Changeset 33 for trunk/Application/UUser.pas

Timestamp:

Sep 13, 2010, 11:20:24 AM (14 years ago)

Author:

george

Message:

• Přidáno: Druhá varianta projektu pro sestavení TCP serveru.
• Přidáno: Vlastní obsluha vyjímek a zobrazení ve HTTP tvaru.
• Opraveno: Zpracování session třídy THTTPSessionStorageMySQL.

Location:

trunk

Files:

• . (modified) (1 prop)
• Application/UUser.pas (modified) (2 diffs)

trunk

@@ -2 +2 @@
 UConfig.pas
 bin
+lib

@@ -2 +2 @@
 UConfig.pas
 bin
+lib

trunk/Application/UUser.pas

@@ -1 +1 @@
 unit UUser;
 
-{$mode delphi}
+{$mode Delphi}{$H+}
 
 interface
 
 uses
-  Classes, SysUtils, USqlDatabase, UCGIApplication;
+  Classes, SysUtils, synacode, USqlDatabase, UCommon, UHTTPServer;
 
 type
-  TSQLUserList = class
+  EDuplicateItem = class(Exception);
+  ENotFound = class(Exception);
+
+  { TWebUser }
+
+  TWebUser = class
     Database: TSqlDatabase;
+    HandlerData: THTTPHandlerData;
+    procedure Delete(Id: Integer);
+    procedure Add(Name, Password, Email: string);
+    function GetIdByName(Name: string): Integer;
+    function GetIdByNamePassword(Name: string; PassWord: string): Integer;
   end;
 
-  TUser = class
+  { TWebOnlineUser }
 
-  end;
-
-  { TSQLOnlineUser }
-
-  TSQLOnlineUser = class
+  TWebOnlineUser = class
     Database: TSqlDatabase;
+    HandlerData: THTTPHandlerData;
     Id: Integer;
     User: Integer;
-    CGI: TCGIApplication;
-    procedure Login(Name, Password: string);
-    function Logout: string;
     procedure Update;
+    procedure Login(User: Integer);
+    procedure Logout;
   end;
 
 implementation
 
-{ TSQLOnlineUser }
+resourcestring
+  SDuplicateUserItem = 'User name already used.';
 
-procedure TSQLOnlineUser.Login(Name, Password: string);
+{ TOnlineUser }
+
+procedure TWebOnlineUser.Update;
+var
+  DbRows: TDbRows;
+  Id: Integer;
+begin
+  DbRows := Database.Query('SELECT * FROM `UserOnline` WHERE `SessionId`="' +
+    HandlerData.Request.Cookies.Values['SessionId'] + '"');
+  if DbRows.Count > 0 then begin
+    // Update exited
+    Id := StrToInt(DbRows[0].Values['Id']);
+    DbRows.Free;
+    DbRows := Database.Query('UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
+  end else begin
+    // Create new record
+    DbRows.Free;
+    DbRows := Database.Query('INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
+      'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")');
+    Id := Database.LastInsertId;
+  end;
+  DbRows.Destroy;
+end;
+
+procedure TWebOnlineUser.Login(User: Integer);
 var
   DbRows: TDbRows;
 begin
   Logout;
-  try
-    DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
-      CGI.Cookies.Values['SessionId'] + '"');
-  finally
-    DbRows.Free;
-  end;
+  DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
+    HandlerData.Request.Cookies.Values['SessionId'] + '"');
+  DbRows.Destroy;
   Self.User := User;
 end;
 
-function TSQLOnlineUser.Logout: string;
+procedure TWebOnlineUser.Logout;
 var
   DbRows: TDbRows;
@@ -53 +81 @@
   if Id = 1 then Update;
   if User <> 1 then begin
-    try
-      DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' +
-        CGI.Cookies.Values['SessionId'] + '"');
-    finally
-      DbRows.Free;
-    end;
+    DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' +
+      HandlerData.Request.Cookies.Values['SessionId'] + '"');
+    DbRows.Destroy;
     User := 1;
   end;
 end;
 
-procedure TSQLOnlineUser.Update;
+{ TUser }
+
+procedure TWebUser.Delete(Id: Integer);
 begin
+  Database.Query('DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
+end;
 
+procedure TWebUser.Add(Name, Password, Email: string);
+var
+  Salt: string;
+  DbRows: TDbRows;
+begin
+  DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
+  try
+    if DbRows.Count = 0 then begin
+      Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8));
+      Database.Query('INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
+        Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt +
+        '", "' + Email + '", NOW())');
+    end else raise EDuplicateItem.Create(SDuplicateUserItem);
+  finally
+    DbRows.Destroy;
+  end;
+end;
+
+function TWebUser.GetIdByName(Name: string): Integer;
+var
+  DbRows: TDbRows;
+begin
+  DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
+  try
+    if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
+      else raise ENotFound.Create('User "' + Name + '" not found');
+  finally
+    DBRows.Destroy;
+  end;
+end;
+
+function TWebUser.GetIdByNamePassword(Name: string; PassWord: string): Integer;
+var
+  DbRows: TDbRows;
+begin
+  DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
+    '`Password` = SHA1(CONCAT("' + Password + '", Salt))');
+  try
+    if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0])
+      else raise ENotFound.Create('User "' + Name + '" not found');
+  finally
+    DBRows.Destroy;
+  end;
 end;
 

@@ -2 +2 @@
 UConfig.pas
 bin
+lib