1 | unit UUser;
|
---|
2 |
|
---|
3 | {$mode Delphi}{$H+}
|
---|
4 |
|
---|
5 | interface
|
---|
6 |
|
---|
7 | uses
|
---|
8 | Classes, SysUtils, UWebObject, synacode, USqlDatabase, UCommon;
|
---|
9 |
|
---|
10 | type
|
---|
11 | EDuplicateItem = Exception;
|
---|
12 | ENotFound = Exception;
|
---|
13 |
|
---|
14 | { TWebUser }
|
---|
15 |
|
---|
16 | TWebUser = class(TWebObject)
|
---|
17 | procedure Delete(Id: Integer);
|
---|
18 | procedure Add(Name, Password, Email: string);
|
---|
19 | function GetIdByName(Name: string): Integer;
|
---|
20 | function GetIdByNamePassword(Name: string; PassWord: string): Integer;
|
---|
21 | end;
|
---|
22 |
|
---|
23 | { TWebOnlineUser }
|
---|
24 |
|
---|
25 | TWebOnlineUser = class(TWebObject)
|
---|
26 | Id: Integer;
|
---|
27 | User: Integer;
|
---|
28 | procedure Update;
|
---|
29 | procedure Login(User: Integer);
|
---|
30 | procedure Logout;
|
---|
31 | end;
|
---|
32 |
|
---|
33 | implementation
|
---|
34 |
|
---|
35 | { TOnlineUser }
|
---|
36 |
|
---|
37 | procedure TWebOnlineUser.Update;
|
---|
38 | var
|
---|
39 | DbRows: TDbRows;
|
---|
40 | Id: Integer;
|
---|
41 | begin
|
---|
42 | DbRows := Database.Query('SELECT * FROM `UserOnline` WHERE `SessionId`="' +
|
---|
43 | HandlerData.Request.Cookies.Values['SessionId'] + '"');
|
---|
44 | if DbRows.Count > 0 then begin
|
---|
45 | // Update exited
|
---|
46 | Id := StrToInt(DbRows[0].Values['Id']);
|
---|
47 | DbRows.Destroy;
|
---|
48 | DbRows := Database.Query('UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
|
---|
49 | end else begin
|
---|
50 | // Create new record
|
---|
51 | DbRows.Destroy;
|
---|
52 | DbRows := Database.Query('INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
|
---|
53 | 'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")');
|
---|
54 | Id := Database.LastInsertId;
|
---|
55 | end;
|
---|
56 | DbRows.Destroy;
|
---|
57 | end;
|
---|
58 |
|
---|
59 | procedure TWebOnlineUser.Login(User: Integer);
|
---|
60 | var
|
---|
61 | DbRows: TDbRows;
|
---|
62 | begin
|
---|
63 | Logout;
|
---|
64 | DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
|
---|
65 | HandlerData.Request.Cookies.Values['SessionId'] + '"');
|
---|
66 | DbRows.Destroy;
|
---|
67 | Self.User := User;
|
---|
68 | end;
|
---|
69 |
|
---|
70 | procedure TWebOnlineUser.Logout;
|
---|
71 | var
|
---|
72 | DbRows: TDbRows;
|
---|
73 | begin
|
---|
74 | if Id = 1 then Update;
|
---|
75 | if User <> 1 then begin
|
---|
76 | DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' +
|
---|
77 | HandlerData.Request.Cookies.Values['SessionId'] + '"');
|
---|
78 | DbRows.Destroy;
|
---|
79 | User := 1;
|
---|
80 | end;
|
---|
81 | end;
|
---|
82 |
|
---|
83 | { TUser }
|
---|
84 |
|
---|
85 | procedure TWebUser.Delete(Id: Integer);
|
---|
86 | begin
|
---|
87 | Database.Query('DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
|
---|
88 | end;
|
---|
89 |
|
---|
90 | procedure TWebUser.Add(Name, Password, Email: string);
|
---|
91 | var
|
---|
92 | Salt: string;
|
---|
93 | DbRows: TDbRows;
|
---|
94 | begin
|
---|
95 | DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
|
---|
96 | try
|
---|
97 | if DbRows.Count = 0 then begin
|
---|
98 | Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8));
|
---|
99 | Database.Query('INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
|
---|
100 | Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt +
|
---|
101 | '", "' + Email + '", NOW())');
|
---|
102 | end else raise EDuplicateItem.Create('User name already used');
|
---|
103 | finally
|
---|
104 | DbRows.Destroy;
|
---|
105 | end;
|
---|
106 | end;
|
---|
107 |
|
---|
108 | function TWebUser.GetIdByName(Name: string): Integer;
|
---|
109 | var
|
---|
110 | DbRows: TDbRows;
|
---|
111 | begin
|
---|
112 | DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
|
---|
113 | try
|
---|
114 | if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
|
---|
115 | else raise ENotFound.Create('User "' + Name + '" not found');
|
---|
116 | finally
|
---|
117 | DBRows.Destroy;
|
---|
118 | end;
|
---|
119 | end;
|
---|
120 |
|
---|
121 | function TWebUser.GetIdByNamePassword(Name: string; PassWord: string): Integer;
|
---|
122 | var
|
---|
123 | DbRows: TDbRows;
|
---|
124 | begin
|
---|
125 | DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
|
---|
126 | '`Password` = SHA1(CONCAT("' + Password + '", Salt))');
|
---|
127 | try
|
---|
128 | if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
|
---|
129 | else raise ENotFound.Create('User "' + Name + '" not found');
|
---|
130 | finally
|
---|
131 | DBRows.Destroy;
|
---|
132 | end;
|
---|
133 | end;
|
---|
134 |
|
---|
135 | end.
|
---|
136 |
|
---|