source: Network/HTTP/Modules/UUser.pas

Last change on this file was 35, checked in by george, 15 years ago
  • Přidáno: Třídy pro běh web serveru, asociativní pole, dávkový přenos paketů.
File size: 3.7 KB
Line 
1unit UUser;
2
3{$mode Delphi}{$H+}
4
5interface
6
7uses
8 Classes, SysUtils, UWebObject, synacode, USqlDatabase, UCommon;
9
10type
11 EDuplicateItem = Exception;
12 ENotFound = Exception;
13
14 { TWebUser }
15
16 TWebUser = class(TWebObject)
17 procedure Delete(Id: Integer);
18 procedure Add(Name, Password, Email: string);
19 function GetIdByName(Name: string): Integer;
20 function GetIdByNamePassword(Name: string; PassWord: string): Integer;
21 end;
22
23 { TWebOnlineUser }
24
25 TWebOnlineUser = class(TWebObject)
26 Id: Integer;
27 User: Integer;
28 procedure Update;
29 procedure Login(User: Integer);
30 procedure Logout;
31 end;
32
33implementation
34
35{ TOnlineUser }
36
37procedure TWebOnlineUser.Update;
38var
39 DbRows: TDbRows;
40 Id: Integer;
41begin
42 DbRows := Database.Query('SELECT * FROM `UserOnline` WHERE `SessionId`="' +
43 HandlerData.Request.Cookies.Values['SessionId'] + '"');
44 if DbRows.Count > 0 then begin
45 // Update exited
46 Id := StrToInt(DbRows[0].Values['Id']);
47 DbRows.Destroy;
48 DbRows := Database.Query('UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
49 end else begin
50 // Create new record
51 DbRows.Destroy;
52 DbRows := Database.Query('INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
53 'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")');
54 Id := Database.LastInsertId;
55 end;
56 DbRows.Destroy;
57end;
58
59procedure TWebOnlineUser.Login(User: Integer);
60var
61 DbRows: TDbRows;
62begin
63 Logout;
64 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
65 HandlerData.Request.Cookies.Values['SessionId'] + '"');
66 DbRows.Destroy;
67 Self.User := User;
68end;
69
70procedure TWebOnlineUser.Logout;
71var
72 DbRows: TDbRows;
73begin
74 if Id = 1 then Update;
75 if User <> 1 then begin
76 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' +
77 HandlerData.Request.Cookies.Values['SessionId'] + '"');
78 DbRows.Destroy;
79 User := 1;
80 end;
81end;
82
83{ TUser }
84
85procedure TWebUser.Delete(Id: Integer);
86begin
87 Database.Query('DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
88end;
89
90procedure TWebUser.Add(Name, Password, Email: string);
91var
92 Salt: string;
93 DbRows: TDbRows;
94begin
95 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
96 try
97 if DbRows.Count = 0 then begin
98 Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8));
99 Database.Query('INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
100 Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt +
101 '", "' + Email + '", NOW())');
102 end else raise EDuplicateItem.Create('User name already used');
103 finally
104 DbRows.Destroy;
105 end;
106end;
107
108function TWebUser.GetIdByName(Name: string): Integer;
109var
110 DbRows: TDbRows;
111begin
112 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
113 try
114 if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
115 else raise ENotFound.Create('User "' + Name + '" not found');
116 finally
117 DBRows.Destroy;
118 end;
119end;
120
121function TWebUser.GetIdByNamePassword(Name: string; PassWord: string): Integer;
122var
123 DbRows: TDbRows;
124begin
125 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
126 '`Password` = SHA1(CONCAT("' + Password + '", Salt))');
127 try
128 if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
129 else raise ENotFound.Create('User "' + Name + '" not found');
130 finally
131 DBRows.Destroy;
132 end;
133end;
134
135end.
136
Note: See TracBrowser for help on using the repository browser.