diff --git a/swad_changelog.h b/swad_changelog.h index ce9caee34..716506d77 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -355,10 +355,11 @@ En OpenSWAD: ps2pdf source.ps destination.pdf */ -#define Log_PLATFORM_VERSION "SWAD 18.7.33 (2018-10-22)" +#define Log_PLATFORM_VERSION "SWAD 18.7.34 (2018-10-22)" #define CSS_FILE "swad18.4.css" #define JS_FILE "swad17.17.1.js" /* + Version 18.7.34: Oct 22, 2018 Some sprintf for database queries changed by asprintf. (237814lines) Version 18.7.33: Oct 22, 2018 Some sprintf for database queries changed by asprintf. (237796 lines) Version 18.7.32: Oct 22, 2018 Some sprintf for database queries changed by asprintf. (237786 lines) Version 18.7.31: Oct 22, 2018 Some sprintf for database queries changed by asprintf. (237765 lines) diff --git a/swad_mail.c b/swad_mail.c index 05e54667c..ab67809bb 100644 --- a/swad_mail.c +++ b/swad_mail.c @@ -25,7 +25,9 @@ /********************************* Headers ***********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For NULL +#include // For asprintf #include // For calloc #include // For string functions #include // For the macro WEXITSTATUS @@ -216,7 +218,7 @@ void Mai_EditMailDomains (void) static void Mai_GetListMailDomainsAllowedForNotif (void) { char OrderBySubQuery[256]; - char Query[1024]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -228,19 +230,19 @@ static void Mai_GetListMailDomainsAllowedForNotif (void) // ...because a unique temporary table can not be used twice in the same query /***** Create temporary table with all the mail domains present in users' emails table *****/ - sprintf (Query,"DROP TEMPORARY TABLE IF EXISTS T1,T2"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not remove temporary tables"); + if (asprintf (&Query,"DROP TEMPORARY TABLE IF EXISTS T1,T2") < 0) + Lay_NotEnoughMemoryExit (); + DB_Query_free (Query,"can not remove temporary tables"); - sprintf (Query,"CREATE TEMPORARY TABLE T1 ENGINE=MEMORY" - " SELECT SUBSTRING_INDEX(E_mail,'@',-1) AS Domain,COUNT(*) as N" - " FROM usr_emails GROUP BY Domain"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + if (asprintf (&Query,"CREATE TEMPORARY TABLE T1 ENGINE=MEMORY" + " SELECT SUBSTRING_INDEX(E_mail,'@',-1) AS Domain,COUNT(*) as N" + " FROM usr_emails GROUP BY Domain") < 0) + Lay_NotEnoughMemoryExit (); + DB_Query_free (Query,"can not create temporary table"); - sprintf (Query,"CREATE TEMPORARY TABLE T2 ENGINE=MEMORY SELECT * FROM T1"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + if (asprintf (&Query,"CREATE TEMPORARY TABLE T2 ENGINE=MEMORY SELECT * FROM T1") < 0) + Lay_NotEnoughMemoryExit (); + DB_Query_free (Query,"can not create temporary table"); /***** Get mail domains from database *****/ switch (Gbl.Mails.SelectedOrder) @@ -255,17 +257,18 @@ static void Mai_GetListMailDomainsAllowedForNotif (void) sprintf (OrderBySubQuery,"N DESC,Info,Domain"); break; } - sprintf (Query,"(SELECT mail_domains.MaiCod,mail_domains.Domain AS Domain,mail_domains.Info AS Info,T1.N AS N" - " FROM mail_domains,T1" - " WHERE mail_domains.Domain=T1.Domain COLLATE 'latin1_bin')" - " UNION " - "(SELECT MaiCod,Domain,Info,0 AS N" - " FROM mail_domains" - " WHERE Domain NOT IN (SELECT Domain COLLATE 'latin1_bin' FROM T2))" - " ORDER BY %s", // COLLATE necessary to avoid error in comparisons - OrderBySubQuery); + if (asprintf (&Query,"(SELECT mail_domains.MaiCod,mail_domains.Domain AS Domain,mail_domains.Info AS Info,T1.N AS N" + " FROM mail_domains,T1" + " WHERE mail_domains.Domain=T1.Domain COLLATE 'latin1_bin')" + " UNION " + "(SELECT MaiCod,Domain,Info,0 AS N" + " FROM mail_domains" + " WHERE Domain NOT IN (SELECT Domain COLLATE 'latin1_bin' FROM T2))" + " ORDER BY %s", // COLLATE necessary to avoid error in comparisons + OrderBySubQuery) < 0) + Lay_NotEnoughMemoryExit (); - if ((NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get mail domains"))) // Mail domains found... + if ((NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get mail domains"))) // Mail domains found... { Gbl.Mails.Num = (unsigned) NumRows; @@ -307,9 +310,9 @@ static void Mai_GetListMailDomainsAllowedForNotif (void) DB_FreeMySQLResult (&mysql_res); /***** Drop temporary table *****/ - sprintf (Query,"DROP TEMPORARY TABLE IF EXISTS T1,T2"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not remove temporary tables"); + if (asprintf (&Query,"DROP TEMPORARY TABLE IF EXISTS T1,T2") < 0) + Lay_NotEnoughMemoryExit (); + DB_Query_free (Query,"can not remove temporary tables"); } /*****************************************************************************/ @@ -355,12 +358,13 @@ static void Mai_GetMailDomain (const char *Email,char MailDomain[Cns_MAX_BYTES_E static bool Mai_CheckIfMailDomainIsAllowedForNotif (const char MailDomain[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]) { - char Query[128 + Cns_MAX_BYTES_EMAIL_ADDRESS]; + char *Query; /***** Get number of mail_domains with a name from database *****/ - sprintf (Query,"SELECT COUNT(*) FROM mail_domains WHERE Domain='%s'", - MailDomain); - return (DB_QueryCOUNT (Query,"can not check if a mail domain is allowed for notifications") != 0); + if (asprintf (&Query,"SELECT COUNT(*) FROM mail_domains WHERE Domain='%s'", + MailDomain) < 0) + Lay_NotEnoughMemoryExit (); + return (DB_QueryCOUNT_free (Query,"can not check if a mail domain is allowed for notifications") != 0); } /*****************************************************************************/ @@ -392,7 +396,7 @@ void Mai_WriteWarningEmailNotifications (void) void Mai_GetDataOfMailDomainByCod (struct Mail *Mai) { - char Query[128]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -404,9 +408,10 @@ void Mai_GetDataOfMailDomainByCod (struct Mail *Mai) if (Mai->MaiCod > 0) { /***** Get data of a mail domain from database *****/ - sprintf (Query,"SELECT Domain,Info FROM mail_domains WHERE MaiCod=%ld", - Mai->MaiCod); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get data of a mail domain"); + if (asprintf (&Query,"SELECT Domain,Info FROM mail_domains WHERE MaiCod=%ld", + Mai->MaiCod) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get data of a mail domain"); if (NumRows) // Mail found... { @@ -544,7 +549,7 @@ long Mai_GetParamMaiCod (void) void Mai_RemoveMailDomain (void) { extern const char *Txt_Email_domain_X_removed; - char Query[128]; + char *Query; struct Mail Mai; /***** Get mail code *****/ @@ -555,9 +560,10 @@ void Mai_RemoveMailDomain (void) Mai_GetDataOfMailDomainByCod (&Mai); /***** Remove mail *****/ - sprintf (Query,"DELETE FROM mail_domains WHERE MaiCod=%ld", - Mai.MaiCod); - DB_QueryDELETE (Query,"can not remove a mail domain"); + if (asprintf (&Query,"DELETE FROM mail_domains WHERE MaiCod=%ld", + Mai.MaiCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryDELETE_free (Query,"can not remove a mail domain"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -690,13 +696,14 @@ static void Mai_RenameMailDomain (Cns_ShrtOrFullName_t ShrtOrFullName) static bool Mai_CheckIfMailDomainNameExists (const char *FieldName,const char *Name,long MaiCod) { - char Query[256 + Mai_MAX_BYTES_MAIL_INFO]; + char *Query; /***** Get number of mail_domains with a name from database *****/ - sprintf (Query,"SELECT COUNT(*) FROM mail_domains" - " WHERE %s='%s' AND MaiCod<>%ld", - FieldName,Name,MaiCod); - return (DB_QueryCOUNT (Query,"can not check if the name of a mail domain already existed") != 0); + if (asprintf (&Query,"SELECT COUNT(*) FROM mail_domains" + " WHERE %s='%s' AND MaiCod<>%ld", + FieldName,Name,MaiCod) < 0) + Lay_NotEnoughMemoryExit (); + return (DB_QueryCOUNT_free (Query,"can not check if the name of a mail domain already existed") != 0); } /*****************************************************************************/ @@ -705,12 +712,13 @@ static bool Mai_CheckIfMailDomainNameExists (const char *FieldName,const char *N static void Mai_UpdateMailDomainNameDB (long MaiCod,const char *FieldName,const char *NewMaiName) { - char Query[128 + Mai_MAX_BYTES_MAIL_INFO]; + char *Query; /***** Update mail domain changing old name by new name */ - sprintf (Query,"UPDATE mail_domains SET %s='%s' WHERE MaiCod=%ld", - FieldName,NewMaiName,MaiCod); - DB_QueryUPDATE (Query,"can not update the name of a mail domain"); + if (asprintf (&Query,"UPDATE mail_domains SET %s='%s' WHERE MaiCod=%ld", + FieldName,NewMaiName,MaiCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the name of a mail domain"); } /*****************************************************************************/ @@ -856,17 +864,16 @@ void Mai_RecFormNewMailDomain (void) static void Mai_CreateMailDomain (struct Mail *Mai) { extern const char *Txt_Created_new_email_domain_X; - char Query[128 + - Cns_MAX_BYTES_EMAIL_ADDRESS + - Mai_MAX_BYTES_MAIL_INFO]; + char *Query; /***** Create a new mail *****/ - sprintf (Query,"INSERT INTO mail_domains" - " (Domain,Info)" - " VALUES" - " ('%s','%s')", - Mai->Domain,Mai->Info); - DB_QueryINSERT (Query,"can not create mail domain"); + if (asprintf (&Query,"INSERT INTO mail_domains" + " (Domain,Info)" + " VALUES" + " ('%s','%s')", + Mai->Domain,Mai->Info) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryINSERT_free (Query,"can not create mail domain"); /***** Write success message *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -1069,17 +1076,18 @@ bool Mai_CheckIfEmailIsValid (const char *Email) bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat) { - char Query[256]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; bool Found; /***** Get current (last updated) user's nickname from database *****/ - sprintf (Query,"SELECT E_mail,Confirmed FROM usr_emails" - " WHERE UsrCod=%ld ORDER BY CreatTime DESC LIMIT 1", - UsrDat->UsrCod); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get email address"); + if (asprintf (&Query,"SELECT E_mail,Confirmed FROM usr_emails" + " WHERE UsrCod=%ld ORDER BY CreatTime DESC LIMIT 1", + UsrDat->UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get email address"); if (NumRows == 0) { @@ -1110,7 +1118,7 @@ bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat) long Mai_GetUsrCodFromEmail (const char Email[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]) { - char Query[512 + Cns_MAX_BYTES_EMAIL_ADDRESS]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumUsrs; @@ -1121,11 +1129,12 @@ long Mai_GetUsrCodFromEmail (const char Email[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]) { /***** Get user's code from database *****/ /* Check if user code from table usr_emails is also in table usr_data */ - sprintf (Query,"SELECT usr_emails.UsrCod FROM usr_emails,usr_data" - " WHERE usr_emails.E_mail='%s'" - " AND usr_emails.UsrCod=usr_data.UsrCod", - Email); - NumUsrs = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get user's code"); + if (asprintf (&Query,"SELECT usr_emails.UsrCod FROM usr_emails,usr_data" + " WHERE usr_emails.E_mail='%s'" + " AND usr_emails.UsrCod=usr_data.UsrCod", + Email) < 0) + Lay_NotEnoughMemoryExit (); + NumUsrs = (unsigned) DB_QuerySELECT_free (Query,&mysql_res,"can not get user's code"); if (NumUsrs == 0) /* User not found for this email ==> set user's code to void */ UsrCod = -1L; @@ -1231,7 +1240,7 @@ static void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe, extern const char *Txt_Email; extern const char *Txt_Change_email; extern const char *Txt_Save; - char Query[256]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumEmails; @@ -1250,11 +1259,12 @@ static void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe, Ale_ShowAlert (Ale_WARNING,Txt_Please_confirm_your_email_address); /***** Get my emails *****/ - sprintf (Query,"SELECT E_mail,Confirmed FROM usr_emails" - " WHERE UsrCod=%ld" - " ORDER BY CreatTime DESC", - UsrDat->UsrCod); - NumEmails = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get old email addresses of a user"); + if (asprintf (&Query,"SELECT E_mail,Confirmed FROM usr_emails" + " WHERE UsrCod=%ld" + " ORDER BY CreatTime DESC", + UsrDat->UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + NumEmails = (unsigned) DB_QuerySELECT_free (Query,&mysql_res,"can not get old email addresses of a user"); /***** Start table *****/ Tbl_StartTableWide (2); @@ -1498,13 +1508,14 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat) static void Mai_RemoveEmailFromDB (long UsrCod,const char Email[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]) { - char Query[256 + Cns_MAX_BYTES_EMAIL_ADDRESS]; + char *Query; /***** Remove an old email address *****/ - sprintf (Query,"DELETE FROM usr_emails" - " WHERE UsrCod=%ld AND E_mail='%s'", - UsrCod,Email); - DB_QueryREPLACE (Query,"can not remove an old email address"); + if (asprintf (&Query,"DELETE FROM usr_emails" + " WHERE UsrCod=%ld AND E_mail='%s'", + UsrCod,Email) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryREPLACE_free (Query,"can not remove an old email address"); } /*****************************************************************************/ @@ -1634,35 +1645,39 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe) bool Mai_UpdateEmailInDB (const struct UsrData *UsrDat,const char NewEmail[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]) { - char Query[256 + Cns_MAX_BYTES_EMAIL_ADDRESS]; + char *Query; /***** Check if the new email matches any of the confirmed emails of other users *****/ - sprintf (Query,"SELECT COUNT(*) FROM usr_emails" - " WHERE E_mail='%s' AND Confirmed='Y'" - " AND UsrCod<>%ld", - NewEmail,UsrDat->UsrCod); - if (DB_QueryCOUNT (Query,"can not check if email already existed")) // An email of another user is the same that my email + if (asprintf (&Query,"SELECT COUNT(*) FROM usr_emails" + " WHERE E_mail='%s' AND Confirmed='Y'" + " AND UsrCod<>%ld", + NewEmail,UsrDat->UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + if (DB_QueryCOUNT_free (Query,"can not check if email already existed")) // An email of another user is the same that my email return false; // Don't update /***** Delete email (not confirmed) for other users *****/ - sprintf (Query,"DELETE FROM pending_emails" - " WHERE E_mail='%s' AND UsrCod<>%ld", - NewEmail,UsrDat->UsrCod); - DB_QueryDELETE (Query,"can not remove pending email for other users"); + if (asprintf (&Query,"DELETE FROM pending_emails" + " WHERE E_mail='%s' AND UsrCod<>%ld", + NewEmail,UsrDat->UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryDELETE_free (Query,"can not remove pending email for other users"); - sprintf (Query,"DELETE FROM usr_emails" - " WHERE E_mail='%s' AND Confirmed='N'" - " AND UsrCod<>%ld", - NewEmail,UsrDat->UsrCod); - DB_QueryDELETE (Query,"can not remove not confirmed email for other users"); + if (asprintf (&Query,"DELETE FROM usr_emails" + " WHERE E_mail='%s' AND Confirmed='N'" + " AND UsrCod<>%ld", + NewEmail,UsrDat->UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryDELETE_free (Query,"can not remove not confirmed email for other users"); /***** Update email in database *****/ - sprintf (Query,"REPLACE INTO usr_emails" - " (UsrCod,E_mail,CreatTime)" - " VALUES" - " (%ld,'%s',NOW())", - UsrDat->UsrCod,NewEmail); - DB_QueryREPLACE (Query,"can not update email"); + if (asprintf (&Query,"REPLACE INTO usr_emails" + " (UsrCod,E_mail,CreatTime)" + " VALUES" + " (%ld,'%s',NOW())", + UsrDat->UsrCod,NewEmail) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryREPLACE_free (Query,"can not update email"); return true; // Successfully updated } @@ -1781,25 +1796,25 @@ bool Mai_SendMailMsgToConfirmEmail (void) static void Mai_InsertMailKey (const char Email[Cns_MAX_BYTES_EMAIL_ADDRESS + 1], const char MailKey[Mai_LENGTH_EMAIL_CONFIRM_KEY + 1]) { - char Query[256 + - Cns_MAX_BYTES_EMAIL_ADDRESS + - Mai_LENGTH_EMAIL_CONFIRM_KEY]; + char *Query; /***** Remove expired pending emails from database *****/ - sprintf (Query,"DELETE FROM pending_emails" - " WHERE DateAndTimeHeader, - Marks->Footer); - DB_QueryINSERT (Query,"can not add properties of marks to database"); + if (asprintf (&Query,"INSERT INTO marks_properties" + " (FilCod,%s,%s)" + " VALUES" + " (%ld,%u,%u)", + Mrk_HeadOrFootStr[Brw_HEADER], + Mrk_HeadOrFootStr[Brw_FOOTER], + FilCod, + Marks->Header, + Marks->Footer) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryINSERT_free (Query,"can not add properties of marks to database"); } /*****************************************************************************/ @@ -189,7 +190,7 @@ static void Mrk_GetNumRowsHeaderAndFooter (struct MarksProperties *Marks) { extern const Brw_FileBrowser_t Brw_FileBrowserForDB_files[Brw_NUM_TYPES_FILE_BROWSER]; long Cod = Brw_GetCodForFiles (); - char Query[512 + PATH_MAX]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -198,17 +199,18 @@ static void Mrk_GetNumRowsHeaderAndFooter (struct MarksProperties *Marks) /* There should be a single file in database. If, due to an error, there is more than one file, get the number of rows of the more recent file. */ - sprintf (Query,"SELECT marks_properties.%s,marks_properties.%s" - " FROM files,marks_properties" - " WHERE files.FileBrowser=%u AND files.Cod=%ld AND files.Path='%s'" - " AND files.FilCod=marks_properties.FilCod" - " ORDER BY files.FilCod DESC LIMIT 1", // On duplicate entries, get the more recent - Mrk_HeadOrFootStr[Brw_HEADER], - Mrk_HeadOrFootStr[Brw_FOOTER], - (unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type], - Cod, - Gbl.FileBrowser.Priv.FullPathInTree); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get the number of rows in header and footer"); + if (asprintf (&Query,"SELECT marks_properties.%s,marks_properties.%s" + " FROM files,marks_properties" + " WHERE files.FileBrowser=%u AND files.Cod=%ld AND files.Path='%s'" + " AND files.FilCod=marks_properties.FilCod" + " ORDER BY files.FilCod DESC LIMIT 1", // On duplicate entries, get the more recent + Mrk_HeadOrFootStr[Brw_HEADER], + Mrk_HeadOrFootStr[Brw_FOOTER], + (unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type], + Cod, + Gbl.FileBrowser.Priv.FullPathInTree) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get the number of rows in header and footer"); /***** The result of the query must have only one row *****/ if (NumRows == 1) @@ -260,7 +262,7 @@ static void Mrk_ChangeNumRowsHeaderOrFooter (Brw_HeadOrFoot_t HeaderOrFooter) extern const char *Txt_The_number_of_rows_is_now_X; char UnsignedStr[10 + 1]; long Cod; - char Query[512 + PATH_MAX]; + char *Query; unsigned NumRows; /***** Get parameters related to file browser *****/ @@ -272,15 +274,16 @@ static void Mrk_ChangeNumRowsHeaderOrFooter (Brw_HeadOrFoot_t HeaderOrFooter) { /***** Update properties of marks in the database *****/ Cod = Brw_GetCodForFiles (); - sprintf (Query,"UPDATE marks_properties,files" - " SET marks_properties.%s=%u" - " WHERE files.FileBrowser=%u AND files.Cod=%ld AND files.Path='%s'" - " AND files.FilCod=marks_properties.FilCod", - Mrk_HeadOrFootStr[HeaderOrFooter],NumRows, - (unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type], - Cod, - Gbl.FileBrowser.Priv.FullPathInTree); - DB_QueryUPDATE (Query,"can not update properties of marks"); + if (asprintf (&Query,"UPDATE marks_properties,files" + " SET marks_properties.%s=%u" + " WHERE files.FileBrowser=%u AND files.Cod=%ld AND files.Path='%s'" + " AND files.FilCod=marks_properties.FilCod", + Mrk_HeadOrFootStr[HeaderOrFooter],NumRows, + (unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type], + Cod, + Gbl.FileBrowser.Priv.FullPathInTree) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update properties of marks"); /***** Write message of success *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -728,13 +731,12 @@ void Mrk_ShowMyMarks (void) /*****************************************************************************/ /******************** Put my marks into a notification ***********************/ /*****************************************************************************/ -// This function may be called inside a web service, so don't report error void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], char **ContentStr, long MrkCod,long UsrCod,bool GetContent) { - char Query[512]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; struct UsrData UsrDat; @@ -760,6 +762,7 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], char *Ptr; SummaryStr[0] = '\0'; // Return nothing on error + // This function may be called inside a web service, so don't report error /***** Initialize structure with user's data *****/ Usr_UsrDataConstructor (&UsrDat); @@ -769,145 +772,142 @@ void Mrk_GetNotifMyMarks (char SummaryStr[Ntf_MAX_BYTES_SUMMARY + 1], ID_GetListIDsFromUsrCod (&UsrDat); /***** Get subject of message from database *****/ - sprintf (Query,"SELECT files.FileBrowser,files.Cod,files.Path," - "marks_properties.Header,marks_properties.Footer" - " FROM files,marks_properties" - " WHERE files.FilCod=%ld" - " AND files.FilCod=marks_properties.FilCod", - MrkCod); - if (!mysql_query (&Gbl.mysql,Query)) - if ((mysql_res = mysql_store_result (&Gbl.mysql)) != NULL) - { - /***** Result should have a unique row *****/ - if (mysql_num_rows (mysql_res) == 1) - { - /***** Get data of this file of marks *****/ - row = mysql_fetch_row (mysql_res); + if (asprintf (&Query,"SELECT files.FileBrowser,files.Cod,files.Path," + "marks_properties.Header,marks_properties.Footer" + " FROM files,marks_properties" + " WHERE files.FilCod=%ld" + " AND files.FilCod=marks_properties.FilCod", + MrkCod) < 0) + Lay_NotEnoughMemoryExit (); + if (DB_QuerySELECT_free (Query,&mysql_res,"can not get the number of rows in header and footer") == 1) // Result should have a unique row + { + /***** Get data of this file of marks *****/ + row = mysql_fetch_row (mysql_res); - /* Get file browser type in database (row[0]) */ - FileBrowser = Brw_UNKNOWN; - if (sscanf (row[0],"%u",&UnsignedNum) == 1) - if (UnsignedNum < Brw_NUM_TYPES_FILE_BROWSER) - FileBrowser = (Brw_FileBrowser_t) UnsignedNum; + /* Get file browser type in database (row[0]) */ + FileBrowser = Brw_UNKNOWN; + if (sscanf (row[0],"%u",&UnsignedNum) == 1) + if (UnsignedNum < Brw_NUM_TYPES_FILE_BROWSER) + FileBrowser = (Brw_FileBrowser_t) UnsignedNum; - /* Course/group code (row[1]) */ - Cod = Str_ConvertStrCodToLongCod (row[1]); - Brw_GetCrsGrpFromFileMetadata (FileBrowser,Cod, - &InsCod,&CtrCod,&DegCod,&CrsCod,&GrpCod); + /* Course/group code (row[1]) */ + Cod = Str_ConvertStrCodToLongCod (row[1]); + Brw_GetCrsGrpFromFileMetadata (FileBrowser,Cod, + &InsCod,&CtrCod,&DegCod,&CrsCod,&GrpCod); - /* Path (row[2]) */ - Str_Copy (FullPathInTreeFromDBMarksTable,row[2], - PATH_MAX); - Str_SplitFullPathIntoPathAndFileName (FullPathInTreeFromDBMarksTable, - PathUntilFileName, - FileName); - Str_Copy (SummaryStr,FileName, - Cns_MAX_BYTES_TEXT); + /* Path (row[2]) */ + Str_Copy (FullPathInTreeFromDBMarksTable,row[2], + PATH_MAX); + Str_SplitFullPathIntoPathAndFileName (FullPathInTreeFromDBMarksTable, + PathUntilFileName, + FileName); + Str_Copy (SummaryStr,FileName, + Cns_MAX_BYTES_TEXT); - if (GetContent) - { - /* Header (row[3]) */ - if (sscanf (row[3],"%u",&(Marks.Header)) != 1) - Lay_ShowErrorAndExit ("Wrong number of header rows."); + if (GetContent) + { + /* Header (row[3]) */ + if (sscanf (row[3],"%u",&(Marks.Header)) != 1) + Lay_ShowErrorAndExit ("Wrong number of header rows."); - /* Footer (row[4]) */ - if (sscanf (row[4],"%u",&(Marks.Footer)) != 1) - Lay_ShowErrorAndExit ("Wrong number of footer rows."); + /* Footer (row[4]) */ + if (sscanf (row[4],"%u",&(Marks.Footer)) != 1) + Lay_ShowErrorAndExit ("Wrong number of footer rows."); - if (UsrDat.IDs.Num) - { - if (GrpCod > 0) - snprintf (PathMarks,sizeof (PathMarks), - "%s/%s/%ld/grp/%ld/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod,GrpCod, - FullPathInTreeFromDBMarksTable); - else - snprintf (PathMarks,sizeof (PathMarks), - "%s/%s/%ld/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, - FullPathInTreeFromDBMarksTable); + if (UsrDat.IDs.Num) + { + if (GrpCod > 0) + snprintf (PathMarks,sizeof (PathMarks), + "%s/%s/%ld/grp/%ld/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod,GrpCod, + FullPathInTreeFromDBMarksTable); + else + snprintf (PathMarks,sizeof (PathMarks), + "%s/%s/%ld/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_CRS,CrsCod, + FullPathInTreeFromDBMarksTable); - /***** Create temporal file to store my marks (in HTML) *****/ - /* If the private directory does not exist, create it */ - snprintf (PathMarksPriv,sizeof (PathMarksPriv), - "%s/%s", - Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); - Fil_CreateDirIfNotExists (PathMarksPriv); + /***** Create temporal file to store my marks (in HTML) *****/ + /* If the private directory does not exist, create it */ + snprintf (PathMarksPriv,sizeof (PathMarksPriv), + "%s/%s", + Cfg_PATH_SWAD_PRIVATE,Cfg_FOLDER_MARK); + Fil_CreateDirIfNotExists (PathMarksPriv); - /* First of all, we remove the oldest temporary files. - Such temporary files have been created by me or by other users. - This is a bit sloppy, but they must be removed by someone. - Here "oldest" means more than x time from their creation */ - Fil_RemoveOldTmpFiles (PathMarksPriv,Cfg_TIME_TO_DELETE_MARKS_TMP_FILES,false); + /* First of all, we remove the oldest temporary files. + Such temporary files have been created by me or by other users. + This is a bit sloppy, but they must be removed by someone. + Here "oldest" means more than x time from their creation */ + Fil_RemoveOldTmpFiles (PathMarksPriv,Cfg_TIME_TO_DELETE_MARKS_TMP_FILES,false); - /* Create a new temporary file *****/ - snprintf (FileNameUsrMarks,sizeof (FileNameUsrMarks), - "%s/%s.html", - PathMarksPriv,Gbl.UniqueNameEncrypted); - if ((FileUsrMarks = fopen (FileNameUsrMarks,"wb"))) - { - /***** Get user's marks *****/ - if (Mrk_GetUsrMarks (FileUsrMarks,&UsrDat,PathMarks,&Marks)) - { - SizeOfMyMarks = (size_t) ftell (FileUsrMarks); - fclose (FileUsrMarks); + /* Create a new temporary file *****/ + snprintf (FileNameUsrMarks,sizeof (FileNameUsrMarks), + "%s/%s.html", + PathMarksPriv,Gbl.UniqueNameEncrypted); + if ((FileUsrMarks = fopen (FileNameUsrMarks,"wb"))) + { + /***** Get user's marks *****/ + if (Mrk_GetUsrMarks (FileUsrMarks,&UsrDat,PathMarks,&Marks)) + { + SizeOfMyMarks = (size_t) ftell (FileUsrMarks); + fclose (FileUsrMarks); - Length = 9 + SizeOfMyMarks + 3; - if ((*ContentStr = (char *) malloc (Length + 1))) - { - /* 9 starting chars */ - Str_Copy (*ContentStr,"", - 3); - } - } - else - { - fclose (FileUsrMarks); - if (asprintf (ContentStr,"", - Gbl.Alert.Txt) < 0) - Lay_NotEnoughMemoryExit (); - } - } - else - { - Gbl.Alert.Type = Ale_WARNING; - Str_Copy (Gbl.Alert.Txt,"Can not open file of marks.", // TODO: Need translation! - Ale_MAX_BYTES_ALERT); - if (asprintf (ContentStr,"", - Gbl.Alert.Txt) < 0) - Lay_NotEnoughMemoryExit (); - } - unlink (FileNameUsrMarks); // File with marks is no longer necessary - } - else - { - Gbl.Alert.Type = Ale_WARNING; - Str_Copy (Gbl.Alert.Txt,"User's IDs not found!", // TODO: Need translation! - Ale_MAX_BYTES_ALERT); - if (asprintf (ContentStr,"", - Gbl.Alert.Txt) < 0) - Lay_NotEnoughMemoryExit (); - } - } - } + /* 3 ending chars */ + Str_Copy (Ptr,"]]>", + 3); + } + } + else + { + fclose (FileUsrMarks); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_NotEnoughMemoryExit (); + } + } + else + { + Gbl.Alert.Type = Ale_WARNING; + Str_Copy (Gbl.Alert.Txt,"Can not open file of marks.", // TODO: Need translation! + Ale_MAX_BYTES_ALERT); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_NotEnoughMemoryExit (); + } + unlink (FileNameUsrMarks); // File with marks is no longer necessary + } + else + { + Gbl.Alert.Type = Ale_WARNING; + Str_Copy (Gbl.Alert.Txt,"User's IDs not found!", // TODO: Need translation! + Ale_MAX_BYTES_ALERT); + if (asprintf (ContentStr,"", + Gbl.Alert.Txt) < 0) + Lay_NotEnoughMemoryExit (); + } + } + } - mysql_free_result (mysql_res); - } + /***** Free structure that stores the query result *****/ + DB_FreeMySQLResult (&mysql_res); /***** Free memory used for user's data *****/ Usr_UsrDataDestructor (&UsrDat);