Context Navigation

UUser.pas

Last change on this file was 4, checked in by chronos, 13 years ago
Přidáno: Balíček CoolWeb pro přístup k SQL databázi. Přidáno: Struktura databáze.
File size: 5.0 KB

Line
1	unit UUser;
2
3	{$mode Delphi}{$H+}
4
5	interface
6
7	uses
8	Classes, SysUtils, synacode, USqlDatabase, UCommon, UHTTPServer;
9
10	const
11	AnonymousUserId = 1;
12
13	type
14	EDuplicateItem = class(Exception);
15	ENotFound = class(Exception);
16
17	{ TWebUser }
18
19	TWebUser = class
20	Id: Integer;
21	Name: string;
22	FullName: string;
23	Email: string;
24	Database: TSqlDatabase;
25	HandlerData: THTTPHandlerData;
26	procedure Delete(Id: Integer);
27	procedure Add(Name, Password, Email: string);
28	function GetIdByName(Name: string): Integer;
29	function GetIdByNamePassword(Name: string; PassWord: string): Integer;
30	procedure Load;
31	end;
32
33	{ TWebOnlineUser }
34
35	TWebOnlineUser = class
36	Database: TSqlDatabase;
37	HandlerData: THTTPHandlerData;
38	Id: Integer;
39	User: Integer;
40	procedure Update;
41	procedure Login(User: Integer);
42	procedure Logout;
43	end;
44
45	implementation
46
47	resourcestring
48	SDuplicateUserItem = 'User name "%s" already used.';
49	SEmptyUserParameters = 'Missing user parameters';
50	SUserNotFound = 'User "%s" not found';
51
52	{ TOnlineUser }
53
54	procedure TWebOnlineUser.Update;
55	var
56	DbRows: TDbRows;
57	Id: Integer;
58	begin
59	try
60	DbRows := TDbRows.Create;
61	Database.Query(DbRows, 'SELECT * FROM `UserOnline` WHERE `SessionId`="' +
62	HandlerData.Request.Cookies.Values['SessionId'] + '"');
63	if DbRows.Count > 0 then begin
64	// Update exited
65	Id := StrToInt(DbRows[0].Values['Id']);
66	User := StrToInt(DbRows[0].Values['User']);
67	Database.Query(DbRows, 'UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
68	end else begin
69	// Create new record
70	Database.Query(DbRows, 'INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
71	'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")');
72	Id := Database.LastInsertId;
73	User := 1;
74	end;
75	finally
76	DbRows.Free;
77	end;
78	end;
79
80	procedure TWebOnlineUser.Login(User: Integer);
81	var
82	DbRows: TDbRows;
83	begin
84	Logout;
85	try
86	DbRows := TDbRows.Create;
87	Database.Query(DbRows, 'UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
88	HandlerData.Request.Cookies.Values['SessionId'] + '"');
89	finally
90	DbRows.Free;
91	end;
92	Self.User := User;
93	end;
94
95	procedure TWebOnlineUser.Logout;
96	var
97	DbRows: TDbRows;
98	begin
99	if Id = AnonymousUserId then Update;
100	if User <> AnonymousUserId then begin
101	try
102	DbRows := TDbRows.Create;
103	Database.Query(DbRows, 'UPDATE `UserOnline` SET `User` = ' + IntToStr(AnonymousUserId) + ' WHERE `SessionId`="' +
104	HandlerData.Request.Cookies.Values['SessionId'] + '"');
105	finally
106	DbRows.Free;
107	end;
108	User := AnonymousUserId;
109	end;
110	end;
111
112	{ TUser }
113
114	procedure TWebUser.Delete(Id: Integer);
115	var
116	DbRows: TDbRows;
117	begin
118	try
119	DbRows := TDbRows.Create;
120	Database.Query(DbRows, 'DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
121	finally
122	DbRows.Free;
123	end;
124	end;
125
126	procedure TWebUser.Add(Name, Password, Email: string);
127	var
128	Salt: string;
129	DbRows: TDbRows;
130	begin
131	if (Name = '') or (Password = '') or (Email = '') then raise Exception.Create(SEmptyUserParameters);
132	try
133	DbRows := TDbRows.Create;
134	Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
135	if DbRows.Count = 0 then begin
136	Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8));
137	Database.Query(DbRows, 'INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
138	Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt +
139	'", "' + Email + '", NOW())');
140	end else raise EDuplicateItem.Create(Format(SDuplicateUserItem, [Name]));
141	finally
142	DbRows.Free;
143	end;
144	end;
145
146	function TWebUser.GetIdByName(Name: string): Integer;
147	var
148	DbRows: TDbRows;
149	begin
150	try
151	DbRows := TDbRows.Create;
152	Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
153	if DbRows.Count = 1 then Result := StrToInt(DbRows[0].Items[0].Value)
154	else raise ENotFound.Create(Format(SUserNotFound, [Name]));
155	finally
156	DBRows.Free;
157	end;
158	end;
159
160	function TWebUser.GetIdByNamePassword(Name: string; PassWord: string): Integer;
161	var
162	DbRows: TDbRows;
163	begin
164	try
165	DbRows := TDbRows.Create;
166	Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
167	'`Password` = SHA1(CONCAT("' + Password + '", Salt))');
168	if DbRows.Count = 1 then Result := StrToInt(DbRows[0].Items[0].Value)
169	else raise ENotFound.Create(Format(SUserNotFound, [Name]));
170	finally
171	DBRows.Free;
172	end;
173	end;
174
175	procedure TWebUser.Load;
176	var
177	DbRows: TDbRows;
178	begin
179	try
180	DbRows := TDbRows.Create;
181	Database.Query(DbRows, 'SELECT * FROM `User` WHERE `Id`="' + IntToStr(Id) + '"');
182	if DbRows.Count = 1 then begin
183	Name := DbRows[0].Values['Name'];
184	FullName := DbRows[0].Values['FullName'];
185	Email := DbRows[0].Values['Email'];
186	end else raise ENotFound.Create(Format(SUserNotFound, [IntToStr(Id)]));
187	finally
188	DBRows.Free;
189	end;
190	end;
191
192	end.
193

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/Packages/CoolWeb/Modules/UUser.pas

Download in other formats: