Changeset 33 for trunk/Application/UUser.pas
- Timestamp:
- Sep 13, 2010, 11:20:24 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk
- Property svn:ignore
-
old new 2 2 UConfig.pas 3 3 bin 4 lib
-
- Property svn:ignore
-
trunk/Application/UUser.pas
r32 r33 1 1 unit UUser; 2 2 3 {$mode delphi}3 {$mode Delphi}{$H+} 4 4 5 5 interface 6 6 7 7 uses 8 Classes, SysUtils, USqlDatabase, UCGIApplication;8 Classes, SysUtils, synacode, USqlDatabase, UCommon, UHTTPServer; 9 9 10 10 type 11 TSQLUserList = class 11 EDuplicateItem = class(Exception); 12 ENotFound = class(Exception); 13 14 { TWebUser } 15 16 TWebUser = class 12 17 Database: TSqlDatabase; 18 HandlerData: THTTPHandlerData; 19 procedure Delete(Id: Integer); 20 procedure Add(Name, Password, Email: string); 21 function GetIdByName(Name: string): Integer; 22 function GetIdByNamePassword(Name: string; PassWord: string): Integer; 13 23 end; 14 24 15 TUser = class25 { TWebOnlineUser } 16 26 17 end; 18 19 { TSQLOnlineUser } 20 21 TSQLOnlineUser = class 27 TWebOnlineUser = class 22 28 Database: TSqlDatabase; 29 HandlerData: THTTPHandlerData; 23 30 Id: Integer; 24 31 User: Integer; 25 CGI: TCGIApplication;26 procedure Login(Name, Password: string);27 function Logout: string;28 32 procedure Update; 33 procedure Login(User: Integer); 34 procedure Logout; 29 35 end; 30 36 31 37 implementation 32 38 33 { TSQLOnlineUser } 39 resourcestring 40 SDuplicateUserItem = 'User name already used.'; 34 41 35 procedure TSQLOnlineUser.Login(Name, Password: string); 42 { TOnlineUser } 43 44 procedure TWebOnlineUser.Update; 45 var 46 DbRows: TDbRows; 47 Id: Integer; 48 begin 49 DbRows := Database.Query('SELECT * FROM `UserOnline` WHERE `SessionId`="' + 50 HandlerData.Request.Cookies.Values['SessionId'] + '"'); 51 if DbRows.Count > 0 then begin 52 // Update exited 53 Id := StrToInt(DbRows[0].Values['Id']); 54 DbRows.Free; 55 DbRows := Database.Query('UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id)); 56 end else begin 57 // Create new record 58 DbRows.Free; 59 DbRows := Database.Query('INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' + 60 'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")'); 61 Id := Database.LastInsertId; 62 end; 63 DbRows.Destroy; 64 end; 65 66 procedure TWebOnlineUser.Login(User: Integer); 36 67 var 37 68 DbRows: TDbRows; 38 69 begin 39 70 Logout; 40 try 41 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' + 42 CGI.Cookies.Values['SessionId'] + '"'); 43 finally 44 DbRows.Free; 45 end; 71 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' + 72 HandlerData.Request.Cookies.Values['SessionId'] + '"'); 73 DbRows.Destroy; 46 74 Self.User := User; 47 75 end; 48 76 49 function TSQLOnlineUser.Logout: string;77 procedure TWebOnlineUser.Logout; 50 78 var 51 79 DbRows: TDbRows; … … 53 81 if Id = 1 then Update; 54 82 if User <> 1 then begin 55 try 56 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' + 57 CGI.Cookies.Values['SessionId'] + '"'); 58 finally 59 DbRows.Free; 60 end; 83 DbRows := Database.Query('UPDATE `UserOnline` SET `User` = 1 WHERE `SessionId`="' + 84 HandlerData.Request.Cookies.Values['SessionId'] + '"'); 85 DbRows.Destroy; 61 86 User := 1; 62 87 end; 63 88 end; 64 89 65 procedure TSQLOnlineUser.Update; 90 { TUser } 91 92 procedure TWebUser.Delete(Id: Integer); 66 93 begin 94 Database.Query('DELETE FROM `User` WHERE `Id`=' + IntToStr(Id)); 95 end; 67 96 97 procedure TWebUser.Add(Name, Password, Email: string); 98 var 99 Salt: string; 100 DbRows: TDbRows; 101 begin 102 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"'); 103 try 104 if DbRows.Count = 0 then begin 105 Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8)); 106 Database.Query('INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' + 107 Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt + 108 '", "' + Email + '", NOW())'); 109 end else raise EDuplicateItem.Create(SDuplicateUserItem); 110 finally 111 DbRows.Destroy; 112 end; 113 end; 114 115 function TWebUser.GetIdByName(Name: string): Integer; 116 var 117 DbRows: TDbRows; 118 begin 119 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"'); 120 try 121 if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0]) 122 else raise ENotFound.Create('User "' + Name + '" not found'); 123 finally 124 DBRows.Destroy; 125 end; 126 end; 127 128 function TWebUser.GetIdByNamePassword(Name: string; PassWord: string): Integer; 129 var 130 DbRows: TDbRows; 131 begin 132 DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' + 133 '`Password` = SHA1(CONCAT("' + Password + '", Salt))'); 134 try 135 if DbRows.Count = 1 then Result := StrToInt(DbRows[0].ValuesAtIndex[0]) 136 else raise ENotFound.Create('User "' + Name + '" not found'); 137 finally 138 DBRows.Destroy; 139 end; 68 140 end; 69 141
Note:
See TracChangeset
for help on using the changeset viewer.