Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 18.9.4

This commit is contained in:
Antonio Cañas Vargas 2018-10-29 12:31:24 +01:00
parent eff5bdc22c
commit 061c7a6f55
10 changed files with 179 additions and 281 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
swad_changelog.h
View File

@ -355,10 +355,11 @@ En OpenSWAD:
ps2pdf source.ps destination.pdf
*/
#define Log_PLATFORM_VERSION "SWAD 18.9.3 (2018-10-29)"
#define Log_PLATFORM_VERSION "SWAD 18.9.4 (2018-10-29)"
#define CSS_FILE "swad18.4.css"
#define JS_FILE "swad17.17.1.js"
/*
Version 18.9.4: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235868 lines)
Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines)
Version 18.9.2: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235988 lines)
Version 18.9.1: Oct 29, 2018 Some sprintf for database queries changed by internal function. (236049 lines)

17
swad_database.c
View File

@ -3207,13 +3207,6 @@ void DB_QueryINSERT_new (const char *MsgError)
DB_ExitOnMySQLError (MsgError);
}
void DB_QueryINSERT (const char *Query,const char *MsgError)
{
/***** Query database *****/
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError (MsgError);
}
/*****************************************************************************/
/** Make an INSERT query in database and return code of last inserted item ***/
/*****************************************************************************/
@ -3238,16 +3231,6 @@ long DB_QueryINSERTandReturnCode_new (const char *MsgError)
return (long) mysql_insert_id (&Gbl.mysql);
}
long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError)
{
/***** Query database *****/
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError (MsgError);
/***** Return the code of the inserted item *****/
return (long) mysql_insert_id (&Gbl.mysql);
}
/*****************************************************************************/
/******************** Make an REPLACE query in database **********************/
/*****************************************************************************/

2
swad_database.h
View File

@ -46,10 +46,8 @@ unsigned long DB_QueryCOUNT_new (const char *MsgError);
unsigned long DB_QueryCOUNT (const char *Query,const char *MsgError);
void DB_QueryINSERT_new (const char *MsgError);
void DB_QueryINSERT (const char *Query,const char *MsgError);
long DB_QueryINSERTandReturnCode_new (const char *MsgError);
long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError);
void DB_QueryREPLACE_new (const char *MsgError);

30
swad_report.c
View File

@ -426,29 +426,25 @@ static void Rep_CreateNewReportFile (struct Rep_Report *Report)
static void Rep_CreateNewReportEntryIntoDB (const struct Rep_Report *Report)
{
char Query[1024 +
NAME_MAX +
Cns_MAX_BYTES_WWW];
/***** Insert a new user's usage report into database *****/
sprintf (Query,"INSERT INTO usr_report"
DB_BuildQuery ("INSERT INTO usr_report"
" (UsrCod,ReportTimeUTC,"
"UniqueDirL,UniqueDirR,Filename,Permalink)"
" VALUES"
" (%ld,'%04d-%02d-%02d %02d:%02d:%02d',"
"'%c%c','%s','%s','%s')",
Gbl.Usrs.Me.UsrDat.UsrCod,
1900 + Report->tm_CurrentTime.tm_year, // year
1 + Report->tm_CurrentTime.tm_mon, // month
Report->tm_CurrentTime.tm_mday, // day of the month
Report->tm_CurrentTime.tm_hour, // hours
Report->tm_CurrentTime.tm_min, // minutes
Report->tm_CurrentTime.tm_sec, // seconds
Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Gbl.UniqueNameEncrypted[1],
&Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Report->FilenameReport,Report->Permalink);
DB_QueryINSERT (Query,"can not create new user's usage report");
Gbl.Usrs.Me.UsrDat.UsrCod,
1900 + Report->tm_CurrentTime.tm_year, // year
1 + Report->tm_CurrentTime.tm_mon, // month
Report->tm_CurrentTime.tm_mday, // day of the month
Report->tm_CurrentTime.tm_hour, // hours
Report->tm_CurrentTime.tm_min, // minutes
Report->tm_CurrentTime.tm_sec, // seconds
Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Gbl.UniqueNameEncrypted[1],
&Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Report->FilenameReport,Report->Permalink);
DB_QueryINSERT_new ("can not create new user's usage report");
}
/*****************************************************************************/

62
swad_session.c
View File

@ -156,31 +156,27 @@ void Ses_CloseSession (void)
void Ses_InsertSessionInDB (void)
{
char Query[1024 +
Cns_BYTES_SESSION_ID +
Pwd_BYTES_ENCRYPTED_PASSWORD];
/***** Insert session in the database *****/
if (Gbl.Search.WhatToSearch == Sch_SEARCH_UNKNOWN)
Gbl.Search.WhatToSearch = Sch_WHAT_TO_SEARCH_DEFAULT;
sprintf (Query,"INSERT INTO sessions"
DB_BuildQuery ("INSERT INTO sessions"
" (SessionId,UsrCod,Password,Role,"
"CtyCod,InsCod,CtrCod,DegCod,CrsCod,LastTime,LastRefresh,WhatToSearch)"
" VALUES"
" ('%s',%ld,'%s',%u,"
"%ld,%ld,%ld,%ld,%ld,NOW(),NOW(),%u)",
Gbl.Session.Id,
Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Usrs.Me.UsrDat.Password,
(unsigned) Gbl.Usrs.Me.Role.Logged,
Gbl.CurrentCty.Cty.CtyCod,
Gbl.CurrentIns.Ins.InsCod,
Gbl.CurrentCtr.Ctr.CtrCod,
Gbl.CurrentDeg.Deg.DegCod,
Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Search.WhatToSearch);
DB_QueryINSERT (Query,"can not create session");
Gbl.Session.Id,
Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Usrs.Me.UsrDat.Password,
(unsigned) Gbl.Usrs.Me.Role.Logged,
Gbl.CurrentCty.Cty.CtyCod,
Gbl.CurrentIns.Ins.InsCod,
Gbl.CurrentCtr.Ctr.CtrCod,
Gbl.CurrentDeg.Deg.DegCod,
Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Search.WhatToSearch);
DB_QueryINSERT_new ("can not create session");
}
/*****************************************************************************/
@ -337,47 +333,27 @@ bool Ses_GetSessionData (void)
void Ses_InsertHiddenParInDB (Act_Action_t NextAction,
const char *ParamName,const char *ParamValue)
{
char *Query;
size_t LengthParamName;
size_t LengthParamValue;
size_t MaxLength;
/***** Before of inserting the first hidden parameter passed to the next action,
delete all the parameters coming from the previous action *****/
Ses_RemoveHiddenParFromThisSession ();
/***** For a unique session-action-parameter, don't insert a parameter more than one time *****/
if (ParamName)
if ((LengthParamName = strlen (ParamName)))
if (ParamName[0])
if (!Ses_CheckIfHiddenParIsAlreadyInDB (NextAction,ParamName))
{
/***** Allocate space for query *****/
if (ParamValue)
LengthParamValue = strlen (ParamValue);
else
LengthParamValue = 0;
MaxLength = 256 +
Cns_BYTES_SESSION_ID +
LengthParamName +
LengthParamValue;
if ((Query = (char *) malloc (MaxLength + 1)) == NULL)
Lay_NotEnoughMemoryExit ();
/***** Insert parameter in the database *****/
sprintf (Query,"INSERT INTO hidden_params"
DB_BuildQuery ("INSERT INTO hidden_params"
" (SessionId,Action,ParamName,ParamValue)"
" VALUES"
" ('%s',%ld,'%s','%s')",
Gbl.Session.Id,
Act_GetActCod (NextAction),
ParamName,
LengthParamValue ? ParamValue :
Gbl.Session.Id,
Act_GetActCod (NextAction),
ParamName,
ParamValue ? ParamValue :
"");
DB_QueryINSERT (Query,"can not create hidden parameter");
DB_QueryINSERT_new ("can not create hidden parameter");
Gbl.HiddenParamsInsertedIntoDB = true;
/***** Free query *****/
free ((void *) Query);
}
}

169
swad_social.c
View File

@ -137,15 +137,13 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod);
static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl);
static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl,
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline,
char *Query);
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline);
static long Soc_GetPubCodFromSession (const char *FieldName);
static void Soc_UpdateLastPubCodIntoSession (void);
static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod);
static void Soc_DropTemporaryTablesUsedToQueryTimeline (void);
static void Soc_ShowTimeline (const char *Query,const char *Title,
long NotCodToHighlight);
static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight);
static void Soc_PutIconsTimeline (void);
static void Soc_FormStart (Act_Action_t ActionGbl,Act_Action_t ActionUsr);
@ -156,8 +154,8 @@ static void Soc_GetParamsWhichUsrs (void);
static void Soc_ShowWarningYouDontFollowAnyUser (void);
static void Soc_InsertNewPubsInTimeline (const char *Query);
static void Soc_ShowOldPubsInTimeline (const char *Query);
static void Soc_InsertNewPubsInTimeline (void);
static void Soc_ShowOldPubsInTimeline (void);
static void Soc_GetDataOfSocialPublishingFromRow (MYSQL_ROW row,struct SocialPublishing *SocPub);
@ -362,15 +360,13 @@ void Soc_ShowTimelineGbl2 (void)
static void Soc_ShowTimelineGblHighlightingNot (long NotCod)
{
extern const char *Txt_Timeline;
char Query[1024];
/***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL,
Soc_GET_RECENT_TIMELINE,
Query);
Soc_GET_RECENT_TIMELINE);
/***** Show timeline *****/
Soc_ShowTimeline (Query,Txt_Timeline,NotCod);
Soc_ShowTimeline (Txt_Timeline,NotCod);
/***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -388,18 +384,16 @@ void Soc_ShowTimelineUsr (void)
static void Soc_ShowTimelineUsrHighlightingNot (long NotCod)
{
extern const char *Txt_Timeline_OF_A_USER;
char Query[1024];
/***** Build query to show timeline with publishings of a unique user *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_USR,
Soc_GET_RECENT_TIMELINE,
Query);
Soc_GET_RECENT_TIMELINE);
/***** Show timeline *****/
snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Timeline_OF_A_USER,
Gbl.Usrs.Other.UsrDat.FirstName);
Soc_ShowTimeline (Query,Gbl.Title,NotCod);
Soc_ShowTimeline (Gbl.Title,NotCod);
/***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -411,8 +405,6 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod)
void Soc_RefreshNewTimelineGbl (void)
{
char Query[1024];
if (Gbl.Session.IsOpen) // If session has been closed, do not write anything
{
/***** Send, before the HTML, the refresh time *****/
@ -424,11 +416,10 @@ void Soc_RefreshNewTimelineGbl (void)
/***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL,
Soc_GET_ONLY_NEW_PUBS,
Query);
Soc_GET_ONLY_NEW_PUBS);
/***** Show new timeline *****/
Soc_InsertNewPubsInTimeline (Query);
Soc_InsertNewPubsInTimeline ();
/***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -465,15 +456,12 @@ void Soc_RefreshOldTimelineUsr (void)
static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl)
{
char Query[1024];
/***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (TimelineUsrOrGbl,
Soc_GET_ONLY_OLD_PUBS,
Query);
Soc_GET_ONLY_OLD_PUBS);
/***** Show old timeline *****/
Soc_ShowOldPubsInTimeline (Query);
Soc_ShowOldPubsInTimeline ();
/***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -503,8 +491,7 @@ void Soc_MarkMyNotifAsSeen (void)
#define Soc_MAX_BYTES_SUBQUERY_ALREADY_EXISTS (256 - 1)
static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl,
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline,
char *Query)
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline)
{
char SubQueryPublishers[128];
char SubQueryRangeBottom[128];
@ -535,24 +522,21 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
Soc_DropTemporaryTablesUsedToQueryTimeline ();
/***** Create temporary table with publishing codes *****/
sprintf (Query,"CREATE TEMPORARY TABLE pub_codes "
DB_BuildQuery ("CREATE TEMPORARY TABLE pub_codes "
"(PubCod BIGINT NOT NULL,UNIQUE INDEX(PubCod)) ENGINE=MEMORY");
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError ("can not create temporary table");
DB_Query_new ("can not create temporary table");
/***** Create temporary table with notes got in this execution *****/
sprintf (Query,"CREATE TEMPORARY TABLE not_codes "
DB_BuildQuery ("CREATE TEMPORARY TABLE not_codes "
"(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY");
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError ("can not create temporary table");
DB_Query_new ("can not create temporary table");
/***** Create temporary table with notes already present in timeline for this session *****/
sprintf (Query,"CREATE TEMPORARY TABLE current_timeline "
DB_BuildQuery ("CREATE TEMPORARY TABLE current_timeline "
"(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY"
" SELECT NotCod FROM social_timelines WHERE SessionId='%s'",
Gbl.Session.Id);
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError ("can not create temporary table");
Gbl.Session.Id);
DB_Query_new ("can not create temporary table");
/***** Create temporary table and subquery with potential publishers *****/
switch (TimelineUsrOrGbl)
@ -565,7 +549,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
switch (Gbl.Social.WhichUsrs)
{
case Soc_FOLLOWED: // Show the timeline of the users I follow
sprintf (Query,"CREATE TEMPORARY TABLE publishers "
DB_BuildQuery ("CREATE TEMPORARY TABLE publishers "
"(UsrCod INT NOT NULL,UNIQUE INDEX(UsrCod)) ENGINE=MEMORY"
" SELECT %ld AS UsrCod"
" UNION"
@ -573,8 +557,8 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
" FROM usr_follow WHERE FollowerCod=%ld",
Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Usrs.Me.UsrDat.UsrCod);
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError ("can not create temporary table");
DB_Query_new ("can not create temporary table");
sprintf (SubQueryPublishers,"social_pubs.PublisherCod=publishers.UsrCod AND ");
break;
case Soc_ALL_USRS: // Show the timeline of all users
@ -729,35 +713,35 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
switch (TimelineUsrOrGbl)
{
case Soc_TIMELINE_USR: // Show the timeline of a user
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs"
DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs"
" WHERE %s%s%s%s"
" ORDER BY PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers,
SubQueryAlreadyExists);
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers,
SubQueryAlreadyExists);
break;
case Soc_TIMELINE_GBL: // Show the global timeline
switch (Gbl.Social.WhichUsrs)
{
case Soc_FOLLOWED: // Show the timeline of the users I follow
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs,publishers"
DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs,publishers"
" WHERE %s%s%s%s"
" ORDER BY social_pubs.PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers,
SubQueryAlreadyExists);
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers,
SubQueryAlreadyExists);
break;
case Soc_ALL_USRS: // Show the timeline of all users
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs"
DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs"
" WHERE %s%s%s"
" ORDER BY PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryAlreadyExists);
SubQueryRangeBottom,SubQueryRangeTop,
SubQueryAlreadyExists);
break;
}
break;
}
if (DB_QuerySELECT (Query,&mysql_res,"can not get publishing") == 1)
if (DB_QuerySELECT_new (&mysql_res,"can not get publishing") == 1)
{
/* Get code of social publishing */
row = mysql_fetch_row (mysql_res);
@ -771,16 +755,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
if (PubCod > 0)
{
sprintf (Query,"INSERT INTO pub_codes SET PubCod=%ld",PubCod);
DB_QueryINSERT (Query,"can not store publishing code");
DB_BuildQuery ("INSERT INTO pub_codes SET PubCod=%ld",PubCod);
DB_QueryINSERT_new ("can not store publishing code");
RangePubsToGet.Top = PubCod; // Narrow the range for the next iteration
/* Get social note code (row[1]) */
NotCod = Str_ConvertStrCodToLongCod (row[1]);
sprintf (Query,"INSERT INTO not_codes SET NotCod=%ld",NotCod);
DB_QueryINSERT (Query,"can not store note code");
sprintf (Query,"INSERT INTO current_timeline SET NotCod=%ld",NotCod);
DB_QueryINSERT (Query,"can not store note code");
DB_BuildQuery ("INSERT INTO not_codes SET NotCod=%ld",NotCod);
DB_QueryINSERT_new ("can not store note code");
DB_BuildQuery ("INSERT INTO current_timeline SET NotCod=%ld",NotCod);
DB_QueryINSERT_new ("can not store note code");
}
else // Nothing got ==> abort loop
break; // Last publishing
@ -795,7 +779,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
Soc_AddNotesJustRetrievedToTimelineThisSession ();
/***** Build query to show timeline including the users I am following *****/
sprintf (Query,"SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)"
DB_BuildQuery ("SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)"
" FROM social_pubs WHERE PubCod IN "
"(SELECT PubCod FROM pub_codes)"
" ORDER BY PubCod DESC");
@ -904,8 +888,7 @@ static void Soc_DropTemporaryTablesUsedToQueryTimeline (void)
| |_____|
\ |_____|
*/
static void Soc_ShowTimeline (const char *Query,const char *Title,
long NotCodToHighlight)
static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight)
{
extern const char *Hlp_SOCIAL_Timeline;
MYSQL_RES *mysql_res;
@ -918,7 +901,7 @@ static void Soc_ShowTimeline (const char *Query,const char *Title,
bool ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod);
/***** Get publishings from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline");
NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** Start box *****/
Box_StartBox (Soc_WIDTH_TIMELINE,Title,Soc_PutIconsTimeline,
@ -1107,7 +1090,7 @@ static void Soc_ShowWarningYouDontFollowAnyUser (void)
/*****************************************************************************/
// The publishings are inserted as list elements of a hidden list
static void Soc_InsertNewPubsInTimeline (const char *Query)
static void Soc_InsertNewPubsInTimeline (void)
{
MYSQL_RES *mysql_res;
MYSQL_ROW row;
@ -1117,7 +1100,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query)
struct SocialNote SocNot;
/***** Get new publishings timeline from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline");
NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** List new publishings timeline *****/
for (NumPub = 0;
@ -1147,7 +1130,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query)
/*****************************************************************************/
// The publishings are inserted as list elements of a hidden list
static void Soc_ShowOldPubsInTimeline (const char *Query)
static void Soc_ShowOldPubsInTimeline (void)
{
MYSQL_RES *mysql_res;
MYSQL_ROW row;
@ -1157,7 +1140,7 @@ static void Soc_ShowOldPubsInTimeline (const char *Query)
struct SocialNote SocNot;
/***** Get old publishings timeline from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline");
NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** List old publishings in timeline *****/
for (NumPub = 0;
@ -2957,7 +2940,6 @@ static long Soc_ReceiveComment (void)
extern const char *Txt_The_original_post_no_longer_exists;
char Content[Cns_MAX_BYTES_LONG_TEXT + 1];
struct Image Image;
char *Query;
struct SocialNote SocNot;
struct SocialPublishing SocPub;
@ -2983,14 +2965,6 @@ static long Soc_ReceiveComment (void)
if (Content[0] || // Text not empty
Image.Name[0]) // An image is attached
{
/***** Allocate space for query *****/
if ((Query = (char *) malloc (256 +
strlen (Content) +
Img_BYTES_NAME +
Img_MAX_BYTES_TITLE +
Cns_MAX_BYTES_WWW)) == NULL)
Lay_NotEnoughMemoryExit ();
/***** Check if image is received and processed *****/
if (Image.Action == Img_ACTION_NEW_IMAGE && // Upload new image
Image.Status == Img_FILE_PROCESSED) // The new image received has been processed
@ -3005,21 +2979,18 @@ static long Soc_ReceiveComment (void)
Soc_PublishSocialNoteInTimeline (&SocPub); // Set SocPub.PubCod
/* Insert comment content in the database */
sprintf (Query,"INSERT INTO social_comments"
DB_BuildQuery ("INSERT INTO social_comments"
" (PubCod,Content,ImageName,ImageTitle,ImageURL)"
" VALUES"
" (%ld,'%s','%s','%s','%s')",
SocPub.PubCod,
Content,
Image.Name,
(Image.Name[0] && // Save image title only if image attached
Image.Title) ? Image.Title : "",
(Image.Name[0] && // Save image URL only if image attached
Image.URL ) ? Image.URL : "");
DB_QueryINSERT (Query,"can not store comment content");
/***** Free space used for query *****/
free ((void *) Query);
SocPub.PubCod,
Content,
Image.Name,
(Image.Name[0] && // Save image title only if image attached
Image.Title) ? Image.Title : "",
(Image.Name[0] && // Save image URL only if image attached
Image.URL ) ? Image.URL : "");
DB_QueryINSERT_new ("can not store comment content");
/***** Store notifications about the new comment *****/
Ntf_StoreNotifyEventsToAllUsrs (Ntf_EVENT_TIMELINE_COMMENT,SocPub.PubCod);
@ -3162,7 +3133,6 @@ void Soc_FavSocialNoteUsr (void)
static long Soc_FavSocialNote (void)
{
extern const char *Txt_The_original_post_no_longer_exists;
char Query[256];
struct SocialNote SocNot;
bool ItsMe;
long OriginalPubCod;
@ -3179,13 +3149,13 @@ static long Soc_FavSocialNote (void)
Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the note
{
/***** Mark as favourite in database *****/
sprintf (Query,"INSERT IGNORE INTO social_notes_fav"
DB_BuildQuery ("INSERT IGNORE INTO social_notes_fav"
" (NotCod,UsrCod,TimeFav)"
" VALUES"
" (%ld,%ld,NOW())",
SocNot.NotCod,
Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not favourite social note");
SocNot.NotCod,
Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT_new ("can not favourite social note");
/* Update number of times this social note is favourited */
SocNot.NumFavs = Soc_GetNumTimesANoteHasBeenFav (&SocNot);
@ -3251,7 +3221,6 @@ static long Soc_FavSocialComment (void)
extern const char *Txt_The_comment_no_longer_exists;
struct SocialComment SocCom;
bool ItsMe;
char Query[256];
/***** Initialize image *****/
Img_ImageConstructor (&SocCom.Image);
@ -3268,13 +3237,13 @@ static long Soc_FavSocialComment (void)
Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the comment
{
/***** Mark as favourite in database *****/
sprintf (Query,"INSERT IGNORE INTO social_comments_fav"
DB_BuildQuery ("INSERT IGNORE INTO social_comments_fav"
" (PubCod,UsrCod,TimeFav)"
" VALUES"
" (%ld,%ld,NOW())",
SocCom.PubCod,
Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not favourite social comment");
SocCom.PubCod,
Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT_new ("can not favourite social comment");
/* Update number of times this social comment is favourited */
SocCom.NumFavs = Soc_GetNumTimesACommHasBeenFav (&SocCom);
@ -4750,13 +4719,11 @@ static void Soc_ClearTimelineThisSession (void)
static void Soc_AddNotesJustRetrievedToTimelineThisSession (void)
{
char Query[256 + Cns_BYTES_SESSION_ID];
sprintf (Query,"INSERT IGNORE INTO social_timelines"
DB_BuildQuery ("INSERT IGNORE INTO social_timelines"
" (SessionId,NotCod)"
" SELECT DISTINCTROW '%s',NotCod FROM not_codes",
Gbl.Session.Id);
DB_QueryINSERT (Query,"can not insert social notes in timeline");
Gbl.Session.Id);
DB_QueryINSERT_new ("can not insert social notes in timeline");
}
/*****************************************************************************/

36
swad_survey.c
View File

@ -2255,25 +2255,22 @@ static void Svy_CreateSurvey (struct Survey *Svy,const char *Txt)
{
extern const char *Sco_ScopeDB[Sco_NUM_SCOPES];
extern const char *Txt_Created_new_survey_X;
char Query[1024 +
Svy_MAX_BYTES_SURVEY_TITLE +
Cns_MAX_BYTES_TEXT];
/***** Create a new survey *****/
sprintf (Query,"INSERT INTO surveys"
DB_BuildQuery ("INSERT INTO surveys"
" (Scope,Cod,Hidden,Roles,UsrCod,StartTime,EndTime,Title,Txt)"
" VALUES"
" ('%s',%ld,'N',%u,%ld,"
"FROM_UNIXTIME(%ld),FROM_UNIXTIME(%ld),"
"'%s','%s')",
Sco_ScopeDB[Svy->Scope],Svy->Cod,
Svy->Roles,
Gbl.Usrs.Me.UsrDat.UsrCod,
Svy->TimeUTC[Svy_START_TIME],
Svy->TimeUTC[Svy_END_TIME ],
Svy->Title,
Txt);
Svy->SvyCod = DB_QueryINSERTandReturnCode (Query,"can not create new survey");
Sco_ScopeDB[Svy->Scope],Svy->Cod,
Svy->Roles,
Gbl.Usrs.Me.UsrDat.UsrCod,
Svy->TimeUTC[Svy_START_TIME],
Svy->TimeUTC[Svy_END_TIME ],
Svy->Title,
Txt);
Svy->SvyCod = DB_QueryINSERTandReturnCode_new ("can not create new survey");
/***** Create groups *****/
if (Gbl.CurrentCrs.Grps.LstGrpsSel.NumGrps)
@ -2397,7 +2394,6 @@ void Svy_RemoveGroupsOfType (long GrpTypCod)
static void Svy_CreateGrps (long SvyCod)
{
unsigned NumGrpSel;
char Query[256];
/***** Create groups of the survey *****/
for (NumGrpSel = 0;
@ -2405,12 +2401,12 @@ static void Svy_CreateGrps (long SvyCod)
NumGrpSel++)
{
/* Create group */
sprintf (Query,"INSERT INTO svy_grp"
DB_BuildQuery ("INSERT INTO svy_grp"
" (SvyCod,GrpCod)"
" VALUES"
" (%ld,%ld)",
SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]);
DB_QueryINSERT (Query,"can not associate a group to a survey");
SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]);
DB_QueryINSERT_new ("can not associate a group to a survey");
}
}
@ -3759,14 +3755,12 @@ static void Svy_IncreaseAnswerInDB (long QstCod,unsigned AnsInd)
static void Svy_RegisterIHaveAnsweredSvy (long SvyCod)
{
char Query[256];
sprintf (Query,"INSERT INTO svy_users"
DB_BuildQuery ("INSERT INTO svy_users"
" (SvyCod,UsrCod)"
" VALUES"
" (%ld,%ld)",
SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not register that you have answered the survey");
SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT_new ("can not register that you have answered the survey");
}
/*****************************************************************************/

92
swad_test.c
View File

@ -6294,15 +6294,13 @@ static long Tst_GetTagCodFromTagTxt (const char *TagTxt)
static long Tst_CreateNewTag (long CrsCod,const char *TagTxt)
{
char Query[256 + Tst_MAX_BYTES_TAG];
/***** Insert new tag into tst_tags table *****/
sprintf (Query,"INSERT INTO tst_tags"
DB_BuildQuery ("INSERT INTO tst_tags"
" (CrsCod,ChangeTime,TagTxt,TagHidden)"
" VALUES"
" (%ld,NOW(),'%s','N')",
CrsCod,TagTxt);
return DB_QueryINSERTandReturnCode (Query,"can not create new tag");
CrsCod,TagTxt);
return DB_QueryINSERTandReturnCode_new ("can not create new tag");
}
/*****************************************************************************/
@ -6596,7 +6594,6 @@ static void Tst_InsertOrUpdateQstIntoDB (void)
static void Tst_InsertTagsIntoDB (void)
{
char Query[256];
unsigned NumTag;
unsigned TagIdx;
long TagCod;
@ -6613,12 +6610,12 @@ static void Tst_InsertTagsIntoDB (void)
TagCod = Tst_CreateNewTag (Gbl.CurrentCrs.Crs.CrsCod,Gbl.Test.Tags.Txt[NumTag]);
/***** Insert tag in tst_question_tags *****/
sprintf (Query,"INSERT INTO tst_question_tags"
DB_BuildQuery ("INSERT INTO tst_question_tags"
" (QstCod,TagCod,TagInd)"
" VALUES"
" (%ld,%ld,%u)",
Gbl.Test.QstCod,TagCod,TagIdx);
DB_QueryINSERT (Query,"can not create tag");
Gbl.Test.QstCod,TagCod,TagIdx);
DB_QueryINSERT_new ("can not create tag");
TagIdx++;
}
@ -6646,14 +6643,14 @@ static void Tst_InsertAnswersIntoDB (void)
switch (Gbl.Test.AnswerType)
{
case Tst_ANS_INT:
sprintf (Query,"INSERT INTO tst_answers"
DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)"
" VALUES"
" (%ld,0,%ld,'','','','','Y')",
Gbl.Test.QstCod,
Gbl.Test.Answer.Integer);
DB_QueryINSERT (Query,"can not create answer");
Gbl.Test.QstCod,
Gbl.Test.Answer.Integer);
DB_QueryINSERT_new ("can not create answer");
break;
case Tst_ANS_FLOAT:
Str_SetDecimalPointToUS (); // To print the floating point as a dot
@ -6661,26 +6658,26 @@ static void Tst_InsertAnswersIntoDB (void)
i < 2;
i++)
{
sprintf (Query,"INSERT INTO tst_answers"
DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)"
" VALUES"
" (%ld,%u,'%lg','','','','','Y')",
Gbl.Test.QstCod,i,
Gbl.Test.Answer.FloatingPoint[i]);
DB_QueryINSERT (Query,"can not create answer");
Gbl.Test.QstCod,i,
Gbl.Test.Answer.FloatingPoint[i]);
DB_QueryINSERT_new ("can not create answer");
}
Str_SetDecimalPointToLocal (); // Return to local system
break;
case Tst_ANS_TRUE_FALSE:
sprintf (Query,"INSERT INTO tst_answers"
DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)"
" VALUES"
" (%ld,0,'%c','','','','','Y')",
Gbl.Test.QstCod,
Gbl.Test.Answer.TF);
DB_QueryINSERT (Query,"can not create answer");
Gbl.Test.QstCod,
Gbl.Test.Answer.TF);
DB_QueryINSERT_new ("can not create answer");
break;
case Tst_ANS_UNIQUE_CHOICE:
case Tst_ANS_MULTIPLE_CHOICE:
@ -6690,20 +6687,20 @@ static void Tst_InsertAnswersIntoDB (void)
NumOpt++)
if (Gbl.Test.Answer.Options[NumOpt].Text[0])
{
sprintf (Query,"INSERT INTO tst_answers"
DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)"
" VALUES"
" (%ld,%u,'%s','%s','%s','%s','%s','%c')",
Gbl.Test.QstCod,NumOpt,
Gbl.Test.Answer.Options[NumOpt].Text,
Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "",
Gbl.Test.Answer.Options[NumOpt].Image.Name,
Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "",
Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "",
Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' :
'N');
DB_QueryINSERT (Query,"can not create answer");
Gbl.Test.QstCod,NumOpt,
Gbl.Test.Answer.Options[NumOpt].Text,
Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "",
Gbl.Test.Answer.Options[NumOpt].Image.Name,
Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "",
Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "",
Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' :
'N');
DB_QueryINSERT_new ("can not create answer");
/* Update image status */
if (Gbl.Test.Answer.Options[NumOpt].Image.Name[0])
@ -7538,19 +7535,17 @@ void Tst_SelDatesToSeeMyTestResults (void)
static long Tst_CreateTestResultInDB (void)
{
char Query[256];
/***** Insert new test result into table *****/
sprintf (Query,"INSERT INTO tst_exams"
DB_BuildQuery ("INSERT INTO tst_exams"
" (CrsCod,UsrCod,AllowTeachers,TstTime,NumQsts)"
" VALUES"
" (%ld,%ld,'%c',NOW(),%u)",
Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Test.AllowTeachers ? 'Y' :
'N',
Gbl.Test.NumQsts);
return DB_QueryINSERTandReturnCode (Query,"can not create new test result");
Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Test.AllowTeachers ? 'Y' :
'N',
Gbl.Test.NumQsts);
return DB_QueryINSERTandReturnCode_new ("can not create new test result");
}
/*****************************************************************************/
@ -8440,9 +8435,6 @@ static void Tst_GetTestResultDataByTstCod (long TstCod,time_t *TstTimeUTC,
static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQst,double Score)
{
char Query[256 +
Tst_MAX_BYTES_INDEXES_ONE_QST +
Tst_MAX_BYTES_ANSWERS_ONE_QST];
char Indexes[Tst_MAX_BYTES_INDEXES_ONE_QST + 1];
char Answers[Tst_MAX_BYTES_ANSWERS_ONE_QST + 1];
@ -8453,17 +8445,17 @@ static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQ
/***** Insert question and user's answers into database *****/
Str_SetDecimalPointToUS (); // To print the floating point as a dot
sprintf (Query,"INSERT INTO tst_exam_questions"
DB_BuildQuery ("INSERT INTO tst_exam_questions"
" (TstCod,QstCod,QstInd,Score,Indexes,Answers)"
" VALUES"
" (%ld,%ld,%u,'%lf','%s','%s')",
TstCod,QstCod,
NumQst, // 0, 1, 2, 3...
Score,
Indexes,
Answers);
TstCod,QstCod,
NumQst, // 0, 1, 2, 3...
Score,
Indexes,
Answers);
Str_SetDecimalPointToLocal (); // Return to local system
DB_QueryINSERT (Query,"can not insert a question of a test result");
DB_QueryINSERT_new ("can not insert a question of a test result");
}
/*****************************************************************************/

16
swad_user.c
View File

@ -3380,19 +3380,17 @@ void Usr_UpdateMyLastData (void)
static void Usr_InsertMyLastData (void)
{
char Query[256];
/***** Insert my last accessed course, tab and time of click in database *****/
sprintf (Query,"INSERT INTO usr_last"
DB_BuildQuery ("INSERT INTO usr_last"
" (UsrCod,WhatToSearch,LastCrs,LastTab,LastTime,LastAccNotif)"
" VALUES"
" (%ld,%u,%ld,%u,NOW(),FROM_UNIXTIME(%ld))",
Gbl.Usrs.Me.UsrDat.UsrCod,
(unsigned) Sch_SEARCH_ALL,
Gbl.CurrentCrs.Crs.CrsCod,
(unsigned) Gbl.Action.Tab,
(long) (time_t) 0); // The user never accessed to notifications
DB_QueryINSERT (Query,"can not insert last user's data");
Gbl.Usrs.Me.UsrDat.UsrCod,
(unsigned) Sch_SEARCH_ALL,
Gbl.CurrentCrs.Crs.CrsCod,
(unsigned) Gbl.Action.Tab,
(long) (time_t) 0); // The user never accessed to notifications
DB_QueryINSERT_new ("can not insert last user's data");
}
/*****************************************************************************/

33
swad_web_service.c
View File

@ -447,7 +447,6 @@ static int Svc_GenerateNewWSKey (long UsrCod,
char WSKey[Svc_BYTES_WS_KEY + 1])
{
int ReturnCode;
char Query[512];
/***** Remove expired web service keys *****/
if ((ReturnCode = Svc_RemoveOldWSKeys ()) != SOAP_OK)
@ -458,20 +457,19 @@ static int Svc_GenerateNewWSKey (long UsrCod,
Svc_BYTES_WS_KEY);
/***** Check that key does not exist in database *****/
sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'",
WSKey);
if (DB_QueryCOUNT (Query,"can not get existence of key"))
DB_BuildQuery ("SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'",WSKey);
if (DB_QueryCOUNT_new ("can not get existence of key"))
return soap_receiver_fault (Gbl.soap,
"Error when generating key",
"Generated key already existed in database");
/***** Insert key into database *****/
sprintf (Query,"INSERT INTO ws_keys"
DB_BuildQuery ("INSERT INTO ws_keys"
" (WSKey,UsrCod,PlgCod,LastTime)"
" VALUES"
" ('%s',%ld,%ld,NOW())",
WSKey,UsrCod,Gbl.WebService.PlgCod);
DB_QueryINSERT (Query,"can not insert new key");
WSKey,UsrCod,Gbl.WebService.PlgCod);
DB_QueryINSERT_new ("can not insert new key");
return SOAP_OK;
}
@ -3446,7 +3444,6 @@ int swad__sendNotice (struct soap *soap,
struct swad__sendNoticeOutput *sendNoticeOut) // output
{
int ReturnCode;
char Query[512 + Cns_MAX_BYTES_TEXT];
long NotCod;
/***** Initializations *****/
@ -3486,15 +3483,15 @@ int swad__sendNotice (struct soap *soap,
/***** Insert notice in the database *****/
/* Build query */
sprintf (Query,"INSERT INTO notices"
DB_BuildQuery ("INSERT INTO notices"
" (CrsCod,UsrCod,CreatTime,Content,Status)"
" VALUES"
" (%ld,%ld,NOW(),'%s',%u)",
Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod,
body,(unsigned) Not_ACTIVE_NOTICE);
Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod,
body,(unsigned) Not_ACTIVE_NOTICE);
/* Get the code of the inserted item */
NotCod = DB_QueryINSERTandReturnCode (Query,"can not create message");
NotCod = DB_QueryINSERTandReturnCode_new ("can not create message");
/***** Create notifications *****/
// TODO: create notifications
@ -4076,10 +4073,8 @@ int swad__getTrivialQuestion (struct soap *soap,
/*
if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543)
{
char QueryDebug[512 * 1024];
sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees);
DB_QueryINSERT (QueryDebug,"Error inserting in debug table");
DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees);
DB_QueryINSERT_new ("Error inserting in debug table");
}
*/
while (*Ptr)
@ -4154,10 +4149,8 @@ int swad__getTrivialQuestion (struct soap *soap,
/*
if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543)
{
char QueryDebug[512 * 1024];
sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')");
DB_QueryINSERT (QueryDebug,"Error inserting in debug table");
DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')");
DB_QueryINSERT_new ("Error inserting in debug table");
}
*/
/* Get next question */