Marown/swad-core
Marown/swad-core
1
0
Fork 0
mirror of https://github.com/acanas/swad-core.git synced 2024-06-05 16:25:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Version 18.9.4

Browse Source
This commit is contained in:
Antonio Cañas Vargas 2018-10-29 12:31:24 +01:00
parent eff5bdc22c
commit 061c7a6f55
10 changed files with 179 additions and 281 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
swad_changelog.h
View File

@ -355,10 +355,11 @@ En OpenSWAD:
ps2pdf source.ps destination.pdf ps2pdf source.ps destination.pdf
*/ */
#define Log_PLATFORM_VERSION "SWAD 18.9.3 (2018-10-29)" #define Log_PLATFORM_VERSION "SWAD 18.9.4 (2018-10-29)"
#define CSS_FILE "swad18.4.css" #define CSS_FILE "swad18.4.css"
#define JS_FILE "swad17.17.1.js" #define JS_FILE "swad17.17.1.js"
/* /*
Version 18.9.4: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235868 lines)
Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines) Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines)
Version 18.9.2: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235988 lines) Version 18.9.2: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235988 lines)
Version 18.9.1: Oct 29, 2018 Some sprintf for database queries changed by internal function. (236049 lines) Version 18.9.1: Oct 29, 2018 Some sprintf for database queries changed by internal function. (236049 lines)

17
swad_database.c
View File

@ -3207,13 +3207,6 @@ void DB_QueryINSERT_new (const char *MsgError)
DB_ExitOnMySQLError (MsgError); DB_ExitOnMySQLError (MsgError);
} }
void DB_QueryINSERT (const char *Query,const char *MsgError)
{
/***** Query database *****/
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError (MsgError);
}
/*****************************************************************************/ /*****************************************************************************/
/** Make an INSERT query in database and return code of last inserted item ***/ /** Make an INSERT query in database and return code of last inserted item ***/
/*****************************************************************************/ /*****************************************************************************/
@ -3238,16 +3231,6 @@ long DB_QueryINSERTandReturnCode_new (const char *MsgError)
return (long) mysql_insert_id (&Gbl.mysql); return (long) mysql_insert_id (&Gbl.mysql);
} }
long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError)
{
/***** Query database *****/
if (mysql_query (&Gbl.mysql,Query))
DB_ExitOnMySQLError (MsgError);
/***** Return the code of the inserted item *****/
return (long) mysql_insert_id (&Gbl.mysql);
}
/*****************************************************************************/ /*****************************************************************************/
/******************** Make an REPLACE query in database **********************/ /******************** Make an REPLACE query in database **********************/
/*****************************************************************************/ /*****************************************************************************/

2
swad_database.h
View File

@ -46,10 +46,8 @@ unsigned long DB_QueryCOUNT_new (const char *MsgError);
unsigned long DB_QueryCOUNT (const char *Query,const char *MsgError); unsigned long DB_QueryCOUNT (const char *Query,const char *MsgError);
void DB_QueryINSERT_new (const char *MsgError); void DB_QueryINSERT_new (const char *MsgError);
void DB_QueryINSERT (const char *Query,const char *MsgError);
long DB_QueryINSERTandReturnCode_new (const char *MsgError); long DB_QueryINSERTandReturnCode_new (const char *MsgError);
long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError);
void DB_QueryREPLACE_new (const char *MsgError); void DB_QueryREPLACE_new (const char *MsgError);

30
swad_report.c
View File

@ -426,29 +426,25 @@ static void Rep_CreateNewReportFile (struct Rep_Report *Report)
static void Rep_CreateNewReportEntryIntoDB (const struct Rep_Report *Report) static void Rep_CreateNewReportEntryIntoDB (const struct Rep_Report *Report)
{ {
char Query[1024 +
NAME_MAX +
Cns_MAX_BYTES_WWW];
/***** Insert a new user's usage report into database *****/ /***** Insert a new user's usage report into database *****/
sprintf (Query,"INSERT INTO usr_report" DB_BuildQuery ("INSERT INTO usr_report"
" (UsrCod,ReportTimeUTC," " (UsrCod,ReportTimeUTC,"
"UniqueDirL,UniqueDirR,Filename,Permalink)" "UniqueDirL,UniqueDirR,Filename,Permalink)"
" VALUES" " VALUES"
" (%ld,'%04d-%02d-%02d %02d:%02d:%02d'," " (%ld,'%04d-%02d-%02d %02d:%02d:%02d',"
"'%c%c','%s','%s','%s')", "'%c%c','%s','%s','%s')",
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
1900 + Report->tm_CurrentTime.tm_year, // year 1900 + Report->tm_CurrentTime.tm_year, // year
1 + Report->tm_CurrentTime.tm_mon, // month 1 + Report->tm_CurrentTime.tm_mon, // month
Report->tm_CurrentTime.tm_mday, // day of the month Report->tm_CurrentTime.tm_mday, // day of the month
Report->tm_CurrentTime.tm_hour, // hours Report->tm_CurrentTime.tm_hour, // hours
Report->tm_CurrentTime.tm_min, // minutes Report->tm_CurrentTime.tm_min, // minutes
Report->tm_CurrentTime.tm_sec, // seconds Report->tm_CurrentTime.tm_sec, // seconds
Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Gbl.UniqueNameEncrypted[1], Gbl.UniqueNameEncrypted[1],
&Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string &Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string
Report->FilenameReport,Report->Permalink); Report->FilenameReport,Report->Permalink);
DB_QueryINSERT (Query,"can not create new user's usage report"); DB_QueryINSERT_new ("can not create new user's usage report");
} }
/*****************************************************************************/ /*****************************************************************************/

62
swad_session.c
View File

@ -156,31 +156,27 @@ void Ses_CloseSession (void)
void Ses_InsertSessionInDB (void) void Ses_InsertSessionInDB (void)
{ {
char Query[1024 +
Cns_BYTES_SESSION_ID +
Pwd_BYTES_ENCRYPTED_PASSWORD];
/***** Insert session in the database *****/ /***** Insert session in the database *****/
if (Gbl.Search.WhatToSearch == Sch_SEARCH_UNKNOWN) if (Gbl.Search.WhatToSearch == Sch_SEARCH_UNKNOWN)
Gbl.Search.WhatToSearch = Sch_WHAT_TO_SEARCH_DEFAULT; Gbl.Search.WhatToSearch = Sch_WHAT_TO_SEARCH_DEFAULT;
sprintf (Query,"INSERT INTO sessions" DB_BuildQuery ("INSERT INTO sessions"
" (SessionId,UsrCod,Password,Role," " (SessionId,UsrCod,Password,Role,"
"CtyCod,InsCod,CtrCod,DegCod,CrsCod,LastTime,LastRefresh,WhatToSearch)" "CtyCod,InsCod,CtrCod,DegCod,CrsCod,LastTime,LastRefresh,WhatToSearch)"
" VALUES" " VALUES"
" ('%s',%ld,'%s',%u," " ('%s',%ld,'%s',%u,"
"%ld,%ld,%ld,%ld,%ld,NOW(),NOW(),%u)", "%ld,%ld,%ld,%ld,%ld,NOW(),NOW(),%u)",
Gbl.Session.Id, Gbl.Session.Id,
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Usrs.Me.UsrDat.Password, Gbl.Usrs.Me.UsrDat.Password,
(unsigned) Gbl.Usrs.Me.Role.Logged, (unsigned) Gbl.Usrs.Me.Role.Logged,
Gbl.CurrentCty.Cty.CtyCod, Gbl.CurrentCty.Cty.CtyCod,
Gbl.CurrentIns.Ins.InsCod, Gbl.CurrentIns.Ins.InsCod,
Gbl.CurrentCtr.Ctr.CtrCod, Gbl.CurrentCtr.Ctr.CtrCod,
Gbl.CurrentDeg.Deg.DegCod, Gbl.CurrentDeg.Deg.DegCod,
Gbl.CurrentCrs.Crs.CrsCod, Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Search.WhatToSearch); Gbl.Search.WhatToSearch);
DB_QueryINSERT (Query,"can not create session"); DB_QueryINSERT_new ("can not create session");
} }
/*****************************************************************************/ /*****************************************************************************/
@ -337,47 +333,27 @@ bool Ses_GetSessionData (void)
void Ses_InsertHiddenParInDB (Act_Action_t NextAction, void Ses_InsertHiddenParInDB (Act_Action_t NextAction,
const char *ParamName,const char *ParamValue) const char *ParamName,const char *ParamValue)
{ {
char *Query;
size_t LengthParamName;
size_t LengthParamValue;
size_t MaxLength;
/***** Before of inserting the first hidden parameter passed to the next action, /***** Before of inserting the first hidden parameter passed to the next action,
delete all the parameters coming from the previous action *****/ delete all the parameters coming from the previous action *****/
Ses_RemoveHiddenParFromThisSession (); Ses_RemoveHiddenParFromThisSession ();
/***** For a unique session-action-parameter, don't insert a parameter more than one time *****/ /***** For a unique session-action-parameter, don't insert a parameter more than one time *****/
if (ParamName) if (ParamName)
if ((LengthParamName = strlen (ParamName))) if (ParamName[0])
if (!Ses_CheckIfHiddenParIsAlreadyInDB (NextAction,ParamName)) if (!Ses_CheckIfHiddenParIsAlreadyInDB (NextAction,ParamName))
{ {
/***** Allocate space for query *****/
if (ParamValue)
LengthParamValue = strlen (ParamValue);
else
LengthParamValue = 0;
MaxLength = 256 +
Cns_BYTES_SESSION_ID +
LengthParamName +
LengthParamValue;
if ((Query = (char *) malloc (MaxLength + 1)) == NULL)
Lay_NotEnoughMemoryExit ();
/***** Insert parameter in the database *****/ /***** Insert parameter in the database *****/
sprintf (Query,"INSERT INTO hidden_params" DB_BuildQuery ("INSERT INTO hidden_params"
" (SessionId,Action,ParamName,ParamValue)" " (SessionId,Action,ParamName,ParamValue)"
" VALUES" " VALUES"
" ('%s',%ld,'%s','%s')", " ('%s',%ld,'%s','%s')",
Gbl.Session.Id, Gbl.Session.Id,
Act_GetActCod (NextAction), Act_GetActCod (NextAction),
ParamName, ParamName,
LengthParamValue ? ParamValue : ParamValue ? ParamValue :
""); "");
DB_QueryINSERT (Query,"can not create hidden parameter"); DB_QueryINSERT_new ("can not create hidden parameter");
Gbl.HiddenParamsInsertedIntoDB = true; Gbl.HiddenParamsInsertedIntoDB = true;
/***** Free query *****/
free ((void *) Query);
} }
} }

169
swad_social.c
View File

@ -137,15 +137,13 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod);
static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl); static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl);
static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl,
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline);
char *Query);
static long Soc_GetPubCodFromSession (const char *FieldName); static long Soc_GetPubCodFromSession (const char *FieldName);
static void Soc_UpdateLastPubCodIntoSession (void); static void Soc_UpdateLastPubCodIntoSession (void);
static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod); static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod);
static void Soc_DropTemporaryTablesUsedToQueryTimeline (void); static void Soc_DropTemporaryTablesUsedToQueryTimeline (void);
static void Soc_ShowTimeline (const char *Query,const char *Title, static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight);
long NotCodToHighlight);
static void Soc_PutIconsTimeline (void); static void Soc_PutIconsTimeline (void);
static void Soc_FormStart (Act_Action_t ActionGbl,Act_Action_t ActionUsr); static void Soc_FormStart (Act_Action_t ActionGbl,Act_Action_t ActionUsr);
@ -156,8 +154,8 @@ static void Soc_GetParamsWhichUsrs (void);
static void Soc_ShowWarningYouDontFollowAnyUser (void); static void Soc_ShowWarningYouDontFollowAnyUser (void);
static void Soc_InsertNewPubsInTimeline (const char *Query); static void Soc_InsertNewPubsInTimeline (void);
static void Soc_ShowOldPubsInTimeline (const char *Query); static void Soc_ShowOldPubsInTimeline (void);
static void Soc_GetDataOfSocialPublishingFromRow (MYSQL_ROW row,struct SocialPublishing *SocPub); static void Soc_GetDataOfSocialPublishingFromRow (MYSQL_ROW row,struct SocialPublishing *SocPub);
@ -362,15 +360,13 @@ void Soc_ShowTimelineGbl2 (void)
static void Soc_ShowTimelineGblHighlightingNot (long NotCod) static void Soc_ShowTimelineGblHighlightingNot (long NotCod)
{ {
extern const char *Txt_Timeline; extern const char *Txt_Timeline;
char Query[1024];
/***** Build query to get timeline *****/ /***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL, Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL,
Soc_GET_RECENT_TIMELINE, Soc_GET_RECENT_TIMELINE);
Query);
/***** Show timeline *****/ /***** Show timeline *****/
Soc_ShowTimeline (Query,Txt_Timeline,NotCod); Soc_ShowTimeline (Txt_Timeline,NotCod);
/***** Drop temporary tables *****/ /***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline (); Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -388,18 +384,16 @@ void Soc_ShowTimelineUsr (void)
static void Soc_ShowTimelineUsrHighlightingNot (long NotCod) static void Soc_ShowTimelineUsrHighlightingNot (long NotCod)
{ {
extern const char *Txt_Timeline_OF_A_USER; extern const char *Txt_Timeline_OF_A_USER;
char Query[1024];
/***** Build query to show timeline with publishings of a unique user *****/ /***** Build query to show timeline with publishings of a unique user *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_USR, Soc_BuildQueryToGetTimeline (Soc_TIMELINE_USR,
Soc_GET_RECENT_TIMELINE, Soc_GET_RECENT_TIMELINE);
Query);
/***** Show timeline *****/ /***** Show timeline *****/
snprintf (Gbl.Title,sizeof (Gbl.Title), snprintf (Gbl.Title,sizeof (Gbl.Title),
Txt_Timeline_OF_A_USER, Txt_Timeline_OF_A_USER,
Gbl.Usrs.Other.UsrDat.FirstName); Gbl.Usrs.Other.UsrDat.FirstName);
Soc_ShowTimeline (Query,Gbl.Title,NotCod); Soc_ShowTimeline (Gbl.Title,NotCod);
/***** Drop temporary tables *****/ /***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline (); Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -411,8 +405,6 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod)
void Soc_RefreshNewTimelineGbl (void) void Soc_RefreshNewTimelineGbl (void)
{ {
char Query[1024];
if (Gbl.Session.IsOpen) // If session has been closed, do not write anything if (Gbl.Session.IsOpen) // If session has been closed, do not write anything
{ {
/***** Send, before the HTML, the refresh time *****/ /***** Send, before the HTML, the refresh time *****/
@ -424,11 +416,10 @@ void Soc_RefreshNewTimelineGbl (void)
/***** Build query to get timeline *****/ /***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL, Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL,
Soc_GET_ONLY_NEW_PUBS, Soc_GET_ONLY_NEW_PUBS);
Query);
/***** Show new timeline *****/ /***** Show new timeline *****/
Soc_InsertNewPubsInTimeline (Query); Soc_InsertNewPubsInTimeline ();
/***** Drop temporary tables *****/ /***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline (); Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -465,15 +456,12 @@ void Soc_RefreshOldTimelineUsr (void)
static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl) static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl)
{ {
char Query[1024];
/***** Build query to get timeline *****/ /***** Build query to get timeline *****/
Soc_BuildQueryToGetTimeline (TimelineUsrOrGbl, Soc_BuildQueryToGetTimeline (TimelineUsrOrGbl,
Soc_GET_ONLY_OLD_PUBS, Soc_GET_ONLY_OLD_PUBS);
Query);
/***** Show old timeline *****/ /***** Show old timeline *****/
Soc_ShowOldPubsInTimeline (Query); Soc_ShowOldPubsInTimeline ();
/***** Drop temporary tables *****/ /***** Drop temporary tables *****/
Soc_DropTemporaryTablesUsedToQueryTimeline (); Soc_DropTemporaryTablesUsedToQueryTimeline ();
@ -503,8 +491,7 @@ void Soc_MarkMyNotifAsSeen (void)
#define Soc_MAX_BYTES_SUBQUERY_ALREADY_EXISTS (256 - 1) #define Soc_MAX_BYTES_SUBQUERY_ALREADY_EXISTS (256 - 1)
static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl,
Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline)
char *Query)
{ {
char SubQueryPublishers[128]; char SubQueryPublishers[128];
char SubQueryRangeBottom[128]; char SubQueryRangeBottom[128];
@ -535,24 +522,21 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
Soc_DropTemporaryTablesUsedToQueryTimeline (); Soc_DropTemporaryTablesUsedToQueryTimeline ();
/***** Create temporary table with publishing codes *****/ /***** Create temporary table with publishing codes *****/
sprintf (Query,"CREATE TEMPORARY TABLE pub_codes " DB_BuildQuery ("CREATE TEMPORARY TABLE pub_codes "
"(PubCod BIGINT NOT NULL,UNIQUE INDEX(PubCod)) ENGINE=MEMORY"); "(PubCod BIGINT NOT NULL,UNIQUE INDEX(PubCod)) ENGINE=MEMORY");
if (mysql_query (&Gbl.mysql,Query)) DB_Query_new ("can not create temporary table");
DB_ExitOnMySQLError ("can not create temporary table");
/***** Create temporary table with notes got in this execution *****/ /***** Create temporary table with notes got in this execution *****/
sprintf (Query,"CREATE TEMPORARY TABLE not_codes " DB_BuildQuery ("CREATE TEMPORARY TABLE not_codes "
"(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY"); "(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY");
if (mysql_query (&Gbl.mysql,Query)) DB_Query_new ("can not create temporary table");
DB_ExitOnMySQLError ("can not create temporary table");
/***** Create temporary table with notes already present in timeline for this session *****/ /***** Create temporary table with notes already present in timeline for this session *****/
sprintf (Query,"CREATE TEMPORARY TABLE current_timeline " DB_BuildQuery ("CREATE TEMPORARY TABLE current_timeline "
"(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY" "(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY"
" SELECT NotCod FROM social_timelines WHERE SessionId='%s'", " SELECT NotCod FROM social_timelines WHERE SessionId='%s'",
Gbl.Session.Id); Gbl.Session.Id);
if (mysql_query (&Gbl.mysql,Query)) DB_Query_new ("can not create temporary table");
DB_ExitOnMySQLError ("can not create temporary table");
/***** Create temporary table and subquery with potential publishers *****/ /***** Create temporary table and subquery with potential publishers *****/
switch (TimelineUsrOrGbl) switch (TimelineUsrOrGbl)
@ -565,7 +549,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
switch (Gbl.Social.WhichUsrs) switch (Gbl.Social.WhichUsrs)
{ {
case Soc_FOLLOWED: // Show the timeline of the users I follow case Soc_FOLLOWED: // Show the timeline of the users I follow
sprintf (Query,"CREATE TEMPORARY TABLE publishers " DB_BuildQuery ("CREATE TEMPORARY TABLE publishers "
"(UsrCod INT NOT NULL,UNIQUE INDEX(UsrCod)) ENGINE=MEMORY" "(UsrCod INT NOT NULL,UNIQUE INDEX(UsrCod)) ENGINE=MEMORY"
" SELECT %ld AS UsrCod" " SELECT %ld AS UsrCod"
" UNION" " UNION"
@ -573,8 +557,8 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
" FROM usr_follow WHERE FollowerCod=%ld", " FROM usr_follow WHERE FollowerCod=%ld",
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Usrs.Me.UsrDat.UsrCod); Gbl.Usrs.Me.UsrDat.UsrCod);
if (mysql_query (&Gbl.mysql,Query)) DB_Query_new ("can not create temporary table");
DB_ExitOnMySQLError ("can not create temporary table");
sprintf (SubQueryPublishers,"social_pubs.PublisherCod=publishers.UsrCod AND "); sprintf (SubQueryPublishers,"social_pubs.PublisherCod=publishers.UsrCod AND ");
break; break;
case Soc_ALL_USRS: // Show the timeline of all users case Soc_ALL_USRS: // Show the timeline of all users
@ -729,35 +713,35 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
switch (TimelineUsrOrGbl) switch (TimelineUsrOrGbl)
{ {
case Soc_TIMELINE_USR: // Show the timeline of a user case Soc_TIMELINE_USR: // Show the timeline of a user
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs" DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs"
" WHERE %s%s%s%s" " WHERE %s%s%s%s"
" ORDER BY PubCod DESC LIMIT 1", " ORDER BY PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop, SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers, SubQueryPublishers,
SubQueryAlreadyExists); SubQueryAlreadyExists);
break; break;
case Soc_TIMELINE_GBL: // Show the global timeline case Soc_TIMELINE_GBL: // Show the global timeline
switch (Gbl.Social.WhichUsrs) switch (Gbl.Social.WhichUsrs)
{ {
case Soc_FOLLOWED: // Show the timeline of the users I follow case Soc_FOLLOWED: // Show the timeline of the users I follow
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs,publishers" DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs,publishers"
" WHERE %s%s%s%s" " WHERE %s%s%s%s"
" ORDER BY social_pubs.PubCod DESC LIMIT 1", " ORDER BY social_pubs.PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop, SubQueryRangeBottom,SubQueryRangeTop,
SubQueryPublishers, SubQueryPublishers,
SubQueryAlreadyExists); SubQueryAlreadyExists);
break; break;
case Soc_ALL_USRS: // Show the timeline of all users case Soc_ALL_USRS: // Show the timeline of all users
sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs" DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs"
" WHERE %s%s%s" " WHERE %s%s%s"
" ORDER BY PubCod DESC LIMIT 1", " ORDER BY PubCod DESC LIMIT 1",
SubQueryRangeBottom,SubQueryRangeTop, SubQueryRangeBottom,SubQueryRangeTop,
SubQueryAlreadyExists); SubQueryAlreadyExists);
break; break;
} }
break; break;
} }
if (DB_QuerySELECT (Query,&mysql_res,"can not get publishing") == 1) if (DB_QuerySELECT_new (&mysql_res,"can not get publishing") == 1)
{ {
/* Get code of social publishing */ /* Get code of social publishing */
row = mysql_fetch_row (mysql_res); row = mysql_fetch_row (mysql_res);
@ -771,16 +755,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
if (PubCod > 0) if (PubCod > 0)
{ {
sprintf (Query,"INSERT INTO pub_codes SET PubCod=%ld",PubCod); DB_BuildQuery ("INSERT INTO pub_codes SET PubCod=%ld",PubCod);
DB_QueryINSERT (Query,"can not store publishing code"); DB_QueryINSERT_new ("can not store publishing code");
RangePubsToGet.Top = PubCod; // Narrow the range for the next iteration RangePubsToGet.Top = PubCod; // Narrow the range for the next iteration
/* Get social note code (row[1]) */ /* Get social note code (row[1]) */
NotCod = Str_ConvertStrCodToLongCod (row[1]); NotCod = Str_ConvertStrCodToLongCod (row[1]);
sprintf (Query,"INSERT INTO not_codes SET NotCod=%ld",NotCod); DB_BuildQuery ("INSERT INTO not_codes SET NotCod=%ld",NotCod);
DB_QueryINSERT (Query,"can not store note code"); DB_QueryINSERT_new ("can not store note code");
sprintf (Query,"INSERT INTO current_timeline SET NotCod=%ld",NotCod); DB_BuildQuery ("INSERT INTO current_timeline SET NotCod=%ld",NotCod);
DB_QueryINSERT (Query,"can not store note code"); DB_QueryINSERT_new ("can not store note code");
} }
else // Nothing got ==> abort loop else // Nothing got ==> abort loop
break; // Last publishing break; // Last publishing
@ -795,7 +779,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl
Soc_AddNotesJustRetrievedToTimelineThisSession (); Soc_AddNotesJustRetrievedToTimelineThisSession ();
/***** Build query to show timeline including the users I am following *****/ /***** Build query to show timeline including the users I am following *****/
sprintf (Query,"SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)" DB_BuildQuery ("SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)"
" FROM social_pubs WHERE PubCod IN " " FROM social_pubs WHERE PubCod IN "
"(SELECT PubCod FROM pub_codes)" "(SELECT PubCod FROM pub_codes)"
" ORDER BY PubCod DESC"); " ORDER BY PubCod DESC");
@ -904,8 +888,7 @@ static void Soc_DropTemporaryTablesUsedToQueryTimeline (void)
| |_____| | |_____|
\ |_____| \ |_____|
*/ */
static void Soc_ShowTimeline (const char *Query,const char *Title, static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight)
long NotCodToHighlight)
{ {
extern const char *Hlp_SOCIAL_Timeline; extern const char *Hlp_SOCIAL_Timeline;
MYSQL_RES *mysql_res; MYSQL_RES *mysql_res;
@ -918,7 +901,7 @@ static void Soc_ShowTimeline (const char *Query,const char *Title,
bool ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod); bool ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod);
/***** Get publishings from database *****/ /***** Get publishings from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** Start box *****/ /***** Start box *****/
Box_StartBox (Soc_WIDTH_TIMELINE,Title,Soc_PutIconsTimeline, Box_StartBox (Soc_WIDTH_TIMELINE,Title,Soc_PutIconsTimeline,
@ -1107,7 +1090,7 @@ static void Soc_ShowWarningYouDontFollowAnyUser (void)
/*****************************************************************************/ /*****************************************************************************/
// The publishings are inserted as list elements of a hidden list // The publishings are inserted as list elements of a hidden list
static void Soc_InsertNewPubsInTimeline (const char *Query) static void Soc_InsertNewPubsInTimeline (void)
{ {
MYSQL_RES *mysql_res; MYSQL_RES *mysql_res;
MYSQL_ROW row; MYSQL_ROW row;
@ -1117,7 +1100,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query)
struct SocialNote SocNot; struct SocialNote SocNot;
/***** Get new publishings timeline from database *****/ /***** Get new publishings timeline from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** List new publishings timeline *****/ /***** List new publishings timeline *****/
for (NumPub = 0; for (NumPub = 0;
@ -1147,7 +1130,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query)
/*****************************************************************************/ /*****************************************************************************/
// The publishings are inserted as list elements of a hidden list // The publishings are inserted as list elements of a hidden list
static void Soc_ShowOldPubsInTimeline (const char *Query) static void Soc_ShowOldPubsInTimeline (void)
{ {
MYSQL_RES *mysql_res; MYSQL_RES *mysql_res;
MYSQL_ROW row; MYSQL_ROW row;
@ -1157,7 +1140,7 @@ static void Soc_ShowOldPubsInTimeline (const char *Query)
struct SocialNote SocNot; struct SocialNote SocNot;
/***** Get old publishings timeline from database *****/ /***** Get old publishings timeline from database *****/
NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline");
/***** List old publishings in timeline *****/ /***** List old publishings in timeline *****/
for (NumPub = 0; for (NumPub = 0;
@ -2957,7 +2940,6 @@ static long Soc_ReceiveComment (void)
extern const char *Txt_The_original_post_no_longer_exists; extern const char *Txt_The_original_post_no_longer_exists;
char Content[Cns_MAX_BYTES_LONG_TEXT + 1]; char Content[Cns_MAX_BYTES_LONG_TEXT + 1];
struct Image Image; struct Image Image;
char *Query;
struct SocialNote SocNot; struct SocialNote SocNot;
struct SocialPublishing SocPub; struct SocialPublishing SocPub;
@ -2983,14 +2965,6 @@ static long Soc_ReceiveComment (void)
if (Content[0] || // Text not empty if (Content[0] || // Text not empty
Image.Name[0]) // An image is attached Image.Name[0]) // An image is attached
{ {
/***** Allocate space for query *****/
if ((Query = (char *) malloc (256 +
strlen (Content) +
Img_BYTES_NAME +
Img_MAX_BYTES_TITLE +
Cns_MAX_BYTES_WWW)) == NULL)
Lay_NotEnoughMemoryExit ();
/***** Check if image is received and processed *****/ /***** Check if image is received and processed *****/
if (Image.Action == Img_ACTION_NEW_IMAGE && // Upload new image if (Image.Action == Img_ACTION_NEW_IMAGE && // Upload new image
Image.Status == Img_FILE_PROCESSED) // The new image received has been processed Image.Status == Img_FILE_PROCESSED) // The new image received has been processed
@ -3005,21 +2979,18 @@ static long Soc_ReceiveComment (void)
Soc_PublishSocialNoteInTimeline (&SocPub); // Set SocPub.PubCod Soc_PublishSocialNoteInTimeline (&SocPub); // Set SocPub.PubCod
/* Insert comment content in the database */ /* Insert comment content in the database */
sprintf (Query,"INSERT INTO social_comments" DB_BuildQuery ("INSERT INTO social_comments"
" (PubCod,Content,ImageName,ImageTitle,ImageURL)" " (PubCod,Content,ImageName,ImageTitle,ImageURL)"
" VALUES" " VALUES"
" (%ld,'%s','%s','%s','%s')", " (%ld,'%s','%s','%s','%s')",
SocPub.PubCod, SocPub.PubCod,
Content, Content,
Image.Name, Image.Name,
(Image.Name[0] && // Save image title only if image attached (Image.Name[0] && // Save image title only if image attached
Image.Title) ? Image.Title : "", Image.Title) ? Image.Title : "",
(Image.Name[0] && // Save image URL only if image attached (Image.Name[0] && // Save image URL only if image attached
Image.URL ) ? Image.URL : ""); Image.URL ) ? Image.URL : "");
DB_QueryINSERT (Query,"can not store comment content"); DB_QueryINSERT_new ("can not store comment content");
/***** Free space used for query *****/
free ((void *) Query);
/***** Store notifications about the new comment *****/ /***** Store notifications about the new comment *****/
Ntf_StoreNotifyEventsToAllUsrs (Ntf_EVENT_TIMELINE_COMMENT,SocPub.PubCod); Ntf_StoreNotifyEventsToAllUsrs (Ntf_EVENT_TIMELINE_COMMENT,SocPub.PubCod);
@ -3162,7 +3133,6 @@ void Soc_FavSocialNoteUsr (void)
static long Soc_FavSocialNote (void) static long Soc_FavSocialNote (void)
{ {
extern const char *Txt_The_original_post_no_longer_exists; extern const char *Txt_The_original_post_no_longer_exists;
char Query[256];
struct SocialNote SocNot; struct SocialNote SocNot;
bool ItsMe; bool ItsMe;
long OriginalPubCod; long OriginalPubCod;
@ -3179,13 +3149,13 @@ static long Soc_FavSocialNote (void)
Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the note Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the note
{ {
/***** Mark as favourite in database *****/ /***** Mark as favourite in database *****/
sprintf (Query,"INSERT IGNORE INTO social_notes_fav" DB_BuildQuery ("INSERT IGNORE INTO social_notes_fav"
" (NotCod,UsrCod,TimeFav)" " (NotCod,UsrCod,TimeFav)"
" VALUES" " VALUES"
" (%ld,%ld,NOW())", " (%ld,%ld,NOW())",
SocNot.NotCod, SocNot.NotCod,
Gbl.Usrs.Me.UsrDat.UsrCod); Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not favourite social note"); DB_QueryINSERT_new ("can not favourite social note");
/* Update number of times this social note is favourited */ /* Update number of times this social note is favourited */
SocNot.NumFavs = Soc_GetNumTimesANoteHasBeenFav (&SocNot); SocNot.NumFavs = Soc_GetNumTimesANoteHasBeenFav (&SocNot);
@ -3251,7 +3221,6 @@ static long Soc_FavSocialComment (void)
extern const char *Txt_The_comment_no_longer_exists; extern const char *Txt_The_comment_no_longer_exists;
struct SocialComment SocCom; struct SocialComment SocCom;
bool ItsMe; bool ItsMe;
char Query[256];
/***** Initialize image *****/ /***** Initialize image *****/
Img_ImageConstructor (&SocCom.Image); Img_ImageConstructor (&SocCom.Image);
@ -3268,13 +3237,13 @@ static long Soc_FavSocialComment (void)
Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the comment Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the comment
{ {
/***** Mark as favourite in database *****/ /***** Mark as favourite in database *****/
sprintf (Query,"INSERT IGNORE INTO social_comments_fav" DB_BuildQuery ("INSERT IGNORE INTO social_comments_fav"
" (PubCod,UsrCod,TimeFav)" " (PubCod,UsrCod,TimeFav)"
" VALUES" " VALUES"
" (%ld,%ld,NOW())", " (%ld,%ld,NOW())",
SocCom.PubCod, SocCom.PubCod,
Gbl.Usrs.Me.UsrDat.UsrCod); Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not favourite social comment"); DB_QueryINSERT_new ("can not favourite social comment");
/* Update number of times this social comment is favourited */ /* Update number of times this social comment is favourited */
SocCom.NumFavs = Soc_GetNumTimesACommHasBeenFav (&SocCom); SocCom.NumFavs = Soc_GetNumTimesACommHasBeenFav (&SocCom);
@ -4750,13 +4719,11 @@ static void Soc_ClearTimelineThisSession (void)
static void Soc_AddNotesJustRetrievedToTimelineThisSession (void) static void Soc_AddNotesJustRetrievedToTimelineThisSession (void)
{ {
char Query[256 + Cns_BYTES_SESSION_ID]; DB_BuildQuery ("INSERT IGNORE INTO social_timelines"
sprintf (Query,"INSERT IGNORE INTO social_timelines"
" (SessionId,NotCod)" " (SessionId,NotCod)"
" SELECT DISTINCTROW '%s',NotCod FROM not_codes", " SELECT DISTINCTROW '%s',NotCod FROM not_codes",
Gbl.Session.Id); Gbl.Session.Id);
DB_QueryINSERT (Query,"can not insert social notes in timeline"); DB_QueryINSERT_new ("can not insert social notes in timeline");
} }
/*****************************************************************************/ /*****************************************************************************/

36
swad_survey.c
View File

@ -2255,25 +2255,22 @@ static void Svy_CreateSurvey (struct Survey *Svy,const char *Txt)
{ {
extern const char *Sco_ScopeDB[Sco_NUM_SCOPES]; extern const char *Sco_ScopeDB[Sco_NUM_SCOPES];
extern const char *Txt_Created_new_survey_X; extern const char *Txt_Created_new_survey_X;
char Query[1024 +
Svy_MAX_BYTES_SURVEY_TITLE +
Cns_MAX_BYTES_TEXT];
/***** Create a new survey *****/ /***** Create a new survey *****/
sprintf (Query,"INSERT INTO surveys" DB_BuildQuery ("INSERT INTO surveys"
" (Scope,Cod,Hidden,Roles,UsrCod,StartTime,EndTime,Title,Txt)" " (Scope,Cod,Hidden,Roles,UsrCod,StartTime,EndTime,Title,Txt)"
" VALUES" " VALUES"
" ('%s',%ld,'N',%u,%ld," " ('%s',%ld,'N',%u,%ld,"
"FROM_UNIXTIME(%ld),FROM_UNIXTIME(%ld)," "FROM_UNIXTIME(%ld),FROM_UNIXTIME(%ld),"
"'%s','%s')", "'%s','%s')",
Sco_ScopeDB[Svy->Scope],Svy->Cod, Sco_ScopeDB[Svy->Scope],Svy->Cod,
Svy->Roles, Svy->Roles,
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
Svy->TimeUTC[Svy_START_TIME], Svy->TimeUTC[Svy_START_TIME],
Svy->TimeUTC[Svy_END_TIME ], Svy->TimeUTC[Svy_END_TIME ],
Svy->Title, Svy->Title,
Txt); Txt);
Svy->SvyCod = DB_QueryINSERTandReturnCode (Query,"can not create new survey"); Svy->SvyCod = DB_QueryINSERTandReturnCode_new ("can not create new survey");
/***** Create groups *****/ /***** Create groups *****/
if (Gbl.CurrentCrs.Grps.LstGrpsSel.NumGrps) if (Gbl.CurrentCrs.Grps.LstGrpsSel.NumGrps)
@ -2397,7 +2394,6 @@ void Svy_RemoveGroupsOfType (long GrpTypCod)
static void Svy_CreateGrps (long SvyCod) static void Svy_CreateGrps (long SvyCod)
{ {
unsigned NumGrpSel; unsigned NumGrpSel;
char Query[256];
/***** Create groups of the survey *****/ /***** Create groups of the survey *****/
for (NumGrpSel = 0; for (NumGrpSel = 0;
@ -2405,12 +2401,12 @@ static void Svy_CreateGrps (long SvyCod)
NumGrpSel++) NumGrpSel++)
{ {
/* Create group */ /* Create group */
sprintf (Query,"INSERT INTO svy_grp" DB_BuildQuery ("INSERT INTO svy_grp"
" (SvyCod,GrpCod)" " (SvyCod,GrpCod)"
" VALUES" " VALUES"
" (%ld,%ld)", " (%ld,%ld)",
SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]); SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]);
DB_QueryINSERT (Query,"can not associate a group to a survey"); DB_QueryINSERT_new ("can not associate a group to a survey");
} }
} }
@ -3759,14 +3755,12 @@ static void Svy_IncreaseAnswerInDB (long QstCod,unsigned AnsInd)
static void Svy_RegisterIHaveAnsweredSvy (long SvyCod) static void Svy_RegisterIHaveAnsweredSvy (long SvyCod)
{ {
char Query[256]; DB_BuildQuery ("INSERT INTO svy_users"
sprintf (Query,"INSERT INTO svy_users"
" (SvyCod,UsrCod)" " (SvyCod,UsrCod)"
" VALUES" " VALUES"
" (%ld,%ld)", " (%ld,%ld)",
SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod); SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod);
DB_QueryINSERT (Query,"can not register that you have answered the survey"); DB_QueryINSERT_new ("can not register that you have answered the survey");
} }
/*****************************************************************************/ /*****************************************************************************/

92
swad_test.c
View File

@ -6294,15 +6294,13 @@ static long Tst_GetTagCodFromTagTxt (const char *TagTxt)
static long Tst_CreateNewTag (long CrsCod,const char *TagTxt) static long Tst_CreateNewTag (long CrsCod,const char *TagTxt)
{ {
char Query[256 + Tst_MAX_BYTES_TAG];
/***** Insert new tag into tst_tags table *****/ /***** Insert new tag into tst_tags table *****/
sprintf (Query,"INSERT INTO tst_tags" DB_BuildQuery ("INSERT INTO tst_tags"
" (CrsCod,ChangeTime,TagTxt,TagHidden)" " (CrsCod,ChangeTime,TagTxt,TagHidden)"
" VALUES" " VALUES"
" (%ld,NOW(),'%s','N')", " (%ld,NOW(),'%s','N')",
CrsCod,TagTxt); CrsCod,TagTxt);
return DB_QueryINSERTandReturnCode (Query,"can not create new tag"); return DB_QueryINSERTandReturnCode_new ("can not create new tag");
} }
/*****************************************************************************/ /*****************************************************************************/
@ -6596,7 +6594,6 @@ static void Tst_InsertOrUpdateQstIntoDB (void)
static void Tst_InsertTagsIntoDB (void) static void Tst_InsertTagsIntoDB (void)
{ {
char Query[256];
unsigned NumTag; unsigned NumTag;
unsigned TagIdx; unsigned TagIdx;
long TagCod; long TagCod;
@ -6613,12 +6610,12 @@ static void Tst_InsertTagsIntoDB (void)
TagCod = Tst_CreateNewTag (Gbl.CurrentCrs.Crs.CrsCod,Gbl.Test.Tags.Txt[NumTag]); TagCod = Tst_CreateNewTag (Gbl.CurrentCrs.Crs.CrsCod,Gbl.Test.Tags.Txt[NumTag]);
/***** Insert tag in tst_question_tags *****/ /***** Insert tag in tst_question_tags *****/
sprintf (Query,"INSERT INTO tst_question_tags" DB_BuildQuery ("INSERT INTO tst_question_tags"
" (QstCod,TagCod,TagInd)" " (QstCod,TagCod,TagInd)"
" VALUES" " VALUES"
" (%ld,%ld,%u)", " (%ld,%ld,%u)",
Gbl.Test.QstCod,TagCod,TagIdx); Gbl.Test.QstCod,TagCod,TagIdx);
DB_QueryINSERT (Query,"can not create tag"); DB_QueryINSERT_new ("can not create tag");
TagIdx++; TagIdx++;
} }
@ -6646,14 +6643,14 @@ static void Tst_InsertAnswersIntoDB (void)
switch (Gbl.Test.AnswerType) switch (Gbl.Test.AnswerType)
{ {
case Tst_ANS_INT: case Tst_ANS_INT:
sprintf (Query,"INSERT INTO tst_answers" DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback," " (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)" "ImageName,ImageTitle,ImageURL,Correct)"
" VALUES" " VALUES"
" (%ld,0,%ld,'','','','','Y')", " (%ld,0,%ld,'','','','','Y')",
Gbl.Test.QstCod, Gbl.Test.QstCod,
Gbl.Test.Answer.Integer); Gbl.Test.Answer.Integer);
DB_QueryINSERT (Query,"can not create answer"); DB_QueryINSERT_new ("can not create answer");
break; break;
case Tst_ANS_FLOAT: case Tst_ANS_FLOAT:
Str_SetDecimalPointToUS (); // To print the floating point as a dot Str_SetDecimalPointToUS (); // To print the floating point as a dot
@ -6661,26 +6658,26 @@ static void Tst_InsertAnswersIntoDB (void)
i < 2; i < 2;
i++) i++)
{ {
sprintf (Query,"INSERT INTO tst_answers" DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback," " (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)" "ImageName,ImageTitle,ImageURL,Correct)"
" VALUES" " VALUES"
" (%ld,%u,'%lg','','','','','Y')", " (%ld,%u,'%lg','','','','','Y')",
Gbl.Test.QstCod,i, Gbl.Test.QstCod,i,
Gbl.Test.Answer.FloatingPoint[i]); Gbl.Test.Answer.FloatingPoint[i]);
DB_QueryINSERT (Query,"can not create answer"); DB_QueryINSERT_new ("can not create answer");
} }
Str_SetDecimalPointToLocal (); // Return to local system Str_SetDecimalPointToLocal (); // Return to local system
break; break;
case Tst_ANS_TRUE_FALSE: case Tst_ANS_TRUE_FALSE:
sprintf (Query,"INSERT INTO tst_answers" DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback," " (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)" "ImageName,ImageTitle,ImageURL,Correct)"
" VALUES" " VALUES"
" (%ld,0,'%c','','','','','Y')", " (%ld,0,'%c','','','','','Y')",
Gbl.Test.QstCod, Gbl.Test.QstCod,
Gbl.Test.Answer.TF); Gbl.Test.Answer.TF);
DB_QueryINSERT (Query,"can not create answer"); DB_QueryINSERT_new ("can not create answer");
break; break;
case Tst_ANS_UNIQUE_CHOICE: case Tst_ANS_UNIQUE_CHOICE:
case Tst_ANS_MULTIPLE_CHOICE: case Tst_ANS_MULTIPLE_CHOICE:
@ -6690,20 +6687,20 @@ static void Tst_InsertAnswersIntoDB (void)
NumOpt++) NumOpt++)
if (Gbl.Test.Answer.Options[NumOpt].Text[0]) if (Gbl.Test.Answer.Options[NumOpt].Text[0])
{ {
sprintf (Query,"INSERT INTO tst_answers" DB_BuildQuery ("INSERT INTO tst_answers"
" (QstCod,AnsInd,Answer,Feedback," " (QstCod,AnsInd,Answer,Feedback,"
"ImageName,ImageTitle,ImageURL,Correct)" "ImageName,ImageTitle,ImageURL,Correct)"
" VALUES" " VALUES"
" (%ld,%u,'%s','%s','%s','%s','%s','%c')", " (%ld,%u,'%s','%s','%s','%s','%s','%c')",
Gbl.Test.QstCod,NumOpt, Gbl.Test.QstCod,NumOpt,
Gbl.Test.Answer.Options[NumOpt].Text, Gbl.Test.Answer.Options[NumOpt].Text,
Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "", Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "",
Gbl.Test.Answer.Options[NumOpt].Image.Name, Gbl.Test.Answer.Options[NumOpt].Image.Name,
Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "", Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "",
Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "", Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "",
Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' : Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' :
'N'); 'N');
DB_QueryINSERT (Query,"can not create answer"); DB_QueryINSERT_new ("can not create answer");
/* Update image status */ /* Update image status */
if (Gbl.Test.Answer.Options[NumOpt].Image.Name[0]) if (Gbl.Test.Answer.Options[NumOpt].Image.Name[0])
@ -7538,19 +7535,17 @@ void Tst_SelDatesToSeeMyTestResults (void)
static long Tst_CreateTestResultInDB (void) static long Tst_CreateTestResultInDB (void)
{ {
char Query[256];
/***** Insert new test result into table *****/ /***** Insert new test result into table *****/
sprintf (Query,"INSERT INTO tst_exams" DB_BuildQuery ("INSERT INTO tst_exams"
" (CrsCod,UsrCod,AllowTeachers,TstTime,NumQsts)" " (CrsCod,UsrCod,AllowTeachers,TstTime,NumQsts)"
" VALUES" " VALUES"
" (%ld,%ld,'%c',NOW(),%u)", " (%ld,%ld,'%c',NOW(),%u)",
Gbl.CurrentCrs.Crs.CrsCod, Gbl.CurrentCrs.Crs.CrsCod,
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
Gbl.Test.AllowTeachers ? 'Y' : Gbl.Test.AllowTeachers ? 'Y' :
'N', 'N',
Gbl.Test.NumQsts); Gbl.Test.NumQsts);
return DB_QueryINSERTandReturnCode (Query,"can not create new test result"); return DB_QueryINSERTandReturnCode_new ("can not create new test result");
} }
/*****************************************************************************/ /*****************************************************************************/
@ -8440,9 +8435,6 @@ static void Tst_GetTestResultDataByTstCod (long TstCod,time_t *TstTimeUTC,
static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQst,double Score) static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQst,double Score)
{ {
char Query[256 +
Tst_MAX_BYTES_INDEXES_ONE_QST +
Tst_MAX_BYTES_ANSWERS_ONE_QST];
char Indexes[Tst_MAX_BYTES_INDEXES_ONE_QST + 1]; char Indexes[Tst_MAX_BYTES_INDEXES_ONE_QST + 1];
char Answers[Tst_MAX_BYTES_ANSWERS_ONE_QST + 1]; char Answers[Tst_MAX_BYTES_ANSWERS_ONE_QST + 1];
@ -8453,17 +8445,17 @@ static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQ
/***** Insert question and user's answers into database *****/ /***** Insert question and user's answers into database *****/
Str_SetDecimalPointToUS (); // To print the floating point as a dot Str_SetDecimalPointToUS (); // To print the floating point as a dot
sprintf (Query,"INSERT INTO tst_exam_questions" DB_BuildQuery ("INSERT INTO tst_exam_questions"
" (TstCod,QstCod,QstInd,Score,Indexes,Answers)" " (TstCod,QstCod,QstInd,Score,Indexes,Answers)"
" VALUES" " VALUES"
" (%ld,%ld,%u,'%lf','%s','%s')", " (%ld,%ld,%u,'%lf','%s','%s')",
TstCod,QstCod, TstCod,QstCod,
NumQst, // 0, 1, 2, 3... NumQst, // 0, 1, 2, 3...
Score, Score,
Indexes, Indexes,
Answers); Answers);
Str_SetDecimalPointToLocal (); // Return to local system Str_SetDecimalPointToLocal (); // Return to local system
DB_QueryINSERT (Query,"can not insert a question of a test result"); DB_QueryINSERT_new ("can not insert a question of a test result");
} }
/*****************************************************************************/ /*****************************************************************************/

16
swad_user.c
View File

@ -3380,19 +3380,17 @@ void Usr_UpdateMyLastData (void)
static void Usr_InsertMyLastData (void) static void Usr_InsertMyLastData (void)
{ {
char Query[256];
/***** Insert my last accessed course, tab and time of click in database *****/ /***** Insert my last accessed course, tab and time of click in database *****/
sprintf (Query,"INSERT INTO usr_last" DB_BuildQuery ("INSERT INTO usr_last"
" (UsrCod,WhatToSearch,LastCrs,LastTab,LastTime,LastAccNotif)" " (UsrCod,WhatToSearch,LastCrs,LastTab,LastTime,LastAccNotif)"
" VALUES" " VALUES"
" (%ld,%u,%ld,%u,NOW(),FROM_UNIXTIME(%ld))", " (%ld,%u,%ld,%u,NOW(),FROM_UNIXTIME(%ld))",
Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod,
(unsigned) Sch_SEARCH_ALL, (unsigned) Sch_SEARCH_ALL,
Gbl.CurrentCrs.Crs.CrsCod, Gbl.CurrentCrs.Crs.CrsCod,
(unsigned) Gbl.Action.Tab, (unsigned) Gbl.Action.Tab,
(long) (time_t) 0); // The user never accessed to notifications (long) (time_t) 0); // The user never accessed to notifications
DB_QueryINSERT (Query,"can not insert last user's data"); DB_QueryINSERT_new ("can not insert last user's data");
} }
/*****************************************************************************/ /*****************************************************************************/

33
swad_web_service.c
View File

@ -447,7 +447,6 @@ static int Svc_GenerateNewWSKey (long UsrCod,
char WSKey[Svc_BYTES_WS_KEY + 1]) char WSKey[Svc_BYTES_WS_KEY + 1])
{ {
int ReturnCode; int ReturnCode;
char Query[512];
/***** Remove expired web service keys *****/ /***** Remove expired web service keys *****/
if ((ReturnCode = Svc_RemoveOldWSKeys ()) != SOAP_OK) if ((ReturnCode = Svc_RemoveOldWSKeys ()) != SOAP_OK)
@ -458,20 +457,19 @@ static int Svc_GenerateNewWSKey (long UsrCod,
Svc_BYTES_WS_KEY); Svc_BYTES_WS_KEY);
/***** Check that key does not exist in database *****/ /***** Check that key does not exist in database *****/
sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'", DB_BuildQuery ("SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'",WSKey);
WSKey); if (DB_QueryCOUNT_new ("can not get existence of key"))
if (DB_QueryCOUNT (Query,"can not get existence of key"))
return soap_receiver_fault (Gbl.soap, return soap_receiver_fault (Gbl.soap,
"Error when generating key", "Error when generating key",
"Generated key already existed in database"); "Generated key already existed in database");
/***** Insert key into database *****/ /***** Insert key into database *****/
sprintf (Query,"INSERT INTO ws_keys" DB_BuildQuery ("INSERT INTO ws_keys"
" (WSKey,UsrCod,PlgCod,LastTime)" " (WSKey,UsrCod,PlgCod,LastTime)"
" VALUES" " VALUES"
" ('%s',%ld,%ld,NOW())", " ('%s',%ld,%ld,NOW())",
WSKey,UsrCod,Gbl.WebService.PlgCod); WSKey,UsrCod,Gbl.WebService.PlgCod);
DB_QueryINSERT (Query,"can not insert new key"); DB_QueryINSERT_new ("can not insert new key");
return SOAP_OK; return SOAP_OK;
} }
@ -3446,7 +3444,6 @@ int swad__sendNotice (struct soap *soap,
struct swad__sendNoticeOutput *sendNoticeOut) // output struct swad__sendNoticeOutput *sendNoticeOut) // output
{ {
int ReturnCode; int ReturnCode;
char Query[512 + Cns_MAX_BYTES_TEXT];
long NotCod; long NotCod;
/***** Initializations *****/ /***** Initializations *****/
@ -3486,15 +3483,15 @@ int swad__sendNotice (struct soap *soap,
/***** Insert notice in the database *****/ /***** Insert notice in the database *****/
/* Build query */ /* Build query */
sprintf (Query,"INSERT INTO notices" DB_BuildQuery ("INSERT INTO notices"
" (CrsCod,UsrCod,CreatTime,Content,Status)" " (CrsCod,UsrCod,CreatTime,Content,Status)"
" VALUES" " VALUES"
" (%ld,%ld,NOW(),'%s',%u)", " (%ld,%ld,NOW(),'%s',%u)",
Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod,
body,(unsigned) Not_ACTIVE_NOTICE); body,(unsigned) Not_ACTIVE_NOTICE);
/* Get the code of the inserted item */ /* Get the code of the inserted item */
NotCod = DB_QueryINSERTandReturnCode (Query,"can not create message"); NotCod = DB_QueryINSERTandReturnCode_new ("can not create message");
/***** Create notifications *****/ /***** Create notifications *****/
// TODO: create notifications // TODO: create notifications
@ -4076,10 +4073,8 @@ int swad__getTrivialQuestion (struct soap *soap,
/* /*
if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543) if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543)
{ {
char QueryDebug[512 * 1024]; DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees);
DB_QueryINSERT_new ("Error inserting in debug table");
sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees);
DB_QueryINSERT (QueryDebug,"Error inserting in debug table");
} }
*/ */
while (*Ptr) while (*Ptr)
@ -4154,10 +4149,8 @@ int swad__getTrivialQuestion (struct soap *soap,
/* /*
if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543) if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543)
{ {
char QueryDebug[512 * 1024]; DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')");
DB_QueryINSERT_new ("Error inserting in debug table");
sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')");
DB_QueryINSERT (QueryDebug,"Error inserting in debug table");
} }
*/ */
/* Get next question */ /* Get next question */