Subversion Repositories RepoView

Rev

Rev 7 | Rev 15 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
1 nishi 1 
/* $Id: sqlite.c 13 2024-08-21 12:31:40Z nishi $ */
2 
 
3 
#include "rv_db.h"
4 
 
5 
#include "../../config.h"
6 
 
7 
#include "rv_util.h"
5 nishi 8 
#include "rv_sha512.h"
1 nishi 9 
 
10 
#include <sqlite3.h>
11 
 
5 nishi 12 
#include <string.h>
1 nishi 13 
#include <stdio.h>
14 
#include <stdlib.h>
15 
#include <stdbool.h>
16 
 
17 
sqlite3* sql;
18 
 
3 nishi 19 
void rv_init_db(void) {
1 nishi 20 
	int ret;
21 
	ret = sqlite3_open(DB_ROOT "/db.sqlite3", &sql);
3 nishi 22 
	if(ret != SQLITE_OK) {
1 nishi 23 
		rv_error_http();
24 
		printf("SQLite3 database error\n");
25 
		exit(1);
26 
	}
27 
	char* err;
3 nishi 28 
	ret = sqlite3_exec(sql, "create table if not exists users(user text, password text)", NULL, NULL, &err);
29 
	if(ret != SQLITE_OK) {
1 nishi 30 
		sqlite3_free(err);
31 
		rv_error_http();
32 
		printf("SQLite3 database error\n");
33 
		exit(1);
34 
	}
3 nishi 35 
	ret = sqlite3_exec(sql, "create table if not exists tokens(user text, token text)", NULL, NULL, &err);
36 
	if(ret != SQLITE_OK) {
1 nishi 37 
		sqlite3_free(err);
38 
		rv_error_http();
39 
		printf("SQLite3 database error\n");
40 
		exit(1);
41 
	}
42 
}
43 
 
3 nishi 44 
void rv_close_db(void) { sqlite3_close(sql); }
1 nishi 45 
 
46 
int count = 0;
47 
 
5 nishi 48 
struct user {
49 
	char* username;
50 
	char* password;
51 
	bool valid;
52 
};
53 
 
3 nishi 54 
int sqlcount(void* param, int ncol, char** row, char** col) {
1 nishi 55 
	count = ncol;
56 
	return 0;
57 
}
58 
 
5 nishi 59 
int sqlgetpasswd(void* param, int ncol, char** row, char** col) {
60 
	struct user* user = (struct user*)param;
61 
	if(strcmp(row[0], user->username) == 0) {
62 
		char* hash = rv_sha512(user->password);
63 
		if(strcmp(row[1], hash) == 0) {
64 
			user->valid = true;
65 
		}
66 
		free(hash);
67 
	}
68 
	return 0;
69 
}
70 
 
71 
char* escape_sql(const char* input) {
72 
	char* query = malloc(1);
73 
	query[0] = 0;
1 nishi 74 
	char cbuf[2];
75 
	cbuf[1] = 0;
76 
	int i;
5 nishi 77 
	for(i = 0; input[i] != 0; i++) {
78 
		if(input[i] == '\'') {
79 
			cbuf[0] = input[i];
1 nishi 80 
			char* tmp = query;
81 
			tmp = rv_strcat(tmp, cbuf);
82 
			free(tmp);
5 nishi 83 
			cbuf[0] = input[i];
1 nishi 84 
			tmp = query;
85 
			query = rv_strcat(tmp, cbuf);
86 
			free(tmp);
3 nishi 87 
		} else {
5 nishi 88 
			cbuf[0] = input[i];
1 nishi 89 
			char* tmp = query;
90 
			query = rv_strcat(tmp, cbuf);
91 
			free(tmp);
92 
		}
93 
	}
5 nishi 94 
	return query;
95 
}
96 
 
97 
bool rv_check_password(const char* username, const char* password) {
98 
	char* err;
99 
	int ret;
100 
	struct user user;
101 
	user.username = (char*)username;
102 
	user.password = (char*)password;
103 
	user.valid = false;
104 
	char* esc = escape_sql(username);
105 
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
106 
	free(esc);
107 
	ret = sqlite3_exec(sql, query, sqlgetpasswd, (void*)&user, &err);
108 
	if(ret != SQLITE_OK) {
109 
		sqlite3_free(err);
110 
	}
111 
	return user.valid;
112 
}
113 
 
13 nishi 114 
void rv_create_user(const char* username, const char* password) {
115 
	char* err;
116 
	int ret;
117 
	char* sha512 = rv_sha512(password);
118 
	char* esc = escape_sql(username);
119 
	char* tmp = rv_strcat3("insert into users values('", esc, "', '");
120 
	char* query = rv_strcat3(tmp, sha512, "')");
121 
	free(sha512);
122 
	free(tmp);
123 
	free(esc);
124 
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
125 
	if(ret != SQLITE_OK) {
126 
		sqlite3_free(err);
127 
	}
128 
}
129 
 
5 nishi 130 
void rv_save_token(const char* username, const char* token) {
131 
	char* err;
132 
	int ret;
133 
	char* esc = escape_sql(username);
134 
	char* tmp = rv_strcat3("insert into tokens values('", esc, "', '");
135 
	char* query = rv_strcat3(tmp, token, "')");
1 nishi 136 
	free(tmp);
5 nishi 137 
	free(esc);
138 
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
139 
	free(query);
140 
	if(ret != SQLITE_OK) {
141 
		sqlite3_free(err);
142 
	}
143 
}
144 
 
145 
char* has_username;
146 
 
147 
int sqlget(void* param, int ncol, char** row, char** col) {
148 
	has_username = rv_strdup(row[0]);
149 
	return 0;
150 
}
151 
 
152 
char* rv_who_has_token(const char* token) {
153 
	char* err;
154 
	count = 0;
155 
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
1 nishi 156 
	int ret;
5 nishi 157 
	has_username = NULL;
158 
	ret = sqlite3_exec(sql, query, sqlget, (void*)token, &err);
159 
	free(query);
160 
	if(ret != SQLITE_OK) {
161 
		sqlite3_free(err);
162 
		return NULL;
163 
	}
164 
	return has_username;
165 
}
166 
 
167 
bool rv_has_token(const char* token) {
168 
	char* err;
169 
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
170 
	int ret;
7 nishi 171 
	count = 0;
3 nishi 172 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
1 nishi 173 
	free(query);
3 nishi 174 
	if(ret != SQLITE_OK) {
1 nishi 175 
		sqlite3_free(err);
176 
	}
177 
	return count > 0;
178 
}
5 nishi 179 
 
7 nishi 180 
void rv_remove_token(const char* token) {
181 
	char* err;
182 
	char* query = rv_strcat3("delete from tokens where token = '", token, "'");
183 
	int ret;
184 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
185 
	free(query);
186 
	if(ret != SQLITE_OK) {
187 
		sqlite3_free(err);
188 
	}
189 
}
190 
 
5 nishi 191 
bool rv_has_user(const char* username) {
192 
	char* err;
193 
	count = 0;
194 
	char* esc = escape_sql(username);
195 
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
196 
	free(esc);
197 
	int ret;
198 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
199 
	free(query);
200 
	if(ret != SQLITE_OK) {
201 
		sqlite3_free(err);
202 
	}
203 
	return count > 0;
204 
}