Changeset 38 for trunk/Application


Ignore:
Timestamp:
Nov 13, 2010, 4:32:15 PM (14 years ago)
Author:
george
Message:
  • Přidáno: Zobrazení seznamu hostovaných projektů.
  • Upraveno: Funkce Query jednotky SQLDatabase nyní nevrací novou instanci, ale výsledné řádky vrací v parametru. Bezpečnější metoda předcházející únikům paměti.
Location:
trunk/Application
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Application/UCustomApplication.pas

    r36 r38  
    8686  end;
    8787  try
    88     DbRows := Database.Query('SET NAMES utf8');
     88    DbRows := TDbRows.Create;
     89    Database.Query(DbRows, 'SET NAMES utf8');
    8990  finally
    9091    DbRows.Free;
  • trunk/Application/UUser.pas

    r37 r38  
    5252begin
    5353  try
    54     DbRows := Database.Query('SELECT * FROM `UserOnline` WHERE `SessionId`="' +
     54    DbRows := TDbRows.Create;
     55    Database.Query(DbRows, 'SELECT * FROM `UserOnline` WHERE `SessionId`="' +
    5556      HandlerData.Request.Cookies.Values['SessionId'] + '"');
    5657    if DbRows.Count > 0 then begin
     
    5859      Id := StrToInt(DbRows[0].Values['Id']);
    5960      User := StrToInt(DbRows[0].Values['User']);
    60       DbRows.Free;
    61       DbRows := Database.Query('UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
     61      Database.Query(DbRows, 'UPDATE `UserOnline` SET `ActivityTime` = NOW() WHERE `Id`=' + IntToStr(Id));
    6262    end else begin
    6363      // Create new record
    64       DbRows.Free;
    65       DbRows := Database.Query('INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
     64      Database.Query(DbRows, 'INSERT INTO `UserOnline` (`User`, `ActivityTime`, `SessionId`) ' +
    6665        'VALUES (1, NOW(), "' + HandlerData.Request.Cookies.Values['SessionId'] + '")');
    6766      Id := Database.LastInsertId;
     
    7978  Logout;
    8079  try
    81     DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
     80    DbRows := TDbRows.Create;
     81    Database.Query(DbRows, 'UPDATE `UserOnline` SET `User` = ' + IntToStr(User) + ', `LoginTime` = NOW() WHERE `SessionId`="' +
    8282      HandlerData.Request.Cookies.Values['SessionId'] + '"');
    8383  finally
     
    9393  if Id = AnonymousUserId then Update;
    9494  if User <> AnonymousUserId then begin
    95     DbRows := Database.Query('UPDATE `UserOnline` SET `User` = ' + IntToStr(AnonymousUserId) + ' WHERE `SessionId`="' +
    96       HandlerData.Request.Cookies.Values['SessionId'] + '"');
    97     DbRows.Destroy;
     95    try
     96      DbRows := TDbRows.Create;
     97      Database.Query(DbRows, 'UPDATE `UserOnline` SET `User` = ' + IntToStr(AnonymousUserId) + ' WHERE `SessionId`="' +
     98        HandlerData.Request.Cookies.Values['SessionId'] + '"');
     99    finally
     100      DbRows.Free;
     101    end;
    98102    User := AnonymousUserId;
    99103  end;
     
    103107
    104108procedure TWebUser.Delete(Id: Integer);
     109var
     110  DbRows: TDbRows;
    105111begin
    106   Database.Query('DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
     112  try
     113    DbRows := TDbRows.Create;
     114    Database.Query(DbRows, 'DELETE FROM `User` WHERE `Id`=' + IntToStr(Id));
     115  finally
     116    DbRows.Free;
     117  end;
    107118end;
    108119
     
    112123  DbRows: TDbRows;
    113124begin
    114   DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
    115125  try
     126    DbRows := TDbRows.Create;
     127    Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
    116128    if DbRows.Count = 0 then begin
    117129      Salt := EncodeBase64(Copy(BinToHexString(SHA1(FloatToStr(Now))), 1, 8));
    118       Database.Query('INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
     130      Database.Query(DbRows, 'INSERT INTO `User` (`Name`, `Password`, `Salt`, `Email`, `RegistrationTime`) VALUES ("' +
    119131        Name + '", SHA1(CONCAT("' + Password + '", "' + Salt + '")), "' + Salt +
    120132        '", "' + Email + '", NOW())');
    121133    end else raise EDuplicateItem.Create(SDuplicateUserItem);
    122134  finally
    123     DbRows.Destroy;
     135    DbRows.Free;
    124136  end;
    125137end;
     
    129141  DbRows: TDbRows;
    130142begin
    131   DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
    132143  try
     144    DbRows := TDbRows.Create;
     145    Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '"');
    133146    if DbRows.Count = 1 then Result := StrToInt(DbRows[0].Items[0].Value)
    134147      else raise ENotFound.Create('User "' + Name + '" not found');
    135148  finally
    136     DBRows.Destroy;
     149    DBRows.Free;
    137150  end;
    138151end;
     
    142155  DbRows: TDbRows;
    143156begin
    144   DbRows := Database.Query('SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
    145     '`Password` = SHA1(CONCAT("' + Password + '", Salt))');
    146157  try
     158    DbRows := TDbRows.Create;
     159    Database.Query(DbRows, 'SELECT `Id` FROM `User` WHERE `Name`="' + Name + '" AND ' +
     160      '`Password` = SHA1(CONCAT("' + Password + '", Salt))');
    147161    if DbRows.Count = 1 then Result := StrToInt(DbRows[0].Items[0].Value)
    148162      else raise ENotFound.Create('User "' + Name + '" not found');
    149163  finally
    150     DBRows.Destroy;
     164    DBRows.Free;
    151165  end;
    152166end;
Note: See TracChangeset for help on using the changeset viewer.