mirror of https://github.com/acanas/swad-core.git
222 lines
7.3 KiB
C
222 lines
7.3 KiB
C
// swad_ID_database.c: Users' IDs operations with database
|
|
|
|
/*
|
|
SWAD (Shared Workspace At a Distance),
|
|
is a web platform developed at the University of Granada (Spain),
|
|
and used to support university teaching.
|
|
|
|
This file is part of SWAD core.
|
|
Copyright (C) 1999-2023 Antonio Cañas Vargas
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as
|
|
published by the Free Software Foundation, either version 3 of the
|
|
License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
/*****************************************************************************/
|
|
/********************************* Headers ***********************************/
|
|
/*****************************************************************************/
|
|
|
|
#include <stdlib.h> // For free
|
|
|
|
#include "swad_database.h"
|
|
#include "swad_error.h"
|
|
#include "swad_ID.h"
|
|
#include "swad_ID_database.h"
|
|
|
|
/*****************************************************************************/
|
|
/*************************** Create new user's ID ****************************/
|
|
/*****************************************************************************/
|
|
|
|
void ID_DB_InsertANewUsrID (long UsrCod,
|
|
const char ID[ID_MAX_BYTES_USR_ID + 1],
|
|
bool Confirmed)
|
|
{
|
|
DB_QueryINSERT ("can not create user's ID",
|
|
"INSERT INTO usr_ids"
|
|
" (UsrCod,UsrID,CreatTime,Confirmed)"
|
|
" VALUES"
|
|
" (%ld,'%s',NOW(),'%c')",
|
|
UsrCod,
|
|
ID,
|
|
Confirmed ? 'Y' :
|
|
'N');
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/*********************** Set a user's ID as confirmed ************************/
|
|
/*****************************************************************************/
|
|
|
|
void ID_DB_ConfirmUsrID (long UsrCod,const char ID[ID_MAX_BYTES_USR_ID + 1])
|
|
{
|
|
DB_QueryUPDATE ("can not confirm a user's ID",
|
|
"UPDATE usr_ids"
|
|
" SET Confirmed='Y'"
|
|
" WHERE UsrCod=%ld"
|
|
" AND UsrID='%s'"
|
|
" AND Confirmed<>'Y'",
|
|
UsrCod,
|
|
ID);
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/********************** Get list of IDs of a user ****************************/
|
|
/*****************************************************************************/
|
|
|
|
unsigned ID_DB_GetIDsFromUsrCod (MYSQL_RES **mysql_res,long UsrCod)
|
|
{
|
|
return (unsigned)
|
|
DB_QuerySELECT (mysql_res,"can not get user's IDs",
|
|
"SELECT UsrID," // row[0]
|
|
"Confirmed" // row[1]
|
|
" FROM usr_ids"
|
|
" WHERE UsrCod=%ld"
|
|
" ORDER BY Confirmed DESC,"
|
|
"UsrID",
|
|
UsrCod);
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/************************ Check if an ID is confirmed ************************/
|
|
/*****************************************************************************/
|
|
|
|
bool ID_DB_CheckIfConfirmed (long UsrCod,const char ID[ID_MAX_BYTES_USR_ID + 1])
|
|
{
|
|
return
|
|
DB_QueryEXISTS ("can not check if ID is confirmed",
|
|
"SELECT EXISTS"
|
|
"(SELECT *"
|
|
" FROM usr_ids"
|
|
" WHERE UsrCod=%ld"
|
|
" AND UsrID='%s'"
|
|
" AND Confirmed='Y')",
|
|
UsrCod,
|
|
ID);
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/********************** Check if a string is a user's ID *********************/
|
|
/*****************************************************************************/
|
|
|
|
bool ID_DB_FindStrInUsrsIDs (const char *Str)
|
|
{
|
|
return
|
|
DB_QueryEXISTS ("can not check if a string matches any user's ID",
|
|
"SELECT EXISTS"
|
|
"(SELECT *"
|
|
" FROM usr_ids"
|
|
" WHERE UsrID='%s')",
|
|
Str);
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/***************** Get list of user codes from user's IDs ********************/
|
|
/*****************************************************************************/
|
|
// Returns the number of users with any of these IDs
|
|
|
|
unsigned ID_DB_GetUsrCodsFromUsrID (MYSQL_RES **mysql_res,
|
|
const struct Usr_Data *UsrDat,
|
|
const char *EncryptedPassword, // If NULL or empty ==> do not check password
|
|
bool OnlyConfirmedIDs)
|
|
{
|
|
char *SubQueryAllUsrs = NULL;
|
|
char SubQueryOneUsr[1 + ID_MAX_BYTES_USR_ID + 1 + 1];
|
|
size_t MaxLength;
|
|
unsigned NumID;
|
|
unsigned NumUsrs;
|
|
bool CheckPassword = false;
|
|
|
|
if (EncryptedPassword)
|
|
if (EncryptedPassword[0])
|
|
CheckPassword = true;
|
|
|
|
/***** Allocate memory for subquery string *****/
|
|
MaxLength = 512 + UsrDat->IDs.Num * (1 + ID_MAX_BYTES_USR_ID + 1) - 1;
|
|
if ((SubQueryAllUsrs = malloc (MaxLength + 1)) == NULL)
|
|
Err_NotEnoughMemoryExit ();
|
|
SubQueryAllUsrs[0] = '\0';
|
|
|
|
/***** Get user's code(s) from database *****/
|
|
for (NumID = 0;
|
|
NumID < UsrDat->IDs.Num;
|
|
NumID++)
|
|
{
|
|
if (NumID)
|
|
Str_Concat (SubQueryAllUsrs,",",MaxLength);
|
|
sprintf (SubQueryOneUsr,"'%s'",UsrDat->IDs.List[NumID].ID);
|
|
|
|
Str_Concat (SubQueryAllUsrs,SubQueryOneUsr,MaxLength);
|
|
}
|
|
|
|
if (CheckPassword)
|
|
{
|
|
// Get user's code if I have written the correct password
|
|
// or if password in database is empty (new user)
|
|
NumUsrs = (unsigned)
|
|
DB_QuerySELECT (mysql_res,"can not get user's codes",
|
|
"SELECT DISTINCT "
|
|
"usr_ids.UsrCod"
|
|
" FROM usr_ids,"
|
|
"usr_data"
|
|
" WHERE usr_ids.UsrID IN (%s)"
|
|
"%s"
|
|
" AND usr_ids.UsrCod=usr_data.UsrCod"
|
|
" AND (usr_data.Password='%s'"
|
|
" OR usr_data.Password='')",
|
|
SubQueryAllUsrs,
|
|
OnlyConfirmedIDs ? " AND usr_ids.Confirmed='Y'" :
|
|
"",
|
|
EncryptedPassword);
|
|
}
|
|
else
|
|
NumUsrs = (unsigned)
|
|
DB_QuerySELECT (mysql_res,"can not get user's codes",
|
|
"SELECT DISTINCT "
|
|
"UsrCod"
|
|
" FROM usr_ids"
|
|
" WHERE UsrID IN (%s)"
|
|
"%s",
|
|
SubQueryAllUsrs,
|
|
OnlyConfirmedIDs ? " AND Confirmed='Y'" :
|
|
"");
|
|
|
|
/***** Free memory for subquery string *****/
|
|
free (SubQueryAllUsrs);
|
|
|
|
return NumUsrs;
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/**************** Remove one of my user's IDs from database ******************/
|
|
/*****************************************************************************/
|
|
|
|
void ID_DB_RemoveUsrID (long UsrCod,const char ID[ID_MAX_BYTES_USR_ID + 1])
|
|
{
|
|
DB_QueryREPLACE ("can not remove a user's ID",
|
|
"DELETE FROM usr_ids"
|
|
" WHERE UsrCod=%ld"
|
|
" AND UsrID='%s'",
|
|
UsrCod,
|
|
ID);
|
|
}
|
|
|
|
/*****************************************************************************/
|
|
/****************************** Remove user's IDs ****************************/
|
|
/*****************************************************************************/
|
|
|
|
void ID_DB_RemoveUsrIDs (long UsrCod)
|
|
{
|
|
DB_QueryDELETE ("can not remove user's IDs",
|
|
"DELETE FROM usr_ids"
|
|
" WHERE UsrCod=%ld",
|
|
UsrCod);
|
|
}
|