Subversion Repositories RepoView

Rev

Rev 30 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
1 nishi 1 
/* $Id: sqlite.c 31 2024-08-21 19:30:16Z nishi $ */
2 
 
3 
#include "rv_db.h"
4 
 
5 
#include "../../config.h"
6 
 
7 
#include "rv_util.h"
5 nishi 8 
#include "rv_sha512.h"
1 nishi 9 
 
10 
#include <sqlite3.h>
11 
 
5 nishi 12 
#include <string.h>
1 nishi 13 
#include <stdio.h>
14 
#include <stdlib.h>
15 
#include <stdbool.h>
16 
 
17 
sqlite3* sql;
18 
 
3 nishi 19 
void rv_init_db(void) {
1 nishi 20 
	int ret;
21 
	ret = sqlite3_open(DB_ROOT "/db.sqlite3", &sql);
3 nishi 22 
	if(ret != SQLITE_OK) {
1 nishi 23 
		rv_error_http();
24 
		printf("SQLite3 database error\n");
25 
		exit(1);
26 
	}
27 
	char* err;
3 nishi 28 
	ret = sqlite3_exec(sql, "create table if not exists users(user text, password text)", NULL, NULL, &err);
29 
	if(ret != SQLITE_OK) {
1 nishi 30 
		sqlite3_free(err);
31 
		rv_error_http();
32 
		printf("SQLite3 database error\n");
33 
		exit(1);
34 
	}
3 nishi 35 
	ret = sqlite3_exec(sql, "create table if not exists tokens(user text, token text)", NULL, NULL, &err);
36 
	if(ret != SQLITE_OK) {
1 nishi 37 
		sqlite3_free(err);
38 
		rv_error_http();
39 
		printf("SQLite3 database error\n");
40 
		exit(1);
41 
	}
42 
}
43 
 
3 nishi 44 
void rv_close_db(void) { sqlite3_close(sql); }
1 nishi 45 
 
46 
int count = 0;
47 
 
5 nishi 48 
struct user {
49 
	char* username;
50 
	char* password;
51 
	bool valid;
52 
};
53 
 
3 nishi 54 
int sqlcount(void* param, int ncol, char** row, char** col) {
1 nishi 55 
	count = ncol;
56 
	return 0;
57 
}
58 
 
5 nishi 59 
int sqlgetpasswd(void* param, int ncol, char** row, char** col) {
60 
	struct user* user = (struct user*)param;
61 
	if(strcmp(row[0], user->username) == 0) {
62 
		char* hash = rv_sha512(user->password);
63 
		if(strcmp(row[1], hash) == 0) {
64 
			user->valid = true;
65 
		}
66 
		free(hash);
67 
	}
68 
	return 0;
69 
}
70 
 
71 
char* escape_sql(const char* input) {
72 
	char* query = malloc(1);
73 
	query[0] = 0;
1 nishi 74 
	char cbuf[2];
75 
	cbuf[1] = 0;
76 
	int i;
5 nishi 77 
	for(i = 0; input[i] != 0; i++) {
78 
		if(input[i] == '\'') {
79 
			cbuf[0] = input[i];
1 nishi 80 
			char* tmp = query;
31 nishi 81 
			query = rv_strcat(tmp, cbuf);
1 nishi 82 
			free(tmp);
5 nishi 83 
			cbuf[0] = input[i];
1 nishi 84 
			tmp = query;
85 
			query = rv_strcat(tmp, cbuf);
86 
			free(tmp);
3 nishi 87 
		} else {
5 nishi 88 
			cbuf[0] = input[i];
1 nishi 89 
			char* tmp = query;
90 
			query = rv_strcat(tmp, cbuf);
91 
			free(tmp);
92 
		}
93 
	}
5 nishi 94 
	return query;
95 
}
96 
 
97 
bool rv_check_password(const char* username, const char* password) {
98 
	char* err;
99 
	int ret;
100 
	struct user user;
101 
	user.username = (char*)username;
102 
	user.password = (char*)password;
103 
	user.valid = false;
104 
	char* esc = escape_sql(username);
105 
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
106 
	free(esc);
107 
	ret = sqlite3_exec(sql, query, sqlgetpasswd, (void*)&user, &err);
108 
	if(ret != SQLITE_OK) {
109 
		sqlite3_free(err);
110 
	}
111 
	return user.valid;
112 
}
113 
 
13 nishi 114 
void rv_create_user(const char* username, const char* password) {
115 
	char* err;
116 
	int ret;
117 
	char* sha512 = rv_sha512(password);
118 
	char* esc = escape_sql(username);
119 
	char* tmp = rv_strcat3("insert into users values('", esc, "', '");
120 
	char* query = rv_strcat3(tmp, sha512, "')");
121 
	free(sha512);
122 
	free(tmp);
123 
	free(esc);
124 
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
125 
	if(ret != SQLITE_OK) {
126 
		sqlite3_free(err);
127 
	}
15 nishi 128 
	rv_add_auth(username, password);
13 nishi 129 
}
130 
 
5 nishi 131 
void rv_save_token(const char* username, const char* token) {
132 
	char* err;
133 
	int ret;
134 
	char* esc = escape_sql(username);
135 
	char* tmp = rv_strcat3("insert into tokens values('", esc, "', '");
136 
	char* query = rv_strcat3(tmp, token, "')");
1 nishi 137 
	free(tmp);
5 nishi 138 
	free(esc);
139 
	ret = sqlite3_exec(sql, query, NULL, NULL, &err);
140 
	free(query);
141 
	if(ret != SQLITE_OK) {
142 
		sqlite3_free(err);
143 
	}
144 
}
145 
 
146 
char* has_username;
147 
 
148 
int sqlget(void* param, int ncol, char** row, char** col) {
149 
	has_username = rv_strdup(row[0]);
150 
	return 0;
151 
}
152 
 
153 
char* rv_who_has_token(const char* token) {
154 
	char* err;
155 
	count = 0;
156 
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
1 nishi 157 
	int ret;
5 nishi 158 
	has_username = NULL;
159 
	ret = sqlite3_exec(sql, query, sqlget, (void*)token, &err);
160 
	free(query);
161 
	if(ret != SQLITE_OK) {
162 
		sqlite3_free(err);
163 
		return NULL;
164 
	}
165 
	return has_username;
166 
}
167 
 
168 
bool rv_has_token(const char* token) {
169 
	char* err;
170 
	char* query = rv_strcat3("select * from tokens where token = '", token, "'");
171 
	int ret;
7 nishi 172 
	count = 0;
3 nishi 173 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
1 nishi 174 
	free(query);
3 nishi 175 
	if(ret != SQLITE_OK) {
1 nishi 176 
		sqlite3_free(err);
177 
	}
178 
	return count > 0;
179 
}
5 nishi 180 
 
7 nishi 181 
void rv_remove_token(const char* token) {
182 
	char* err;
183 
	char* query = rv_strcat3("delete from tokens where token = '", token, "'");
184 
	int ret;
185 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
186 
	free(query);
187 
	if(ret != SQLITE_OK) {
188 
		sqlite3_free(err);
189 
	}
190 
}
191 
 
5 nishi 192 
bool rv_has_user(const char* username) {
193 
	char* err;
194 
	count = 0;
195 
	char* esc = escape_sql(username);
196 
	char* query = rv_strcat3("select * from users where user = '", esc, "'");
197 
	free(esc);
198 
	int ret;
199 
	ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);
200 
	free(query);
201 
	if(ret != SQLITE_OK) {
202 
		sqlite3_free(err);
203 
	}
204 
	return count > 0;
205 
}