diff --git a/sql/swad.sql b/sql/swad.sql index 2e0a14085..20fe57e7c 100644 --- a/sql/swad.sql +++ b/sql/swad.sql @@ -910,7 +910,7 @@ CREATE TABLE IF NOT EXISTS social_comments ( PubCod BIGINT NOT NULL, Content LONGTEXT NOT NULL, ImageName VARCHAR(43) NOT NULL, - ImageTitle VARCHAR(255) NOT NULL, + ImageTitle VARCHAR(2047) NOT NULL, ImageURL VARCHAR(255) NOT NULL, UNIQUE INDEX(PubCod), FULLTEXT(Content)) ENGINE = MYISAM; @@ -958,7 +958,7 @@ CREATE TABLE IF NOT EXISTS social_posts ( PstCod INT NOT NULL AUTO_INCREMENT, Content LONGTEXT NOT NULL, ImageName VARCHAR(43) NOT NULL, - ImageTitle VARCHAR(255) NOT NULL, + ImageTitle VARCHAR(2047) NOT NULL, ImageURL VARCHAR(255) NOT NULL, UNIQUE INDEX(PstCod), FULLTEXT(Content)) ENGINE = MYISAM; diff --git a/swad_account.c b/swad_account.c index b1fabd1c6..ad330e44d 100644 --- a/swad_account.c +++ b/swad_account.c @@ -552,7 +552,7 @@ bool Acc_CreateMyNewAccountAndLogIn (void) { char NewNicknameWithoutArroba[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1]; char NewEmail[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]; - char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char NewEncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; if (Acc_GetParamsNewAccount (NewNicknameWithoutArroba,NewEmail,NewEncryptedPassword)) { @@ -562,7 +562,7 @@ bool Acc_CreateMyNewAccountAndLogIn (void) /***** Set password to the password typed by the user *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); /***** User does not exist in the platform, so create him/her! *****/ Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat, @@ -966,7 +966,7 @@ void Acc_CompletelyEliminateAccount (struct UsrData *UsrDat, extern const char *Txt_Briefcase_of_THE_USER_X_has_been_removed; extern const char *Txt_Photo_of_THE_USER_X_has_been_removed; extern const char *Txt_Record_card_of_THE_USER_X_has_been_removed; - char Query[1024]; + char Query[128]; bool PhotoRemoved = false; /***** Remove the works zones of the user in all courses *****/ @@ -982,8 +982,7 @@ void Acc_CompletelyEliminateAccount (struct UsrData *UsrDat, Grp_RemUsrFromAllGrps (UsrDat,QuietOrVerbose); /***** Remove user's requests for inscription *****/ - sprintf (Query,"DELETE FROM crs_usr_requests" - " WHERE UsrCod='%ld'", + sprintf (Query,"DELETE FROM crs_usr_requests WHERE UsrCod='%ld'", UsrDat->UsrCod); DB_QueryDELETE (Query,"can not remove user's requests for inscription"); @@ -991,8 +990,7 @@ void Acc_CompletelyEliminateAccount (struct UsrData *UsrDat, Dup_RemoveUsrFromDuplicated (UsrDat->UsrCod); /***** Remove user from the table of courses and users *****/ - sprintf (Query,"DELETE FROM crs_usr" - " WHERE UsrCod='%ld'", + sprintf (Query,"DELETE FROM crs_usr WHERE UsrCod='%ld'", UsrDat->UsrCod); DB_QueryDELETE (Query,"can not remove a user from all courses"); @@ -1004,8 +1002,7 @@ void Acc_CompletelyEliminateAccount (struct UsrData *UsrDat, } /***** Remove user as administrator of any degree *****/ - sprintf (Query,"DELETE FROM admin" - " WHERE UsrCod='%ld'", + sprintf (Query,"DELETE FROM admin WHERE UsrCod='%ld'", UsrDat->UsrCod); DB_QueryDELETE (Query,"can not remove a user as administrator"); diff --git a/swad_action.c b/swad_action.c index 285f606b2..d32c76e27 100644 --- a/swad_action.c +++ b/swad_action.c @@ -4782,7 +4782,7 @@ static void Act_FormStartInternal (Act_Action_t NextAction,bool PutParameterLoca const char *Id,const char *Anchor,const char *OnSubmit) { extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; - char ParamsStr[256 + 256 + Ses_LENGTH_SESSION_ID + 256]; + char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256]; if (!Gbl.Form.Inside) { @@ -4818,12 +4818,12 @@ static void Act_FormStartInternal (Act_Action_t NextAction,bool PutParameterLoca } } -// Params should have space for 256 + 256 + Ses_LENGTH_SESSION_ID + 256 bytes +// Params should have space for 256 + 256 + Ses_BYTES_SESSION_ID + 256 bytes void Act_SetParamsForm (char *ParamsStr,Act_Action_t NextAction, bool PutParameterLocationIfNoSesion) { char ParamAction[256]; - char ParamSession[256 + Ses_LENGTH_SESSION_ID]; + char ParamSession[256 + Ses_BYTES_SESSION_ID]; char ParamLocation[256]; ParamAction[0] = '\0'; diff --git a/swad_attendance.c b/swad_attendance.c index 03396edda..20f3f864b 100644 --- a/swad_attendance.c +++ b/swad_attendance.c @@ -2282,7 +2282,8 @@ void Att_RegisterStudentsInAttEvent (void) Ptr = Gbl.Usrs.Select.Std; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrData.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrData.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrData); if (UsrData.UsrCod > 0) // Student exists in database /***** Mark student to not be removed *****/ @@ -2836,7 +2837,8 @@ static void Att_GetListSelectedUsrCods (unsigned NumStdsInList,long **LstSelecte NumStd < NumStdsInList && *Ptr; NumStd++) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); (*LstSelectedUsrCods)[NumStd] = UsrDat.UsrCod; } diff --git a/swad_calendar.c b/swad_calendar.c index f34b46802..db10c1ad9 100644 --- a/swad_calendar.c +++ b/swad_calendar.c @@ -189,7 +189,7 @@ static unsigned Cal_GetParamFirstDayOfWeek (void) void Cal_DrawCurrentMonth (void) { extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; - char ParamsStr[256 + 256 + Ses_LENGTH_SESSION_ID + 256]; + char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256]; /***** Get list of holidays *****/ if (!Gbl.Hlds.LstIsRead) @@ -289,7 +289,7 @@ static void Cal_DrawCalendar (Act_Action_t ActionSeeCalendar, { extern const char *Hlp_Calendar; extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; - char ParamsStr[256 + 256 + Ses_LENGTH_SESSION_ID + 256]; + char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256]; /***** Get list of holidays *****/ if (!Gbl.Hlds.LstIsRead) diff --git a/swad_changelog.h b/swad_changelog.h index 70652bae8..582c5b1e2 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -200,6 +200,8 @@ // TODO: Subject in msg_content and msg_content_deleted should be VARCHAR(255) in order to be copied directly to SummaryStr // TODO: Check how to get a summary of a social post or comments +// TODO: Check default values for ImageName, ImageTitle and ImageURL in database tables + // TODO: En la agenda debe poder repetirse el nombre del evento // TODO: Cuando hay un fallo al rellenar el formulario de nuevo evento en la agenda se borran los datos @@ -207,15 +209,20 @@ /****************************** Public constants *****************************/ /*****************************************************************************/ -#define Log_PLATFORM_VERSION "SWAD 16.155.23 (2017-03-13)" +#define Log_PLATFORM_VERSION "SWAD 16.155.24 (2017-03-13)" #define CSS_FILE "swad16.147.css" #define JS_FILE "swad16.144.js" // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 /* - Version 16.155.23:Mar 13, 2017 Adjusting size of database fields. (216957 lines) + Version 16.155.24:Mar 13, 2017 Adjusting size of database fields. (216988 lines) 2 changes necessary in database: +ALTER TABLE social_comments CHANGE COLUMN ImageTitle ImageTitle VARCHAR(2047) NOT NULL; +ALTER TABLE social_posts CHANGE COLUMN ImageTitle ImageTitle VARCHAR(2047) NOT NULL; + + Version 16.155.23:Mar 13, 2017 Adjusting size of database fields. (216957 lines) + 4 changes necessary in database: ALTER TABLE plugins CHANGE COLUMN Name Name VARCHAR(511) NOT NULL; ALTER TABLE plugins CHANGE COLUMN Description Description VARCHAR(2047) NOT NULL; ALTER TABLE plugins CHANGE COLUMN Logo Logo VARCHAR(31) NOT NULL; diff --git a/swad_connected.c b/swad_connected.c index 4b2108ec3..1fc82bb26 100644 --- a/swad_connected.c +++ b/swad_connected.c @@ -641,7 +641,7 @@ void Con_UpdateMeInConnectedList (void) void Con_RemoveOldConnected (void) { - char Query[512]; + char Query[256]; /***** Remove old users from connected list *****/ sprintf (Query,"DELETE FROM connected WHERE UsrCod NOT IN" diff --git a/swad_database.c b/swad_database.c index 977c7b482..abb67f067 100644 --- a/swad_database.c +++ b/swad_database.c @@ -1160,7 +1160,7 @@ mysql> DESCRIBE forum_post; "NumNotif INT NOT NULL DEFAULT 0," "Subject TEXT NOT NULL," // Cns_MAX_BYTES_SUBJECT "Content LONGTEXT NOT NULL," // Cns_MAX_BYTES_LONG_TEXT - "ImageName VARCHAR(43) NOT NULL," // Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + "ImageName VARCHAR(43) NOT NULL," // Img_BYTES_NAME "ImageTitle VARCHAR(2047) NOT NULL," // Img_MAX_BYTES_TITLE "ImageURL VARCHAR(255) NOT NULL," // Cns_MAX_BYTES_WWW "UNIQUE INDEX(PstCod)," @@ -1246,7 +1246,7 @@ mysql> DESCRIBE hidden_params; 4 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS hidden_params (" - "SessionId CHAR(43) NOT NULL," + "SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID "Action INT NOT NULL," "ParamName VARCHAR(255) NOT NULL," "ParamValue TEXT NOT NULL," @@ -1565,7 +1565,7 @@ mysql> DESCRIBE msg_content; "MsgCod INT NOT NULL AUTO_INCREMENT," "Subject TEXT NOT NULL," "Content LONGTEXT NOT NULL," - "ImageName VARCHAR(43) NOT NULL DEFAULT ''," // Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + "ImageName VARCHAR(43) NOT NULL DEFAULT ''," // Img_BYTES_NAME "ImageTitle VARCHAR(2047) NOT NULL DEFAULT ''," // Img_MAX_BYTES_TITLE "ImageURL VARCHAR(255) NOT NULL DEFAULT ''," // Cns_MAX_BYTES_WWW "UNIQUE INDEX(MsgCod)," @@ -1590,7 +1590,7 @@ mysql> DESCRIBE msg_content_deleted; "MsgCod INT NOT NULL," "Subject TEXT NOT NULL," "Content LONGTEXT NOT NULL," - "ImageName VARCHAR(43) NOT NULL DEFAULT ''," // Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + "ImageName VARCHAR(43) NOT NULL DEFAULT ''," // Img_BYTES_NAME "ImageTitle VARCHAR(2047) NOT NULL DEFAULT ''," // Img_MAX_BYTES_TITLE "ImageURL VARCHAR(255) NOT NULL DEFAULT ''," // Cns_MAX_BYTES_WWW "UNIQUE INDEX(MsgCod)," @@ -1823,7 +1823,7 @@ mysql> DESCRIBE pending_passwd; */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS pending_passwd (" "UsrCod INT NOT NULL," - "PendingPassword CHAR(86) COLLATE latin1_bin NOT NULL," // Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + "PendingPassword CHAR(86) COLLATE latin1_bin NOT NULL," // Pwd_BYTES_ENCRYPTED_PASSWORD "DateAndTime DATETIME NOT NULL," "PRIMARY KEY (UsrCod))"); @@ -1902,49 +1902,49 @@ mysql> DESCRIBE sessions; 18 rows in set (0,00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS sessions (" - "SessionId CHAR(43) NOT NULL," - "UsrCod INT NOT NULL," - "Password CHAR(86) COLLATE latin1_bin NOT NULL," - "Role TINYINT NOT NULL DEFAULT 0," - "CtyCod INT NOT NULL DEFAULT -1," - "InsCod INT NOT NULL DEFAULT -1," - "CtrCod INT NOT NULL DEFAULT -1," - "DegCod INT NOT NULL DEFAULT -1," - "CrsCod INT NOT NULL DEFAULT -1," - "LastTime DATETIME NOT NULL," - "LastRefresh DATETIME NOT NULL," - "FirstPubCod BIGINT NOT NULL DEFAULT 0," - "LastPubCod BIGINT NOT NULL DEFAULT 0," - "LastPageMsgRcv INT NOT NULL DEFAULT 1," - "LastPageMsgSnt INT NOT NULL DEFAULT 1," - "WhatToSearch TINYINT NOT NULL DEFAULT 0," - "SearchStr VARCHAR(2047) NOT NULL DEFAULT ''," // Sch_MAX_BYTES_STRING_TO_FIND - "SideCols TINYINT NOT NULL DEFAULT 3," - "UNIQUE INDEX(SessionId)," - "INDEX(UsrCod))"); + "SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID + "UsrCod INT NOT NULL," + "Password CHAR(86) COLLATE latin1_bin NOT NULL," // Pwd_BYTES_ENCRYPTED_PASSWORD + "Role TINYINT NOT NULL DEFAULT 0," + "CtyCod INT NOT NULL DEFAULT -1," + "InsCod INT NOT NULL DEFAULT -1," + "CtrCod INT NOT NULL DEFAULT -1," + "DegCod INT NOT NULL DEFAULT -1," + "CrsCod INT NOT NULL DEFAULT -1," + "LastTime DATETIME NOT NULL," + "LastRefresh DATETIME NOT NULL," + "FirstPubCod BIGINT NOT NULL DEFAULT 0," + "LastPubCod BIGINT NOT NULL DEFAULT 0," + "LastPageMsgRcv INT NOT NULL DEFAULT 1," + "LastPageMsgSnt INT NOT NULL DEFAULT 1," + "WhatToSearch TINYINT NOT NULL DEFAULT 0," + "SearchStr VARCHAR(2047) NOT NULL DEFAULT ''," // Sch_MAX_BYTES_STRING_TO_FIND + "SideCols TINYINT NOT NULL DEFAULT 3," + "UNIQUE INDEX(SessionId)," + "INDEX(UsrCod))"); /***** Table social_comments *****/ /* mysql> DESCRIBE social_comments; -+------------+--------------+------+-----+---------+-------+ -| Field | Type | Null | Key | Default | Extra | -+------------+--------------+------+-----+---------+-------+ -| PubCod | bigint(20) | NO | PRI | NULL | | -| Content | longtext | NO | MUL | NULL | | -| ImageName | varchar(43) | NO | | NULL | | -| ImageTitle | varchar(255) | NO | | NULL | | -| ImageURL | varchar(255) | NO | | NULL | | -+------------+--------------+------+-----+---------+-------+ -5 rows in set (0.00 sec) ++------------+---------------+------+-----+---------+-------+ +| Field | Type | Null | Key | Default | Extra | ++------------+---------------+------+-----+---------+-------+ +| PubCod | bigint(20) | NO | PRI | NULL | | +| Content | longtext | NO | MUL | NULL | | +| ImageName | varchar(43) | NO | | NULL | | +| ImageTitle | varchar(2047) | NO | | NULL | | +| ImageURL | varchar(255) | NO | | NULL | | ++------------+---------------+------+-----+---------+-------+ +5 rows in set (0,00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_comments (" - "PubCod BIGINT NOT NULL," - "Content LONGTEXT NOT NULL," - "ImageName VARCHAR(43) NOT NULL," - "ImageTitle VARCHAR(255) NOT NULL," - "ImageURL VARCHAR(255) NOT NULL," - "UNIQUE INDEX(PubCod)," - "FULLTEXT(Content)) ENGINE = MYISAM;"); + "PubCod BIGINT NOT NULL," + "Content LONGTEXT NOT NULL," + "ImageName VARCHAR(43) NOT NULL," // Img_BYTES_NAME + "ImageTitle VARCHAR(2047) NOT NULL," // Img_MAX_BYTES_TITLE + "ImageURL VARCHAR(255) NOT NULL," // Cns_MAX_BYTES_WWW + "UNIQUE INDEX(PubCod)," + "FULLTEXT(Content)) ENGINE = MYISAM;"); /***** Table social_comments_fav *****/ /* @@ -1960,13 +1960,13 @@ mysql> DESCRIBE social_comments_fav; 4 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_comments_fav (" - "FavCod BIGINT AUTO_INCREMENT," - "PubCod BIGINT NOT NULL," - "UsrCod INT NOT NULL," - "TimeFav DATETIME NOT NULL," // Not used. For future use - "UNIQUE INDEX(FavCod)," - "UNIQUE INDEX(PubCod,UsrCod)," - "INDEX(UsrCod))"); + "FavCod BIGINT AUTO_INCREMENT," + "PubCod BIGINT NOT NULL," + "UsrCod INT NOT NULL," + "TimeFav DATETIME NOT NULL," // Not used. For future use + "UNIQUE INDEX(FavCod)," + "UNIQUE INDEX(PubCod,UsrCod)," + "INDEX(UsrCod))"); /***** Table social_notes *****/ /* @@ -1985,17 +1985,17 @@ mysql> DESCRIBE social_notes; 7 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_notes (" - "NotCod BIGINT NOT NULL AUTO_INCREMENT," - "NoteType TINYINT NOT NULL," - "Cod INT NOT NULL DEFAULT -1," - "UsrCod INT NOT NULL," - "HieCod INT NOT NULL DEFAULT -1," - "Unavailable ENUM('N','Y') NOT NULL DEFAULT 'N'," - "TimeNote DATETIME NOT NULL," - "UNIQUE INDEX(NotCod)," - "INDEX(NoteType,Cod)," - "INDEX(UsrCod)," - "INDEX(TimeNote))"); + "NotCod BIGINT NOT NULL AUTO_INCREMENT," + "NoteType TINYINT NOT NULL," + "Cod INT NOT NULL DEFAULT -1," + "UsrCod INT NOT NULL," + "HieCod INT NOT NULL DEFAULT -1," + "Unavailable ENUM('N','Y') NOT NULL DEFAULT 'N'," + "TimeNote DATETIME NOT NULL," + "UNIQUE INDEX(NotCod)," + "INDEX(NoteType,Cod)," + "INDEX(UsrCod)," + "INDEX(TimeNote))"); /***** Table social_notes_fav *****/ /* @@ -2011,36 +2011,36 @@ mysql> DESCRIBE social_notes_fav; 4 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_notes_fav (" - "FavCod BIGINT AUTO_INCREMENT," - "NotCod BIGINT NOT NULL," - "UsrCod INT NOT NULL," - "TimeFav DATETIME NOT NULL," // Not used. For future use - "UNIQUE INDEX(FavCod)," - "UNIQUE INDEX(NotCod,UsrCod)," - "INDEX(UsrCod))"); + "FavCod BIGINT AUTO_INCREMENT," + "NotCod BIGINT NOT NULL," + "UsrCod INT NOT NULL," + "TimeFav DATETIME NOT NULL," // Not used. For future use + "UNIQUE INDEX(FavCod)," + "UNIQUE INDEX(NotCod,UsrCod)," + "INDEX(UsrCod))"); /***** Table social_posts *****/ /* mysql> DESCRIBE social_posts; -+------------+--------------+------+-----+---------+----------------+ -| Field | Type | Null | Key | Default | Extra | -+------------+--------------+------+-----+---------+----------------+ -| PstCod | int(11) | NO | PRI | NULL | auto_increment | -| Content | longtext | NO | MUL | NULL | | -| ImageName | varchar(43) | NO | | NULL | | -| ImageTitle | varchar(255) | NO | | NULL | | -| ImageURL | varchar(255) | NO | | NULL | | -+------------+--------------+------+-----+---------+----------------+ -5 rows in set (0.00 sec) ++------------+---------------+------+-----+---------+----------------+ +| Field | Type | Null | Key | Default | Extra | ++------------+---------------+------+-----+---------+----------------+ +| PstCod | int(11) | NO | PRI | NULL | auto_increment | +| Content | longtext | NO | MUL | NULL | | +| ImageName | varchar(43) | NO | | NULL | | +| ImageTitle | varchar(2047) | NO | | NULL | | +| ImageURL | varchar(255) | NO | | NULL | | ++------------+---------------+------+-----+---------+----------------+ +5 rows in set (0,00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_posts (" - "PubCod INT NOT NULL AUTO_INCREMENT," - "Content LONGTEXT NOT NULL," - "ImageName VARCHAR(43) NOT NULL," - "ImageTitle VARCHAR(255) NOT NULL," - "ImageURL VARCHAR(255) NOT NULL," - "UNIQUE INDEX(PubCod)," - "FULLTEXT(Content)) ENGINE = MYISAM;"); + "PubCod INT NOT NULL AUTO_INCREMENT," + "Content LONGTEXT NOT NULL," + "ImageName VARCHAR(43) NOT NULL," // Img_BYTES_NAME + "ImageTitle VARCHAR(2047) NOT NULL," // Img_MAX_BYTES_TITLE + "ImageURL VARCHAR(255) NOT NULL," // Cns_MAX_BYTES_WWW + "UNIQUE INDEX(PubCod)," + "FULLTEXT(Content)) ENGINE = MYISAM;"); /***** Table social_pubs *****/ /* @@ -2057,16 +2057,16 @@ mysql> DESCRIBE social_pubs; 5 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_pubs (" - "PubCod BIGINT NOT NULL AUTO_INCREMENT," - "NotCod BIGINT NOT NULL," - "PublisherCod INT NOT NULL," - "PubType TINYINT NOT NULL," - "TimePublish DATETIME NOT NULL," - "UNIQUE INDEX(PubCod)," - "INDEX(NotCod,PublisherCod,PubType)," - "INDEX(PublisherCod)," - "INDEX(PubType)," - "INDEX(TimePublish))"); + "PubCod BIGINT NOT NULL AUTO_INCREMENT," + "NotCod BIGINT NOT NULL," + "PublisherCod INT NOT NULL," + "PubType TINYINT NOT NULL," + "TimePublish DATETIME NOT NULL," + "UNIQUE INDEX(PubCod)," + "INDEX(NotCod,PublisherCod,PubType)," + "INDEX(PublisherCod)," + "INDEX(PubType)," + "INDEX(TimePublish))"); /***** Table social_timelines *****/ /* @@ -2080,9 +2080,9 @@ mysql> DESCRIBE social_timelines; 2 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS social_timelines (" - "SessionId CHAR(43) NOT NULL," - "NotCod BIGINT NOT NULL," - "UNIQUE INDEX(SessionId,NotCod))"); + "SessionId CHAR(43) NOT NULL," // Ses_BYTES_SESSION_ID + "NotCod BIGINT NOT NULL," + "UNIQUE INDEX(SessionId,NotCod))"); /***** Table sta_degrees *****/ /* @@ -2559,7 +2559,7 @@ mysql> DESCRIBE usr_data; DB_CreateTable ("CREATE TABLE IF NOT EXISTS usr_data (" "UsrCod INT NOT NULL AUTO_INCREMENT," "EncryptedUsrCod CHAR(43) NOT NULL DEFAULT ''," - "Password CHAR(86) COLLATE latin1_bin NOT NULL DEFAULT ''," + "Password CHAR(86) COLLATE latin1_bin NOT NULL DEFAULT ''," // Pwd_BYTES_ENCRYPTED_PASSWORD "Surname1 VARCHAR(32) COLLATE latin1_spanish_ci NOT NULL DEFAULT ''," "Surname2 VARCHAR(32) COLLATE latin1_spanish_ci NOT NULL DEFAULT ''," "FirstName VARCHAR(32) COLLATE latin1_spanish_ci NOT NULL DEFAULT ''," diff --git a/swad_forum.c b/swad_forum.c index 807dd3eb8..c4e167953 100644 --- a/swad_forum.c +++ b/swad_forum.c @@ -469,7 +469,7 @@ static long For_InsertForumPst (long ThrCod,long UsrCod, if ((Query = malloc (512 + strlen (Subject) + strlen (Content) + - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + + Img_BYTES_NAME + Img_MAX_BYTES_TITLE + Cns_MAX_BYTES_WWW)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store database query."); diff --git a/swad_global.h b/swad_global.h index 6dbbd450c..d6feac4ff 100644 --- a/swad_global.h +++ b/swad_global.h @@ -166,7 +166,7 @@ struct Globals unsigned NumSessions; bool IsOpen; bool HasBeenDisconnected; - char Id[Ses_LENGTH_SESSION_ID + 1]; + char Id[Ses_BYTES_SESSION_ID + 1]; long UsrCod; } Session; @@ -295,8 +295,8 @@ struct Globals bool RoleHasChanged; // Set when I have changed my role char UsrIdLogin[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]; // String to store the ID, nickname or email entered in the user's login char LoginPlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char LoginEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; - char PendingPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char LoginEncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; + char PendingPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; char PathDir[PATH_MAX + 1]; bool Logged; bool IBelongToCurrentIns; diff --git a/swad_image.c b/swad_image.c index 521c6f127..d74c47270 100644 --- a/swad_image.c +++ b/swad_image.c @@ -144,7 +144,7 @@ void Img_GetImageNameTitleAndURLFromRow (const char *Name, /***** Copy image name to struct *****/ Str_Copy (Image->Name,Name, - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Img_BYTES_NAME); /***** Set status of image file *****/ Image->Status = Image->Name[0] ? Img_NAME_STORED_IN_DB : diff --git a/swad_image.h b/swad_image.h index 0e667dc7d..cead624ae 100644 --- a/swad_image.h +++ b/swad_image.h @@ -31,6 +31,8 @@ /***************************** Public constants ******************************/ /*****************************************************************************/ +#define Img_BYTES_NAME Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + #define Img_MAX_CHARS_TITLE (128 - 1) // 127 #define Img_MAX_BYTES_TITLE ((Img_MAX_CHARS_TITLE + 1) * Str_MAX_BYTES_PER_CHAR - 1) // 2047 @@ -91,7 +93,7 @@ struct Image { Img_Action_t Action; Img_FileStatus_t Status; - char Name[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]; + char Name[Img_BYTES_NAME + 1]; char *Title; // Title/attribution (it must be initialized to NULL // in order to not trying to free it when no memory allocated) char *URL; // URL, i.e. link to original big photo or video diff --git a/swad_message.c b/swad_message.c index 4bbb53ccf..3d020f4b5 100644 --- a/swad_message.c +++ b/swad_message.c @@ -720,7 +720,8 @@ void Msg_RecMsgFromUsr (void) NumRecipients = 0; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDstData.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDstData.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDstData); if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&UsrDstData)) // Get recipient's data from the database { @@ -1288,7 +1289,7 @@ static long Msg_InsertNewMsg (const char *Subject,const char *Content, if ((Query = malloc (512 + strlen (Subject) + strlen (Content) + - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + + Img_BYTES_NAME + Img_MAX_BYTES_TITLE)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store database query."); diff --git a/swad_pagination.c b/swad_pagination.c index 09a1cfcd1..3f4c651dc 100644 --- a/swad_pagination.c +++ b/swad_pagination.c @@ -657,7 +657,7 @@ void Pag_GetParamPagNum (Pag_WhatPaginate_t WhatPaginate) void Pag_SaveLastPageMsgIntoSession (Pag_WhatPaginate_t WhatPaginate,unsigned NumPage) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Save last page of received/sent messages *****/ sprintf (Query,"UPDATE sessions SET %s='%u' WHERE SessionId='%s'", @@ -673,7 +673,7 @@ void Pag_SaveLastPageMsgIntoSession (Pag_WhatPaginate_t WhatPaginate,unsigned Nu unsigned Pag_GetLastPageMsgFromSession (Pag_WhatPaginate_t WhatPaginate) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; diff --git a/swad_parameter.c b/swad_parameter.c index ef906ce8c..4346eeb02 100644 --- a/swad_parameter.c +++ b/swad_parameter.c @@ -735,7 +735,7 @@ void Par_GetMainParameters (void) } /***** Get session identifier, if exists *****/ - Par_GetParToText ("ses",Gbl.Session.Id,Ses_LENGTH_SESSION_ID); + Par_GetParToText ("ses",Gbl.Session.Id,Ses_BYTES_SESSION_ID); if (Gbl.Session.Id[0]) { /***** Get user's code, password, current degree and current course from stored session *****/ @@ -750,7 +750,7 @@ void Par_GetMainParameters (void) else { // Try old parameter "IdSes" (allowed for compatibility, to be removed soon) - Par_GetParToText ("IdSes",Gbl.Session.Id,Ses_LENGTH_SESSION_ID); + Par_GetParToText ("IdSes",Gbl.Session.Id,Ses_BYTES_SESSION_ID); if (Gbl.Session.Id[0]) { /***** Get user's code, password, current degree and current course from stored session *****/ diff --git a/swad_password.c b/swad_password.c index 79f22da6b..6c70efbf1 100644 --- a/swad_password.c +++ b/swad_password.c @@ -119,7 +119,7 @@ bool Pwd_CheckPendingPassword (void) /* Get encrypted pending password */ row = mysql_fetch_row (mysql_res); Str_Copy (Gbl.Usrs.Me.PendingPassword,row[0], - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); } else Gbl.Usrs.Me.PendingPassword[0] = '\0'; @@ -138,7 +138,7 @@ bool Pwd_CheckPendingPassword (void) void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) { - char Query[128 + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD]; + char Query[128 + Pwd_BYTES_ENCRYPTED_PASSWORD]; /***** Update my current password in database *****/ sprintf (Query,"UPDATE usr_data SET Password='%s'" @@ -149,7 +149,7 @@ void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) /***** Update my current password *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword, - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); } /*****************************************************************************/ @@ -163,7 +163,7 @@ void Pwd_ActChgMyPwd1 (void) extern const char *Txt_You_have_not_entered_your_password_correctly; char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; char NewPlainPassword[2][Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char NewEncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; /***** Get plain password from form *****/ Par_GetParToText ("UsrPwd",PlainPassword,Pwd_MAX_BYTES_PLAIN_PASSWORD); @@ -189,7 +189,7 @@ void Pwd_ActChgMyPwd1 (void) if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Me.UsrDat.UsrCod)) // New password is good? { Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); Ses_UpdateSessionDataInDB (); Enr_UpdateUsrData (&Gbl.Usrs.Me.UsrDat); sprintf (Gbl.Message,"%s",Txt_Your_password_has_been_changed_successfully); @@ -457,7 +457,7 @@ static void Pwd_CreateANewPassword (char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSW void Pwd_SetMyPendingPassword (char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]) { - char Query[256 + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD]; + char Query[256 + Pwd_BYTES_ENCRYPTED_PASSWORD]; /***** Encrypt my pending password *****/ Cry_EncryptSHA512Base64 (PlainPassword,Gbl.Usrs.Me.PendingPassword); @@ -487,7 +487,7 @@ void Pwd_UpdateOtherPwd1 (void) extern const char *Txt_The_X_password_has_been_changed_successfully; extern const char *Txt_User_not_found_or_you_do_not_have_permission_; char NewPlainPassword[2][Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char NewEncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; Gbl.Usrs.Error = true; @@ -511,7 +511,7 @@ void Pwd_UpdateOtherPwd1 (void) { /* Update other user's data */ Str_Copy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword, - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); Enr_UpdateUsrData (&Gbl.Usrs.Other.UsrDat); sprintf (Gbl.Message,Txt_The_X_password_has_been_changed_successfully, @@ -926,7 +926,7 @@ bool Pwd_GetConfirmationOnDangerousAction (void) extern const char *Txt_You_have_not_confirmed_the_action; extern const char *Txt_You_have_not_entered_your_password_correctly; char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char EncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char EncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; /***** Get if consent has been done *****/ if (!Par_GetParToBool ("Consent")) diff --git a/swad_password.h b/swad_password.h index 8f5f24113..2d3b6a849 100644 --- a/swad_password.h +++ b/swad_password.h @@ -37,7 +37,7 @@ #define Pwd_MAX_CHARS_PLAIN_PASSWORD (256 - 1) #define Pwd_MAX_BYTES_PLAIN_PASSWORD Pwd_MAX_CHARS_PLAIN_PASSWORD -#define Pwd_MAX_BYTES_ENCRYPTED_PASSWORD Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 +#define Pwd_BYTES_ENCRYPTED_PASSWORD Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 /*****************************************************************************/ /***************************** Public prototypes *****************************/ diff --git a/swad_plugin.c b/swad_plugin.c index c5c84d6d8..53f0eb94d 100644 --- a/swad_plugin.c +++ b/swad_plugin.c @@ -79,7 +79,7 @@ void Plg_ListPlugins (void) extern const char *Txt_Plugin; unsigned NumPlg; struct Plugin *Plg; - char URL[Cns_MAX_BYTES_WWW + Ses_LENGTH_SESSION_ID + 1]; + char URL[Cns_MAX_BYTES_WWW + Ses_BYTES_SESSION_ID + 1]; if (Gbl.Usrs.Me.LoggedRole != Rol_SYS_ADM) { diff --git a/swad_record.c b/swad_record.c index b1e8fde7e..dcbd4e4a7 100644 --- a/swad_record.c +++ b/swad_record.c @@ -1007,7 +1007,8 @@ void Rec_ListRecordsGsts (void) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&UsrDat)) // Get from the database the data of the student { @@ -1170,7 +1171,8 @@ static void Rec_ListRecordsStds (Rec_SharedRecordViewType_t ShaTypeOfView, Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&UsrDat)) // Get from the database the data of the student if (Usr_CheckIfUsrBelongsToCrs (UsrDat.UsrCod, @@ -1366,7 +1368,8 @@ void Rec_ListRecordsTchs (void) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&UsrDat)) // Get from the database the data of the student if (Usr_CheckIfUsrBelongsToCrs (UsrDat.UsrCod, diff --git a/swad_search.c b/swad_search.c index cabaf172a..a37bec95a 100644 --- a/swad_search.c +++ b/swad_search.c @@ -1343,7 +1343,7 @@ static void Sch_SaveLastSearchIntoSession (void) { char Query[256 + Sch_MAX_BYTES_STRING_TO_FIND + - Ses_LENGTH_SESSION_ID]; + Ses_BYTES_SESSION_ID]; if (Gbl.Usrs.Me.Logged) { diff --git a/swad_session.c b/swad_session.c index 4e4845630..a33398d5c 100644 --- a/swad_session.c +++ b/swad_session.c @@ -81,7 +81,7 @@ void Ses_CreateSession (void) { /***** Create a unique name for the session *****/ Str_Copy (Gbl.Session.Id,Gbl.UniqueNameEncrypted, - Ses_LENGTH_SESSION_ID); + Ses_BYTES_SESSION_ID); /***** Check that session is not open *****/ if (Ses_CheckIfSessionExists (Gbl.Session.Id)) @@ -105,7 +105,7 @@ void Ses_CreateSession (void) bool Ses_CheckIfSessionExists (const char *IdSes) { - char Query[512]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Get if session already exists in database *****/ sprintf (Query,"SELECT COUNT(*) FROM sessions WHERE SessionId='%s'", @@ -154,7 +154,9 @@ void Ses_CloseSession (void) void Ses_InsertSessionInDB (void) { - char Query[1024]; + char Query[1024 + + Ses_BYTES_SESSION_ID + + Pwd_BYTES_ENCRYPTED_PASSWORD]; /***** Insert session in the database *****/ if (Gbl.Search.WhatToSearch == Sch_SEARCH_UNKNOWN) @@ -185,7 +187,9 @@ void Ses_InsertSessionInDB (void) void Ses_UpdateSessionDataInDB (void) { - char Query[1024]; + char Query[1024 + + Pwd_BYTES_ENCRYPTED_PASSWORD + + Ses_BYTES_SESSION_ID]; /***** Update session in database *****/ sprintf (Query,"UPDATE sessions SET UsrCod='%ld',Password='%s',Role='%u'," @@ -210,11 +214,10 @@ void Ses_UpdateSessionDataInDB (void) void Ses_UpdateSessionLastRefreshInDB (void) { - char Query[512]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Update session in database *****/ - sprintf (Query,"UPDATE sessions SET LastRefresh=NOW()" - " WHERE SessionId='%s'", + sprintf (Query,"UPDATE sessions SET LastRefresh=NOW() WHERE SessionId='%s'", Gbl.Session.Id); DB_QueryUPDATE (Query,"can not update session"); } @@ -225,7 +228,7 @@ void Ses_UpdateSessionLastRefreshInDB (void) static void Ses_RemoveSessionFromDB (void) { - char Query[512]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Remove current session *****/ sprintf (Query,"DELETE FROM sessions WHERE SessionId='%s'", @@ -267,7 +270,7 @@ void Ses_RemoveExpiredSessions (void) bool Ses_GetSessionData (void) { - char Query[512]; + char Query[256 + Ses_BYTES_SESSION_ID]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned UnsignedNum; @@ -290,7 +293,7 @@ bool Ses_GetSessionData (void) /***** Get password (row[1]) *****/ Str_Copy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1], - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); /***** Get logged user type (row[2]) *****/ if (sscanf (row[2],"%u",&Gbl.Usrs.Me.RoleFromSession) != 1) @@ -353,7 +356,7 @@ void Ses_InsertHiddenParInDB (Act_Action_t Action,const char *ParamName,const ch if (!Ses_CheckIfHiddenParIsAlreadyInDB (Action,ParamName)) { /***** Allocate space for query *****/ - MaxLength = 256 + Ses_LENGTH_SESSION_ID + strlen (ParamName) + strlen (ParamValue); + MaxLength = 256 + Ses_BYTES_SESSION_ID + strlen (ParamName) + strlen (ParamValue); if ((Query = (char *) malloc (MaxLength + 1)) == NULL) Lay_ShowErrorAndExit ("Not enough memory for query."); @@ -377,7 +380,7 @@ void Ses_InsertHiddenParInDB (Act_Action_t Action,const char *ParamName,const ch void Ses_RemoveHiddenParFromThisSession (void) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; if (Gbl.Session.IsOpen && // There is an open session !Gbl.HiddenParamsInsertedIntoDB) // No params just inserted @@ -395,7 +398,7 @@ void Ses_RemoveHiddenParFromThisSession (void) void Ses_RemoveHiddenParFromExpiredSessions (void) { - char Query[512]; + char Query[256]; /***** Remove hidden parameters from expired sessions *****/ sprintf (Query,"DELETE FROM hidden_params" diff --git a/swad_session.h b/swad_session.h index 17680c3b8..efe0407ae 100644 --- a/swad_session.h +++ b/swad_session.h @@ -33,7 +33,7 @@ /***************************** Public constants ******************************/ /*****************************************************************************/ -#define Ses_LENGTH_SESSION_ID Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 +#define Ses_BYTES_SESSION_ID Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 #define Con_MIN_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MIN_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds #define Con_MAX_TIME_TO_REFRESH_CONNECTED_IN_MS (Cfg_MAX_TIME_TO_REFRESH_CONNECTED * 1000L) // Refresh period of connected users in miliseconds diff --git a/swad_social.c b/swad_social.c index 29c1d6396..44a654405 100644 --- a/swad_social.c +++ b/swad_social.c @@ -803,7 +803,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl static long Soc_GetPubCodFromSession (const char *FieldName) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; MYSQL_RES *mysql_res; MYSQL_ROW row; long PubCod; @@ -831,7 +831,7 @@ static long Soc_GetPubCodFromSession (const char *FieldName) static void Soc_UpdateLastPubCodIntoSession (void) { - char Query[256 + Ses_LENGTH_SESSION_ID]; + char Query[256 + Ses_BYTES_SESSION_ID]; /***** Update last publishing code *****/ sprintf (Query,"UPDATE sessions" @@ -847,7 +847,7 @@ static void Soc_UpdateLastPubCodIntoSession (void) static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Update last publishing code *****/ sprintf (Query,"UPDATE sessions SET FirstPubCod='%ld' WHERE SessionId='%s'", @@ -2293,8 +2293,9 @@ static long Soc_ReceiveSocialPost (void) /***** Allocate space for query *****/ if ((Query = malloc (256 + strlen (Content) + - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + - Img_MAX_BYTES_TITLE)) == NULL) + Img_BYTES_NAME + + Img_MAX_BYTES_TITLE + + Cns_MAX_BYTES_WWW)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store database query."); /***** Check if image is received and processed *****/ @@ -2444,7 +2445,7 @@ static unsigned long Soc_GetNumCommentsInSocialNote (long NotCod) static void Soc_WriteCommentsInSocialNote (const struct SocialNote *SocNot) { - char Query[512]; + char Query[1024]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumComments; @@ -2995,8 +2996,9 @@ static long Soc_ReceiveComment (void) /***** Allocate space for query *****/ if ((Query = malloc (256 + strlen (Content) + - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + - Img_MAX_BYTES_TITLE)) == NULL) + Img_BYTES_NAME + + Img_MAX_BYTES_TITLE + + Cns_MAX_BYTES_WWW)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store database query."); /***** Check if image is received and processed *****/ @@ -4494,7 +4496,7 @@ static void Soc_GetDataOfSocialNotByCod (struct SocialNote *SocNot) static void Soc_GetDataOfSocialComByCod (struct SocialComment *SocCom) { - char Query[512]; + char Query[1024]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -4714,7 +4716,7 @@ void Soc_ClearOldTimelinesDB (void) static void Soc_ClearTimelineThisSession (void) { - char Query[128 + Ses_LENGTH_SESSION_ID]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Remove social timeline for this session *****/ sprintf (Query,"DELETE FROM social_timelines WHERE SessionId='%s'", @@ -4728,7 +4730,7 @@ static void Soc_ClearTimelineThisSession (void) static void Soc_AddNotesJustRetrievedToTimelineThisSession (void) { - char Query[256 + Ses_LENGTH_SESSION_ID]; + char Query[256 + Ses_BYTES_SESSION_ID]; sprintf (Query,"INSERT IGNORE INTO social_timelines" " (SessionId,NotCod)" diff --git a/swad_statistic.c b/swad_statistic.c index 99fb86b49..10a144162 100644 --- a/swad_statistic.c +++ b/swad_statistic.c @@ -1299,7 +1299,8 @@ static void Sta_ShowHits (Sta_GlobalOrCourseAccesses_t GlobalOrCourse) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); if (UsrDat.UsrCod > 0) { diff --git a/swad_string.c b/swad_string.c index 9e280bf3e..1fb9439c5 100644 --- a/swad_string.c +++ b/swad_string.c @@ -112,8 +112,8 @@ action="https://localhost/swad/es" method="post"> void Str_InsertLinks (char *Txt,unsigned long MaxLength,size_t MaxCharsURLOnScreen) { extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; - char ParamsStr[256 + 256 + Ses_LENGTH_SESSION_ID + 256]; - char Anchor1Nick[256 + 256 + 256 + Ses_LENGTH_SESSION_ID + 256 + 256]; + char ParamsStr[256 + 256 + Ses_BYTES_SESSION_ID + 256]; + char Anchor1Nick[256 + 256 + 256 + Ses_BYTES_SESSION_ID + 256 + 256]; char Anchor2Nick[256 + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64]; size_t TxtLength; size_t TxtLengthWithInsertedAnchors; diff --git a/swad_test.c b/swad_test.c index 5612e38bc..6d66d539e 100644 --- a/swad_test.c +++ b/swad_test.c @@ -691,7 +691,7 @@ static bool Tst_CheckIfNextTstAllowed (void) static void Tst_SetTstStatus (unsigned NumTst,Tst_Status_t TstStatus) { - char Query[512]; + char Query[512 + Ses_BYTES_SESSION_ID]; /***** Delete old status from expired sessions *****/ sprintf (Query,"DELETE FROM tst_status" @@ -6021,7 +6021,7 @@ static void Tst_InsertOrUpdateQstIntoDB (void) if ((Query = malloc (512 + Gbl.Test.Stem.Length + Gbl.Test.Feedback.Length + - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + + Img_BYTES_NAME + Img_MAX_BYTES_TITLE)) == NULL) Lay_ShowErrorAndExit ("Not enough memory to store database query."); @@ -7089,7 +7089,8 @@ void Tst_ShowUsrsTestResults (void) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,Gbl.Usrs.Other.UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,Gbl.Usrs.Other.UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&Gbl.Usrs.Other.UsrDat); if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&Gbl.Usrs.Other.UsrDat)) // Get of the database the data of the user if (Usr_CheckIfUsrBelongsToCrs (Gbl.Usrs.Other.UsrDat.UsrCod, diff --git a/swad_user.c b/swad_user.c index a1f88c7c5..4e5dfbf11 100644 --- a/swad_user.c +++ b/swad_user.c @@ -487,7 +487,7 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat) /* Get encrypted password */ Str_Copy (UsrDat->Password,row[1], - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); /* Get roles */ UsrDat->RoleInCurrentCrsDB = Rol_GetRoleInCrs (Gbl.CurrentCrs.Crs.CrsCod,UsrDat->UsrCod); @@ -4886,7 +4886,7 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop /* Get encrypted password (row[2]) */ Str_Copy (UsrInList->Password,row[2], - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); /* Get user's surname 1 (row[3]) */ Str_Copy (UsrInList->Surname1,row[3], @@ -5401,7 +5401,8 @@ bool Usr_FindUsrCodInListOfSelectedUsrs (const char *EncryptedUsrCodToFind) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); if (!strcmp (EncryptedUsrCodToFind,EncryptedUsrCod)) return true; // Found! } @@ -5423,7 +5424,8 @@ unsigned Usr_CountNumUsrsInListOfSelectedUsrs (void) Ptr = Gbl.Usrs.Select.All; while (*Ptr) { - Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod,Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Par_GetNextStrUntilSeparParamMult (&Ptr,UsrDat.EncryptedUsrCod, + Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); Usr_GetUsrCodFromEncryptedUsrCod (&UsrDat); if (UsrDat.UsrCod > 0) NumUsrs++; diff --git a/swad_user.h b/swad_user.h index 5bf5d775e..86157a1c3 100644 --- a/swad_user.h +++ b/swad_user.h @@ -126,7 +126,7 @@ struct UsrData unsigned Num; } IDs; char Nickname [Nck_MAX_BYTES_NICKNAME_WITHOUT_ARROBA + 1]; - char Password [Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char Password [Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; Rol_Role_t RoleInCurrentCrsDB; int Roles; // Check always if filled/calculated // >=0 ==> filled/calculated @@ -185,7 +185,7 @@ struct UsrInList { long UsrCod; char EncryptedUsrCod[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]; - char Password[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char Password[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; char Surname1 [Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; char Surname2 [Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; char FirstName[Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; diff --git a/swad_web_service.c b/swad_web_service.c index 319f315ea..46b2b7ce7 100644 --- a/swad_web_service.c +++ b/swad_web_service.c @@ -192,7 +192,7 @@ Svc_Role_t Svc_RolRole_to_SvcRole[Rol_NUM_ROLES] = Svc_ROLE_UNKNOWN, // Rol_SYS_ADM }; -#define Svc_LENGTH_WS_KEY Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 +#define Svc_BYTES_WS_KEY Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 /*****************************************************************************/ /********************************* Data types ********************************/ @@ -204,11 +204,11 @@ Svc_Role_t Svc_RolRole_to_SvcRole[Rol_NUM_ROLES] = static int Svc_GetPlgCodFromAppKey (const char *appKey); static int Svc_CheckIdSession (const char *IdSession); -static int Svc_CheckWSKey (char WSKey[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]); +static int Svc_CheckWSKey (char WSKey[Svc_BYTES_WS_KEY + 1]); static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod); static int Svc_GenerateNewWSKey (long UsrCod, - char WSKey[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]); + char WSKey[Svc_BYTES_WS_KEY + 1]); static int Svc_RemoveOldWSKeys (void); static int Svc_GetCurrentDegCodFromCurrentCrsCod (void); static bool Svc_GetSomeUsrDataFromUsrCod (struct UsrData *UsrDat,long CrsCod); @@ -281,7 +281,7 @@ void Svc_Exit (const char *DetailErrorMessage) static int Svc_GetPlgCodFromAppKey (const char *appKey) { - char Query[256 + Plg_MAX_BYTES_PLUGIN_APP_KEY]; + char Query[128 + Plg_MAX_BYTES_PLUGIN_APP_KEY]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -326,7 +326,7 @@ static int Svc_CheckIdSession (const char *IdSession) { const char *Ptr; unsigned i; - char Query[512]; + char Query[128 + Ses_BYTES_SESSION_ID]; /***** Check if pointer is NULL *****/ if (IdSession == NULL) @@ -335,7 +335,7 @@ static int Svc_CheckIdSession (const char *IdSession) "Session identifier is a null pointer"); /***** Check length of session identifier *****/ - if (strlen (IdSession) != Ses_LENGTH_SESSION_ID) + if (strlen (IdSession) != Ses_BYTES_SESSION_ID) return soap_sender_fault (Gbl.soap, "Bad session identifier", "The length of the session identifier is wrong"); @@ -371,9 +371,9 @@ static int Svc_CheckIdSession (const char *IdSession) /************** Check if a web service key exists in database ****************/ /*****************************************************************************/ -static int Svc_CheckWSKey (char WSKey[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]) +static int Svc_CheckWSKey (char WSKey[Svc_BYTES_WS_KEY + 1]) { - char Query[512]; + char Query[128 + Svc_BYTES_WS_KEY]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -443,7 +443,7 @@ static int Svc_CheckCourseAndGroupCodes (long CrsCod,long GrpCod) /*****************************************************************************/ static int Svc_GenerateNewWSKey (long UsrCod, - char WSKey[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]) + char WSKey[Svc_BYTES_WS_KEY + 1]) { int ReturnCode; char Query[512]; @@ -454,7 +454,7 @@ static int Svc_GenerateNewWSKey (long UsrCod, /***** Create a unique name for the key *****/ Str_Copy (WSKey,Gbl.UniqueNameEncrypted, - Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64); + Svc_BYTES_WS_KEY); /***** Check that key does not exist in database *****/ sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'", @@ -644,7 +644,7 @@ int swad__createAccount (struct soap *soap, struct swad__createAccountOutput *createAccountOut) // output { char NewNicknameWithoutArroba[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1]; - char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char NewEncryptedPassword[Pwd_BYTES_ENCRYPTED_PASSWORD + 1]; int Result; int ReturnCode; @@ -653,7 +653,7 @@ int swad__createAccount (struct soap *soap, Gbl.WebService.Function = Svc_createAccount; /***** Allocate space for strings *****/ - createAccountOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_LENGTH_WS_KEY + 1); + createAccountOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_BYTES_WS_KEY + 1); /***** Default values returned on error *****/ createAccountOut->userCode = 0; // Undefined error @@ -681,7 +681,7 @@ int swad__createAccount (struct soap *soap, /***** Set password to the password typed by the user *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); + Pwd_BYTES_ENCRYPTED_PASSWORD); /***** User does not exist in the platform, so create him/her! *****/ Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat, @@ -783,7 +783,7 @@ int swad__loginByUserPasswordKey (struct soap *soap, Gbl.WebService.Function = Svc_loginByUserPasswordKey; /***** Allocate space for strings *****/ - loginByUserPasswordKeyOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_LENGTH_WS_KEY + 1); + loginByUserPasswordKeyOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_BYTES_WS_KEY + 1); loginByUserPasswordKeyOut->userNickname = (char *) soap_malloc (Gbl.soap,Nck_MAX_BYTES_NICKNAME_WITHOUT_ARROBA + 1); loginByUserPasswordKeyOut->userID = (char *) soap_malloc (Gbl.soap,ID_MAX_BYTES_USR_ID + 1); loginByUserPasswordKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1); @@ -937,7 +937,7 @@ int swad__loginBySessionKey (struct soap *soap, struct swad__loginBySessionKeyOutput *loginBySessionKeyOut) // output { int ReturnCode; - char Query[512]; + char Query[256 + Ses_BYTES_SESSION_ID]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned NumRows; @@ -949,7 +949,7 @@ int swad__loginBySessionKey (struct soap *soap, Gbl.WebService.Function = Svc_loginBySessionKey; /***** Allocate space for strings *****/ - loginBySessionKeyOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_LENGTH_WS_KEY + 1); + loginBySessionKeyOut->wsKey = (char *) soap_malloc (Gbl.soap,Svc_BYTES_WS_KEY + 1); loginBySessionKeyOut->userNickname = (char *) soap_malloc (Gbl.soap,Nck_MAX_BYTES_NICKNAME_WITHOUT_ARROBA + 1); loginBySessionKeyOut->userID = (char *) soap_malloc (Gbl.soap,ID_MAX_BYTES_USR_ID + 1); loginBySessionKeyOut->userFirstname = (char *) soap_malloc (Gbl.soap,Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1); @@ -993,7 +993,8 @@ int swad__loginBySessionKey (struct soap *soap, // Now, we know that sessionID is a valid session identifier /***** Query data of the session from database *****/ sprintf (Query,"SELECT UsrCod,DegCod,CrsCod FROM sessions" - " WHERE SessionId='%s'",sessionID); + " WHERE SessionId='%s'", + sessionID); if ((NumRows = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get session data")) == 1) // Session found in table of sessions { row = mysql_fetch_row (mysql_res);