???違???若????絖????????????????医幻???翫??鐚?false??菴???.
1985 *
1986 * @param sid ?祉???激?с??D
1987 * @param gid ?違???若????ID
1988 * @param uid ???若?吟??ID
1989 * @return true 膊∞??罔???????
1990 * @return false 膊∞??罔???????鐚??障???????/span>
1991 *
1992 */
1993 bool isGroupAdmin( sessionid_t sid, groupid_t gid, userid_t uid )
1994 {
1995 if( hdbc == NULL ) return false;
1996 if( !isValidSessionID( sid ) ) return false;
1997 if( !uidExists( uid ) ) return false;
1998 if( !gidExists( gid ) ) return false;
1999
2000 bool ret = false;
2001 string sql;
2002 SQLRETURN sqlcode;
2003 SQLINTEGER count = 0;
2004
2005 sql = "SELECT * FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2006 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2007 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2008 sql += " AND is_admin=1";
2009 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2010 if( count > 0 ){
2011 ret = true;
2012 }else{
2013 ret = false;
2014 }
2015 }else{
2016 ret = false;
2017 }
2018 return ret;
2019 }
2020
2021 /**
2022 *
2023 * ?違???若??ID筝?荀?
2024 * ?脂?蚊???????????違???若????D筝?荀с????緇?????.
2025 *
2026 * @param sid ?祉???激?с??D
2027 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2028 * @param gids ?違???若??ID?????????阪????
2029 * @param gidsLen gids???????膣??違???阪????
2030 * @return RES_DB_NOT_INITIALIZED
2031 * @return RES_NO_SUCH_SESSION
2032 * @return RES_DB_QUERY_ERROR
2033 * @return RES_OK
2034 *
2035 */
2036 result_t dumpGids( sessionid_t sid, criteria_t* cri, groupid_t** gids, int* gidsLen )
2037 {
2038 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2039 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2040
2041 result_t ret = RES_ERROR;
2042 groupid_t* dst = 0;
2043 string sql;
2044 SQLRETURN sqlcode;
2045 SQLINTEGER count = 0;
2046
2047 sql = "SELECT gid FROM " + dbprefix + "_xnpaccount_groups ";
2048 sql += criteria2str( cri );
2049 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2050 *gidsLen = count;
2051 dst = new groupid_t[ *gidsLen ];
2052 *gids = dst;
2053 }else{
2054 return RES_ERROR;
2055 }
2056
2057 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2058 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2059 groupid_t gid = 0;
2060 SQLINTEGER len = 0;
2061 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2062 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *gidsLen ; i++ ){
2063 dst[ i ] = gid;
2064 }
2065
2066 ret = RES_OK;
2067 }else{
2068 string s( "SQLExecDirect in dumpGids " );
2069 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2070 s += "sql=";
2071 s += string( sql );
2072 setLastErrorString( s.c_str( ) );
2073 ret = RES_DB_QUERY_ERROR;
2074 }
2075 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2076 }
2077 return ret;
2078 }
2079
2080 /**
2081 *
2082 * ?違???若??膊∞????ID????緇?????.
2083 * ?????違???若??????????????若??D????緇?????.
2084 *
2085 * @param sid ?祉???激?с??D
2086 * @param gid ???????????違???若????ID?ф??絎?????
2087 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2088 * @param uids 膊∞??????ID???????????????????ゃ?潟??/span>
2089 * @param uidsLen uids???????膣???/span>
2090 * @return RES_OK
2091 * @return RES_DB_NOT_INITIALIZED
2092 * @return RES_NO_SUCH_SESSION
2093 * @return RES_DB_QUERY_ERROR
2094 * @return RES_ERROR
2095 *
2096 */
2097 result_t dumpGroupAdmins( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2098 {
2099 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2100 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2101
2102 result_t ret = RES_ERROR;
2103 groupid_t* dst = 0;
2104 string sql;
2105 SQLRETURN sqlcode;
2106 SQLINTEGER count = 0;
2107
2108 sql = "SELECT uid FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2109 sql += " WHERE is_admin=1 and gid=" + unsignedIntToString( gid );
2110 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2111 *uidsLen = count;
2112 *uids = new groupid_t[ *uidsLen ];
2113 }else{
2114 return RES_ERROR;
2115 }
2116 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2117 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2118 userid_t uid;
2119 SQLINTEGER len = 0;
2120 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2121 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < *uidsLen ; i++ ){
2122 (*uids)[ i ] = uid;
2123 }
2124 ret = RES_OK;
2125 }else{
2126 string s( "SQLExecDirect in dumpGroupAdmins " );
2127 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2128 s += "sql=";
2129 s += string( sql );
2130 setLastErrorString( s.c_str( ) );
2131 ret = RES_DB_QUERY_ERROR;
2132 }
2133 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2134 }
2135 return ret;
2136 }
2137
2138 /**
2139 *
2140 * ?違???若????絮????若?九????
2141 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2142 * ???????????違???若???????????ゃ?с??????
2143 *
2144 * @param sid ?祉???激?с??D
2145 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2146 * @param uid ???ゅ?莟<?????若?吟??D
2147 * @return RES_DB_NOT_INITIALIZED
2148 * @return RES_NO_SUCH_SESSION
2149 * @return RES_NO_SUCH_USER
2150 * @return RES_NO_SUCH_GROUP
2151 * @return RES_DB_QUERY_ERROR
2152 * @return RES_OK
2153 * @return RES_ERROR
2154 *
2155 */
2156 result_t deleteMember( sessionid_t sid, groupid_t gid, userid_t uid )
2157 {
2158 if( gid == group_t::GID_DEFAULT ) return RES_ERROR;
2159 return deleteMemberNoLimit( sid, gid, uid );
2160 }
2161
2162 /**
2163 *
2164 * ?違???若????絮????若?九????
2165 * ?違???若??????絮????????若?吟??鐚??違???若?????????ゃ????.
2166 * ???????????違???若???????????ゃ?с?????鴻??鐚?deleteMember???違????
2167 *
2168 * @param sid ?祉???激?с??D
2169 * @param gid ?????違???若?????????ゃ??????????絎??????違???若??ID
2170 * @param uid ???ゅ?莟<?????若?吟??D
2171 * @return RES_DB_NOT_INITIALIZED
2172 * @return RES_NO_SUCH_SESSION
2173 * @return RES_NO_SUCH_USER
2174 * @return RES_NO_SUCH_GROUP
2175 * @return RES_DB_QUERY_ERROR
2176 * @return RES_OK
2177 * @return RES_ERROR
2178 *
2179 */
2180 static result_t deleteMemberNoLimit( sessionid_t sid, groupid_t gid, userid_t uid )
2181 {
2182 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2183 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2184 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2185 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2186
2187 result_t ret = RES_ERROR;
2188 string sql;
2189 SQLRETURN sqlcode;
2190 SQLHANDLE hstmt = NULL;
2191
2192 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2193 sql += "WHERE gid=" + string( unsignedIntToString( gid ) );
2194 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2195 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2196 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2197 SQLINTEGER count = 0;
2198 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2199 ret = RES_OK;
2200 }else{
2201 string s( "SQLRowCount in deleteMember" );
2202 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2203 s += string( ", sql=" ) + string( sql );
2204 setLastErrorString( s.c_str( ) );
2205 ret = RES_NO_SUCH_USER;
2206 }
2207 }else{
2208 string s( "SQLExecDirect in deleteMember" );
2209 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2210 s += ", sql=";
2211 s += string( sql );
2212 setLastErrorString( s.c_str( ) );
2213 ret = RES_DB_QUERY_ERROR;
2214 }
2215 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2216 }else{
2217 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteMember" );
2218 ret = RES_ERROR;
2219 }
2220 return ret;
2221 }
2222
2223 /**
2224 *
2225 * ?違???若????絮????若?区申??.
2226 * ?違???若?????<?潟???若?????若?吟??菴遵??????.
2227 *
2228 * @param sid ?祉???激?с??D
2229 * @param gid ??絮????違???若????D
2230 * @param uid ??絮??????????若?吟??D
2231 * @param admin 膊∞????罔?????筝?????????true
2232 * @return RES_OK
2233 * @return RES_DB_NOT_INITIALIZED
2234 * @return RES_NO_SUCH_SESSION
2235 * @return RES_NO_SUCH_USER
2236 * @return RES_NO_SUCH_GROUP
2237 * @return RES_DB_QUERY_ERROR
2238 *
2239 */
2240 result_t insertMember( sessionid_t sid, groupid_t gid, userid_t uid, bool admin )
2241 {
2242 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2243 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2244 if( !uidExists( uid ) ) return RES_NO_SUCH_USER; //uid??????????с????/span>
2245 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2246
2247 result_t ret = RES_ERROR;
2248 string sql;
2249 SQLRETURN sqlcode;
2250
2251 //?<?潟???若??菴遵??
2252 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2253 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups_users_link ( gid, uid, is_admin ) VALUES (";
2254 sql += string( unsignedIntToString( gid ) ) + ", ";
2255 sql += string( unsignedIntToString( uid ) ) + ", ";
2256 sql += string( admin ? "1" : "0" ) + ") ";
2257 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2258 SQLINTEGER count = 0;
2259 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2260 ret = RES_OK;
2261 }else{
2262 string s( "SQLRowCount in insertMember " );
2263 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2264 s += string( ", sql=" ) + string( sql );
2265 setLastErrorString( s.c_str( ) );
2266 ret = RES_DB_QUERY_ERROR;
2267 }
2268 }else{
2269 string s( "SQLExecDirect in insertMember " );
2270 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2271 s += string( ", sql=" ) + string( sql );
2272 setLastErrorString( s.c_str( ) );
2273 ret = RES_DB_QUERY_ERROR;
2274 }
2275 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2276 }else{
2277 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertMember" );
2278 ret = RES_ERROR;
2279 }
2280 return ret;
2281 }
2282
2283 /**
2284 *
2285 * ?違???若????絮????若?九??.
2286 * ?????違???若??????絮????????????若?吟?????若??D????緇?????
2287 *
2288 * @param sid ?祉???激?с??D
2289 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2290 * @param cri 腟???????我??絎?鐚??純?若???>散??絎?
2291 * @param uids ??絮????若?吟??ID???????????????????ゃ?潟??/span>
2292 * @param uidsLen uids???????膣???/span>
2293 * @return RES_OK
2294 * @return RES_DB_NOT_INITIALIZED
2295 * @return RES_NO_SUCH_SESSION
2296 * @return RES_NO_SUCH_GROUP
2297 * @return RES_DB_QUERY_ERROR
2298 * @return RES_ERROR
2299 *
2300 */
2301 result_t getMembers( sessionid_t sid, groupid_t gid, criteria_t* cri, userid_t** uids, int* uidsLen )
2302 {
2303 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2304 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2305 if( !gidExists( gid ) ) return RES_NO_SUCH_GROUP; //gid??????????с????/span>
2306
2307 result_t ret = RES_ERROR;
2308 string sql;
2309 SQLRETURN sqlcode;
2310 SQLHANDLE hstmt = NULL;
2311 userid_t* dst = 0;
2312
2313 //how many members ?
2314 sql = "SELECT COUNT(*) FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2315 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2316 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2317 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2318 SQLUINTEGER count = 0;
2319 SQLINTEGER len = 0;
2320 SQLBindCol( hstmt, 1, SQL_C_ULONG, &count, 0, &len );
2321 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2322 dst = new userid_t[ count ];
2323 *uids = dst;
2324 *uidsLen = count;
2325 if( count > 0 ){
2326 //retrieve member's IDs
2327 SQLHANDLE hstmt2 = NULL;
2328 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt2 ) ) == SQL_SUCCESS ) {
2329 sql = "SELECT uid, gid, is_admin FROM " + dbprefix + "_xnpaccount_groups_users_link ";
2330 sql += " WHERE gid=" + string( unsignedIntToString( gid ) );
2331 sql += " " + string( criteria2str( cri ) );
2332 if( ( sqlcode = SQLExecDirect( hstmt2, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2333 SQLUINTEGER uid = 0;
2334 SQLINTEGER len = 0;
2335 SQLBindCol( hstmt2, 1, SQL_C_ULONG, &uid, 0, &len );
2336 for( int i = 0; ( sqlcode = SQLFetch( hstmt2 ) ) == SQL_SUCCESS && i < count ; i++ ){
2337 dst[ i ] = uid;
2338 }
2339 ret = RES_OK;
2340 }else{
2341 setLastErrorString( "SQLExecDirect in getMembers" );
2342 ret = RES_DB_QUERY_ERROR;
2343 }
2344 SQLFreeHandle( SQL_HANDLE_STMT, hstmt2 );
2345 }else{
2346 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2347 ret = RES_ERROR;
2348 }
2349 }else{
2350 ret = RES_OK;
2351 }
2352 }else{
2353 string s( "SQLFetch in getMembers sql=" );
2354 s += string( sql );
2355 setLastErrorString( s.c_str( ) );
2356 ret = RES_DB_QUERY_ERROR;
2357 }
2358 }else{
2359 setLastErrorString( "SQLExecDirect in getMembers" );
2360 ret = RES_DB_QUERY_ERROR;
2361 }
2362 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2363 }else{
2364 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getMembers" );
2365 ret = RES_ERROR;
2366 }
2367 return ret;
2368 }
2369
2370 /**
2371 *
2372 * ?違???若????????
2373 * ???若?帥???若?鴻?????違???若???????ゃ???障??.
2374 *
2375 * @param sid ?祉???激?с??D
2376 * @param gid ?????違???若??????絮????若?吟?????????????????違???若????ID?ф??絎?
2377 * @return RES_OK
2378 * @return RES_DB_QUERY_ERROR
2379 * @return RES_NO_SUCH_SESSION
2380 * @return RES_DB_NOT_INITIALIZED
2381 *
2382 */
2383 result_t deleteGroup( sessionid_t sid, groupid_t gid )
2384 {
2385 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2386 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2387
2388 result_t ret = RES_ERROR;
2389 string sql;
2390 SQLRETURN sqlcode;
2391 SQLHANDLE hstmt = NULL;
2392
2393 sql = "DELETE FROM " + dbprefix + "_xnpaccount_groups ";
2394 sql += "WHERE gid = " + string( unsignedIntToString( gid ) );
2395 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2396 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2397 SQLINTEGER count = 0;
2398 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2399 ret = RES_OK;
2400 }else{
2401 string s( "SQLRowCount in deleteGroup" );
2402 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2403 s += string( ", sql=" ) + string( sql );
2404 setLastErrorString( s.c_str( ) );
2405 ret = RES_NO_SUCH_USER;
2406 }
2407 }else{
2408 string s( "SQLExecDirect in deleteGroup" );
2409 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2410 s += ", sql=";
2411 s += string( sql );
2412 setLastErrorString( s.c_str( ) );
2413 ret = RES_DB_QUERY_ERROR;
2414 }
2415 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2416 }else{
2417 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in deleteGroup" );
2418 ret = RES_ERROR;
2419 }
2420 return ret;
2421 }
2422
2423 /**
2424 *
2425 * ?違???若???脂??
2426 * ?違???若???????宴?????若?帥???若?鴻????蚊????鐚?/span>
2427 * ?脂?蚊?????違???若?????綽??????違???若??ID??gid???主?????鐚?/span>
2428 *
2429 * @param sid ?祉???激?с??D
2430 * @param group ?脂?蚊???????違???若????????/span>
2431 * @param gid ?脂?蚊?????違???若?????綽??????違???若??ID
2432 * @return RES_OK
2433 * @return RES_DB_NOT_INITIALIZED
2434 * @return RES_NO_SUCH_SESSION
2435 * @return RES_DB_QUERY_ERROR
2436 *
2437 */
2438 result_t insertGroup( sessionid_t sid, const group_t* group, groupid_t* gid )
2439 {
2440 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2441 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2442
2443 result_t ret = RES_ERROR;
2444 string sql;
2445 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2446 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2447 SQLRETURN sqlcode;
2448
2449 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2450 sql = "INSERT INTO " + dbprefix + "_xnpaccount_groups ( gname, gdesc ) VALUES ( ?, ? )";
2451 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2452 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2453 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2454 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2455 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2456 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2457 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2458 SQLINTEGER count = 0;
2459 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2460 //?違???若??ID????緇?????
2461 sql = "SELECT LAST_INSERT_ID()";
2462 ret = queryGetUnsignedInt( "insertGroup", sql, (unsigned int*)gid );
2463 }else{
2464 string s( "SQLRowCount in insertGroup sql=" );
2465 s += string( sql );
2466 setLastErrorString( s.c_str( ) );
2467 ret = RES_DB_QUERY_ERROR;
2468 }
2469 }else{
2470 string s( "SQLExecute in insertGroup " );
2471 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2472 setLastErrorString( s.c_str( ) );
2473 ret = RES_DB_QUERY_ERROR;
2474 }
2475 }else{
2476 string s( "SQLPrepare in insertGroup " );
2477 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2478 setLastErrorString( s.c_str( ) );
2479 ret = RES_ERROR;
2480 }
2481 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2482 }else{
2483 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in insertGroup" );
2484 ret = RES_ERROR;
2485 }
2486
2487 //
2488 if ( ret == RES_OK ){
2489 //group index??篏???
2490
2491 //group index????ort_num????
2492 string sql = "SELECT MAX(sort_number) FROM " +
2493 dbprefix + "_xnpaccount_index WHERE parent_index_id=" + unsignedIntToString(item::IID_ROOT) +
2494 " AND (open_level=" + unsignedIntToString(index::OL_GROUP_ONLY) +
2495 " OR open_level=" + unsignedIntToString(index::OL_PUBLIC) + ")";
2496 unsigned int sortNumber;
2497 ret = queryGetUnsignedInt( "insertGroup", sql, &sortNumber );
2498 sortNumber++;
2499 if ( ret == RES_OK ){
2500 // group index篏???
2501 index_t index;
2502 userid_t uid;
2503 ret = sessionID2UID( sid, &uid );
2504 if ( ret == RES_OK ){
2505 index.setItemTypeID(item::ITID_INDEX);
2506 index.setContributorUID(uid);
2507 index.setParentIndexID(item::IID_ROOT);
2508 index.setOwnerGID(*gid);
2509 index.setOpenLevel(index::OL_GROUP_ONLY);
2510 index.setSortNumber(sortNumber);
2511 index.setTitle(group->getGname());
2512 indexid_t groupXID;
2513 ret = insertIndexInternal( sid, &index, &groupXID );
2514 if ( ret == RES_OK ){
2515 // xnpaccuont_groups??roup_index_id???吾??????
2516 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET group_index_id="
2517 + unsignedIntToString(groupXID) + " WHERE gid=" + unsignedIntToString(*gid);
2518 ret = querySimple( "insertGroup", sql );
2519 }
2520 }
2521 }
2522 }
2523
2524 return ret;
2525 }
2526
2527 /**
2528 *
2529 * ?違???若?????宴??紊??眼????
2530 *
2531 * @param sid ?祉???激?с??D
2532 * @param group ?違?????違???若??????/span>
2533 * @return RES_OK
2534 * @return RES_ERROR
2535 * @return RES_DB_NOT_INITIALIZED
2536 * @return RES_NO_SUCH_SESSION
2537 * @return RES_NO_SUCH_GROUP
2538 * @return RES_DB_QUERY_ERROR
2539 *
2540 */
2541 result_t updateGroup( sessionid_t sid, const group_t* group )
2542 {
2543 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2544 if( group == NULL ) return RES_ERROR;
2545 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2546 if( !gidExists( group -> getGID( ) ) ) return RES_NO_SUCH_GROUP;
2547
2548 result_t ret = RES_ERROR;
2549 string sql;
2550 SQLCHAR gname[XNP_GROUP_GNAME_LEN+1], gdesc[XNP_GROUP_GDESC_LEN+1];
2551 SQLINTEGER cbGname = SQL_NTS, cbGdesc = SQL_NTS;
2552 SQLRETURN sqlcode;
2553
2554 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2555 sql = "UPDATE " + dbprefix + "_xnpaccount_groups SET gname=?, gdesc=? WHERE gid=" + string( unsignedIntToString( group -> getGID( ) ) );
2556 sqlcode = SQLPrepare(hstmt, (SQLCHAR*)sql.c_str(), SQL_NTS);
2557 if( sqlcode == SQL_SUCCESS || sqlcode == SQL_SUCCESS_WITH_INFO ){
2558 SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GNAME_LEN, 0, gname, 0, &cbGname );
2559 SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_LONGVARCHAR, XNP_GROUP_GDESC_LEN, 0, gdesc, 0, &cbGdesc );
2560 strncpy2( (char*)gname, group -> getGname( ), XNP_GROUP_GNAME_LEN );
2561 strncpy2( (char*)gdesc, group -> getDesc( ), XNP_GROUP_GDESC_LEN );
2562 if( ( sqlcode = SQLExecute( hstmt ) ) == SQL_SUCCESS ){
2563 SQLINTEGER count = 0;
2564 if( ( sqlcode = SQLRowCount( hstmt, &count ) ) == SQL_SUCCESS && count > 0 ){
2565 ret = RES_OK;
2566 }else{
2567 string s( "SQLRowCount in updateGroup sql=" );
2568 s += string( sql );
2569 setLastErrorString( s.c_str( ) );
2570 ret = RES_DB_QUERY_ERROR;
2571 }
2572 }else{
2573 string s( "SQLExecute in updateGroup " );
2574 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2575 setLastErrorString( s.c_str( ) );
2576 ret = RES_DB_QUERY_ERROR;
2577 }
2578 }else{
2579 setLastErrorString( "SQLPrepare in updateGroup sql=" );
2580 ret = RES_ERROR;
2581 }
2582 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2583 }else{
2584 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in updateGroup" );
2585 ret = RES_ERROR;
2586 }
2587 return RES_OK;
2588 }
2589
2590 /**
2591 *
2592 * ?違???若?????怨??
2593 *
2594 * @param sid ?祉???激?с??D
2595 * @param gid ??緇????????違???若????ID
2596 * @param group ??緇??????違???若?????宴???≪?????鴻???吾??莨若?????ゃ?潟??/span>
2597 * @return RES_OK
2598 * @return RES_DB_NOT_INITIALIZED
2599 * @return RES_NO_SUCH_SESSION
2600 * @return RES_NO_SUCH_GROUP
2601 * @return RES_DB_QUERY_ERROR
2602 *
2603 */
2604 result_t getGroup( sessionid_t sid, groupid_t gid, const group_t** group )
2605 {
2606 int len;
2607 static criteria c;
2608 result_t res = getGroups( sid, &gid, 1, &c, group, &len );
2609 if( len == 0 ) return RES_NO_SUCH_GROUP;
2610 return res;
2611 }
2612
2613 /**
2614 *
2615 * 茲??違???違???若?????宴??筝?綺?????????.
2616 *
2617 * @param sid ?祉???激?с??D
2618 * @param gids ??緇????????違???若????ID??????
2619 * @param gidsLen gids???????膣???/span>
2620 * @param cri 腟???????膀??駕??純?若???>散????絎?
2621 * @param groups ??緇?腟??????違???若?????宴?????????≪?????鴻???吾??莨若?????ゃ?潟??/span>
2622 * @param groupsLen ??緇?腟????????????膣???/span>
2623 * @return RES_OK
2624 * @return RES_DB_NOT_INITIALIZED
2625 * @return RES_NO_SUCH_SESSION
2626 * @return RES_DB_QUERY_ERROR
2627 *
2628 */
2629 result_t getGroups( sessionid_t sid, groupid_t* gids, int gidsLen, criteria_t* cri, const group_t** groups, int* groupsLen )
2630 {
2631 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2632 if( !isValidSessionID( sid ) ) return RES_NO_SUCH_SESSION;
2633
2634 #ifdef USE_SYSLOG
2635 openlog( "commonal", LOG_ODELAY, LOG_USER );
2636 #endif
2637
2638 SQLRETURN sqlcode;
2639 SQLHANDLE hstmt = NULL;
2640 result_t ret = RES_ERROR;
2641 string sql;
2642 group_t* dst = new group_t[ gidsLen ];
2643
2644 sql += "SELECT gid, gname, gdesc, group_index_id ";
2645 sql += "FROM " + dbprefix + "_xnpaccount_groups ";
2646 if( gidsLen > 0 ){
2647 sql += "WHERE gid=" + string( unsignedIntToString( gids[ 0 ] ) );
2648 for( int i = 1; i < gidsLen; i++ ){
2649 sql += " OR gid=" + string( unsignedIntToString( gids[ i ] ) );
2650 }
2651 }
2652 sql += criteria2str( cri );
2653
2654 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2655 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2656 SQLINTEGER len = 0;
2657 groupid_t gid = 0;
2658 SQLBindCol( hstmt, 1, SQL_C_ULONG, &gid, 0, &len );
2659 *groupsLen=0;
2660 for( int i = 0; ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS && i < gidsLen ; i++ ){
2661 dst[ i ].setGID( gid );
2662 dst[ i ].setGname( getResultCol( hstmt, 2 ).c_str() );
2663 dst[ i ].setDesc( getResultCol( hstmt, 3 ).c_str() );
2664 dst[ i ].setGroupIndexID( atoi(getResultCol( hstmt, 4 ).c_str()) );
2665 ( *groupsLen )++;
2666 }
2667 *groups = dst;
2668 #ifdef USE_SYSLOG
2669 syslog( LOG_DEBUG, "getGroups succeed" );
2670 #endif
2671 ret = RES_OK;
2672 }else{
2673 string s( "SQLExecDirect in getGroups" );
2674 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2675 s += string( ", sql=" ) + string( sql );
2676 setLastErrorString( s.c_str( ) );
2677 #ifdef USE_SYSLOG
2678 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2679 #endif
2680 ret = RES_DB_QUERY_ERROR;
2681 }
2682 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2683 }else{
2684 string s( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getGroups" );
2685 s += odbcDiagString( SQL_HANDLE_DBC, hdbc, sqlcode );
2686 setLastErrorString( s.c_str( ) );
2687 #ifdef USE_SYSLOG
2688 syslog( LOG_DEBUG, "getGroups %s", getLastErrorString( ) );
2689 #endif
2690 ret = RES_ERROR;
2691 }
2692 #ifdef USE_SYSLOG
2693 closelog( );
2694 #endif
2695 return ret;
2696 }
2697
2698 /**
2699 *
2700 * ?≪?????若?炊┤???????<??菴???
2701 *
2702 * @param sid ?祉???激?с??D
2703 * @param uid ???????????????若?吟??ID
2704 * @return true 罔???????
2705 * @return false 罔???????
2706 *
2707 */
2708 bool isModerator( sessionid_t sid, userid_t uid )
2709 {
2710 if( hdbc == NULL ) return false;
2711 if( !isValidSessionID( sid ) ) return false;
2712 if( !uidExists( uid ) ) return false;
2713
2714 bool ret = false;
2715 SQLRETURN sqlcode;
2716 SQLHANDLE hstmt = NULL;
2717 SQLINTEGER count = 0;
2718 string sql;
2719 groupid_t moderator_gid;
2720
2721 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2722 sql = "SELECT value FROM " + dbprefix + "_xnpaccount_config";
2723 sql += " WHERE name='moderator_gid'";
2724 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2725 SQLINTEGER len = 0;
2726 SQLBindCol( hstmt, 1, SQL_C_ULONG, &moderator_gid, 0, &len );
2727 if( ( sqlcode = SQLFetch( hstmt ) ) == SQL_SUCCESS ){
2728 sql = "SELECT * from " + dbprefix + "_groups_users_link ";
2729 sql += "WHERE groupid=" + unsignedIntToString( moderator_gid );
2730 sql += " AND uid=" + string( unsignedIntToString( uid ) );
2731 if( countResultRows( sql.c_str(), &count ) == RES_OK ){
2732 if( count > 0 ){
2733 ret = true;
2734 }
2735 }
2736 }else{
2737 setLastErrorString( "SQLFetch in isModerator " );
2738 }
2739 }else{
2740 string s( "SQLExecDirect in isModerator " );
2741 s += odbcDiagString( SQL_HANDLE_STMT, hstmt, sqlcode );
2742 s += ", sql=";
2743 s += string( sql );
2744 setLastErrorString( s.c_str( ) );
2745 }
2746 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2747 }else{
2748 setLastErrorString( "SQLAllocHandle in isModerator " );
2749 }
2750 return ret;
2751 }
2752
2753 /**
2754 *
2755 * ???若??D??緇?
2756 *
2757 * @param uname ID????緇??????????若?吟?弱??
2758 * @param uid ID??篁e?ャ??????紊??違?????ゃ?潟??/span>
2759 * @return RES_ERROR
2760 * @return RES_OK
2761 * @refer result_t
2762 *
2763 */
2764 result_t getUid( const char* uname, userid_t* uid )
2765 {
2766 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2767 if( uname == NULL ) return RES_ERROR;
2768
2769 result_t ret = RES_ERROR;
2770 SQLRETURN sqlcode;
2771 SQLHANDLE hstmt = NULL;
2772 string sql;
2773 string uname2 = addSlashes( uname );
2774
2775 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + uname2 + "';";
2776 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2777 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2778 userid_t _uid = 0;
2779 SQLINTEGER len = 0;
2780 SQLBindCol( hstmt, 1, SQL_C_ULONG, &_uid, 0, &len );
2781 sqlcode = SQLFetch( hstmt );
2782 if( sqlcode == SQL_SUCCESS ){
2783 *uid = _uid;
2784 ret = RES_OK;
2785 }else {
2786 string s( "SQLFetch in getUid sql=" );
2787 s += string( sql );
2788 setLastErrorString( s.c_str( ) );
2789 ret = RES_NO_SUCH_USER;
2790 }
2791 }else{
2792 setLastErrorString( "SQLExecDirect in getUid" );
2793 ret = RES_DB_QUERY_ERROR;
2794 }
2795 SQLFreeHandle( SQL_HANDLE_STMT, hstmt );
2796 }else{
2797 setLastErrorString( "SQLAllocHandle(SQL_HANDLE_STMT,...) in getUid" );
2798 ret = RES_ERROR;
2799 }
2800
2801 return ret;
2802 }
2803
2804 /**
2805 *
2806 * ?祉???激?с?潟??篏?????xoops_xnpaccount_session???吾??莨若???? sessionid_t??session???????
2807 *
2808 * @param uid xoops_users??id
2809 * @param session sessionid_t???????????????????ゃ?潟?帥??
2810 * @return RES_OK ????
2811 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2812 */
2813 static result_t addSession( userid_t uid, sessionid_t* session )
2814 {
2815 char *functionName = "addSession";
2816 string sql = "INSERT INTO " + dbprefix + "_xnpaccount_session (uid) values (" +
2817 unsignedIntToString(uid) + ")";
2818 result_t ret = querySimple( functionName, sql );
2819 if ( ret == RES_OK ){
2820 sql = "SELECT LAST_INSERT_ID()";
2821 ret = queryGetUnsignedInt( functionName, sql, (unsigned int*)session );
2822 }
2823 return ret;
2824 }
2825
2826
2827 /**
2828 *
2829 * ???違?ゃ?活?荐若???祉???激?с?割???
2830 *
2831 * @param uname ???違?ゃ?喝??
2832 * @param passwd ???鴻???若??
2833 * @param session sessionid_t???????????????????ゃ?潟?帥??
2834 * @return RES_OK ???違?ゃ?恰??????session??essionid_t???吾??莨若??????<br>
2835 * @return RES_LOGIN_FAILURE uname?障????asswd???医幻<br>
2836 * @return RES_DB_QUERY_ERROR DB????????筝?????????/span>
2837 *
2838 */
2839 result_t loginUser(const char* uname, const char* passwd, sessionid_t* session )
2840 {
2841 if( hdbc == NULL ) return RES_DB_NOT_INITIALIZED;
2842
2843 result_t ret;
2844 string sql;
2845 SQLRETURN sqlcode;
2846
2847 // uname, passwd -> uid
2848 string escUname = addSlashes( uname );
2849 string escPasswd = addSlashes( passwd );
2850 sql = "SELECT uid FROM " + dbprefix + "_users WHERE uname='" + escUname + "' and pass=md5('" + escPasswd + "')";
2851
2852 if( ( sqlcode = SQLAllocHandle( SQL_HANDLE_STMT, hdbc, &hstmt ) ) == SQL_SUCCESS ) {
2853 if( ( sqlcode = SQLExecDirect( hstmt, (SQLCHAR*)sql.c_str(), sql.length() ) ) == SQL_SUCCESS ){
2854 userid_t uid = 0;
2855 SQLINTEGER len = 0;
2856 SQLBindCol( hstmt, 1, SQL_C_ULONG, &uid, 0, &len );
2857 sqlcode = SQLFetch( hstmt );
2858 if( sqlcode == SQL_SUCCESS ){
2859 ret = addSession( uid, session );
2860 }else {
2861 string s( "SQLFetch in loginUser" );
2862 setLastErrorString( s.c_str( ) );
2863 ret = RES_LOGIN_FA