Subversion Repositories RepoView

Rev

Rev 15 | Rev 31 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
1 nishi 1
/* $Id: sqlite.c 30 2024-08-21 19:29:43Z nishi $ */
2
 
3
#include "rv_db.h"
4
 
5
#include "../../config.h"
6
 
7
#include "rv_util.h"
5 nishi 8
#include "rv_sha512.h"
1 nishi 9
 
10
#include <sqlite3.h>
11
 
5 nishi 12
#include <string.h>
1 nishi 13
#include <stdio.h>
14
#include <stdlib.h>
15
#include <stdbool.h>
16
 
17
sqlite3* sql;
18
 
3 nishi 19
void rv_init_db(void) {
1 nishi 20
	int ret;
21
	ret = sqlite3_open(DB_ROOT "/db.sqlite3", &sql);
3 nishi 22
	if(ret != SQLITE_OK) {
1 nishi 23
		rv_error_http();
24
		printf("SQLite3 database error\n");
25
		exit(1);
26
	}
27
	char* err;
3 nishi 28
	ret = sqlite3_exec(sql, "create table if not exists users(user text, password text)", NULL, NULL, &err);
29
	if(ret != SQLITE_OK) {
1 nishi 30
		sqlite3_free(err);
31
		rv_error_http();
32
		printf("SQLite3 database error\n");
33
		exit(1);
34
	}
3 nishi 35
	ret = sqlite3_exec(sql, "create table if not exists tokens(user text, token text)", NULL, NULL, &err);
36
	if(ret != SQLITE_OK) {
1 nishi 37
		sqlite3_free(err);
38
		rv_error_http();
39
		printf("SQLite3 database error\n");
40
		exit(1);
41
	}
42
}
43
 
3 nishi 44
void rv_close_db(void) { sqlite3_close(sql); }
1 nishi 45
 
46
int count = 0;
47
 
5 nishi 48
struct user {
49
	char* username;
50
	char* password;
51
	bool valid;
52
};
53
 
3 nishi 54
int sqlcount(void* param, int ncol, char** row, char** col) {
1 nishi 55
	count = ncol;
56
	return 0;
57
}
58
 
5 nishi 59
int sqlgetpasswd(void* param, int ncol, char** row, char** col) {
60
	struct user* user = (struct user*)param;
61
	if(strcmp(row[0], user->username) == 0) {
62
		char* hash = rv_sha512(user->password);
63
		if(strcmp(row[1], hash) == 0) {
64
			user->valid = true;
65
		}
66
		free(hash);
67
	}
68
	return 0;
69
}
70
 
71
char* escape_sql(const char* input) {
72
	char* query = malloc(1);
73
	query[0] = 0;
1 nishi 74
	char cbuf[2];
75
	cbuf[1] = 0;
76
	int i;
5 nishi 77
	for(i = 0; input[i] != 0; i++) {
78
		if(input[i] == '\'') {
79
			cbuf[0] = input[i];
1 nishi 80
			char* tmp = query;
30 nishi 81
			query rv_strcat(tmp, cbuf);
1 nishi 82
			free(tmp);
5 nishi 83
			cbuf[0] = input[i];
1 nishi 84
			tmp = query;
85
			query = rv_strcat(tmp, cbuf);
86
			free(tmp);
3 nishi 87
		} else {
5 nishi 88
			cbuf[0] = input[i];
1 nishi 89
			char* tmp = query;
90
			query = rv_strcat(tmp, cbuf);
91
			free(tmp);
92
		}
93
	}
5 nishi 94
	return query;
95
}
96
 
97
bool rv_check_password(const char* username, const char* password) {
98
	char* err;
99
	int ret;
100
	struct user user;
101
	user.username = (char*)username;
102
	user.password = (char*)password;
103
	user.valid = false;
104
	char* esc = escape_sql(username);
105
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
106
	free(esc);
107
	ret = sqlite3_exec(sql, query, sqlgetpasswd, (void*)&user, &err);
108
	if(ret != SQLITE_OK) {
109
		sqlite3_free(err);
110
	}
111
	return user.valid;
112
}
113
 
13 nishi 114
void rv_create_user(const char* username, const char* password) {
115
	char* err;
116
	int ret;
117
	char* sha512 = rv_sha512(password);
118
	char* esc = escape_sql(username);
119
	char* tmp = rv_strcat3("insert into users values('", esc, "', '");
120
	char* query = rv_strcat3(tmp, sha512, "')");
121
	free(sha512);
122
	free(tmp);
123
	free(esc);
124
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
125
	if(ret != SQLITE_OK) {
126
		sqlite3_free(err);
127
	}
15 nishi 128
	rv_add_auth(username, password);
13 nishi 129
}
130
 
5 nishi 131
void rv_save_token(const char* username, const char* token) {
132
	char* err;
133
	int ret;
134
	char* esc = escape_sql(username);
135
	char* tmp = rv_strcat3("insert into tokens values('", esc, "', '");
136
	char* query = rv_strcat3(tmp, token, "')");
1 nishi 137
	free(tmp);
5 nishi 138
	free(esc);
139
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
140
	free(query);
141
	if(ret != SQLITE_OK) {
142
		sqlite3_free(err);
143
	}
144
}
145
 
146
char* has_username;
147
 
148
int sqlget(void* param, int ncol, char** row, char** col) {
149
	has_username = rv_strdup(row[0]);
150
	return 0;
151
}
152
 
153
char* rv_who_has_token(const char* token) {
154
	char* err;
155
	count = 0;
156
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
1 nishi 157
	int ret;
5 nishi 158
	has_username = NULL;
159
	ret = sqlite3_exec(sql, query, sqlget, (void*)token, &err);
160
	free(query);
161
	if(ret != SQLITE_OK) {
162
		sqlite3_free(err);
163
		return NULL;
164
	}
165
	return has_username;
166
}
167
 
168
bool rv_has_token(const char* token) {
169
	char* err;
170
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
171
	int ret;
7 nishi 172
	count = 0;
3 nishi 173
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
1 nishi 174
	free(query);
3 nishi 175
	if(ret != SQLITE_OK) {
1 nishi 176
		sqlite3_free(err);
177
	}
178
	return count > 0;
179
}
5 nishi 180
 
7 nishi 181
void rv_remove_token(const char* token) {
182
	char* err;
183
	char* query = rv_strcat3("delete from tokens where token = '", token, "'");
184
	int ret;
185
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
186
	free(query);
187
	if(ret != SQLITE_OK) {
188
		sqlite3_free(err);
189
	}
190
}
191
 
5 nishi 192
bool rv_has_user(const char* username) {
193
	char* err;
194
	count = 0;
195
	char* esc = escape_sql(username);
196
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
197
	free(esc);
198
	int ret;
199
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
200
	free(query);
201
	if(ret != SQLITE_OK) {
202
		sqlite3_free(err);
203
	}
204
	return count > 0;
205
}