WebSVN – RepoView – Blame – /trunk/CGI/db/sqlite.c

Rev	Author	Line No.	Line
1	nishi	1	`/* $Id: sqlite.c 7 2024-08-21 01:12:44Z nishi $ */`
		2
		3	`#include "rv_db.h"`
		4
		5	`#include "../../config.h"`
		6
		7	`#include "rv_util.h"`
5	nishi	8	`#include "rv_sha512.h"`
1	nishi	9
		10	`#include <sqlite3.h>`
		11
5	nishi	12	`#include <string.h>`
1	nishi	13	`#include <stdio.h>`
		14	`#include <stdlib.h>`
		15	`#include <stdbool.h>`
		16
		17	`sqlite3* sql;`
		18
3	nishi	19	`void rv_init_db(void) {`
1	nishi	20	`int ret;`
		21	`ret = sqlite3_open(DB_ROOT "/db.sqlite3", &sql);`
3	nishi	22	`if(ret != SQLITE_OK) {`
1	nishi	23	`rv_error_http();`
		24	`printf("SQLite3 database error\n");`
		25	`exit(1);`
		26	`}`
		27	`char* err;`
3	nishi	28	`ret = sqlite3_exec(sql, "create table if not exists users(user text, password text)", NULL, NULL, &err);`
		29	`if(ret != SQLITE_OK) {`
1	nishi	30	`sqlite3_free(err);`
		31	`rv_error_http();`
		32	`printf("SQLite3 database error\n");`
		33	`exit(1);`
		34	`}`
3	nishi	35	`ret = sqlite3_exec(sql, "create table if not exists tokens(user text, token text)", NULL, NULL, &err);`
		36	`if(ret != SQLITE_OK) {`
1	nishi	37	`sqlite3_free(err);`
		38	`rv_error_http();`
		39	`printf("SQLite3 database error\n");`
		40	`exit(1);`
		41	`}`
		42	`}`
		43
3	nishi	44	`void rv_close_db(void) { sqlite3_close(sql); }`
1	nishi	45
		46	`int count = 0;`
		47
5	nishi	48	`struct user {`
		49	`char* username;`
		50	`char* password;`
		51	`bool valid;`
		52	`};`
		53
3	nishi	54	`int sqlcount(void* param, int ncol, char row, char col) {`
1	nishi	55	`count = ncol;`
		56	`return 0;`
		57	`}`
		58
5	nishi	59	`int sqlgetpasswd(void* param, int ncol, char row, char col) {`
		60	`struct user* user = (struct user*)param;`
		61	`if(strcmp(row[0], user->username) == 0) {`
		62	`char* hash = rv_sha512(user->password);`
		63	`if(strcmp(row[1], hash) == 0) {`
		64	`user->valid = true;`
		65	`}`
		66	`free(hash);`
		67	`}`
		68	`return 0;`
		69	`}`
		70
		71	`char* escape_sql(const char* input) {`
		72	`char* query = malloc(1);`
		73	`query[0] = 0;`
1	nishi	74	`char cbuf[2];`
		75	`cbuf[1] = 0;`
		76	`int i;`
5	nishi	77	`for(i = 0; input[i] != 0; i++) {`
		78	`if(input[i] == '\'') {`
		79	`cbuf[0] = input[i];`
1	nishi	80	`char* tmp = query;`
		81	`tmp = rv_strcat(tmp, cbuf);`
		82	`free(tmp);`
5	nishi	83	`cbuf[0] = input[i];`
1	nishi	84	`tmp = query;`
		85	`query = rv_strcat(tmp, cbuf);`
		86	`free(tmp);`
3	nishi	87	`} else {`
5	nishi	88	`cbuf[0] = input[i];`
1	nishi	89	`char* tmp = query;`
		90	`query = rv_strcat(tmp, cbuf);`
		91	`free(tmp);`
		92	`}`
		93	`}`
5	nishi	94	`return query;`
		95	`}`
		96
		97	`bool rv_check_password(const char* username, const char* password) {`
		98	`char* err;`
		99	`int ret;`
		100	`struct user user;`
		101	`user.username = (char*)username;`
		102	`user.password = (char*)password;`
		103	`user.valid = false;`
		104	`char* esc = escape_sql(username);`
		105	`char* query = rv_strcat3("select * from users where user = '", esc, "'");`
		106	`free(esc);`
		107	`ret = sqlite3_exec(sql, query, sqlgetpasswd, (void*)&user, &err);`
		108	`if(ret != SQLITE_OK) {`
		109	`sqlite3_free(err);`
		110	`}`
		111	`return user.valid;`
		112	`}`
		113
		114	`void rv_save_token(const char* username, const char* token) {`
		115	`char* err;`
		116	`int ret;`
		117	`char* esc = escape_sql(username);`
		118	`char* tmp = rv_strcat3("insert into tokens values('", esc, "', '");`
		119	`char* query = rv_strcat3(tmp, token, "')");`
1	nishi	120	`free(tmp);`
5	nishi	121	`free(esc);`
		122	`ret = sqlite3_exec(sql, query, NULL, NULL, &err);`
		123	`free(query);`
		124	`if(ret != SQLITE_OK) {`
		125	`sqlite3_free(err);`
		126	`}`
		127	`}`
		128
		129	`char* has_username;`
		130
		131	`int sqlget(void* param, int ncol, char row, char col) {`
		132	`has_username = rv_strdup(row[0]);`
		133	`return 0;`
		134	`}`
		135
		136	`char* rv_who_has_token(const char* token) {`
		137	`char* err;`
		138	`count = 0;`
		139	`char* query = rv_strcat3("select * from tokens where token = '", token, "'");`
1	nishi	140	`int ret;`
5	nishi	141	`has_username = NULL;`
		142	`ret = sqlite3_exec(sql, query, sqlget, (void*)token, &err);`
		143	`free(query);`
		144	`if(ret != SQLITE_OK) {`
		145	`sqlite3_free(err);`
		146	`return NULL;`
		147	`}`
		148	`return has_username;`
		149	`}`
		150
		151	`bool rv_has_token(const char* token) {`
		152	`char* err;`
		153	`char* query = rv_strcat3("select * from tokens where token = '", token, "'");`
		154	`int ret;`
7	nishi	155	`count = 0;`
3	nishi	156	`ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);`
1	nishi	157	`free(query);`
3	nishi	158	`if(ret != SQLITE_OK) {`
1	nishi	159	`sqlite3_free(err);`
		160	`}`
		161	`return count > 0;`
		162	`}`
5	nishi	163
7	nishi	164	`void rv_remove_token(const char* token) {`
		165	`char* err;`
		166	`char* query = rv_strcat3("delete from tokens where token = '", token, "'");`
		167	`int ret;`
		168	`ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);`
		169	`free(query);`
		170	`if(ret != SQLITE_OK) {`
		171	`sqlite3_free(err);`
		172	`}`
		173	`}`
		174
5	nishi	175	`bool rv_has_user(const char* username) {`
		176	`char* err;`
		177	`count = 0;`
		178	`char* esc = escape_sql(username);`
		179	`char* query = rv_strcat3("select * from users where user = '", esc, "'");`
		180	`free(esc);`
		181	`int ret;`
		182	`ret = sqlite3_exec(sql, query, sqlcount, NULL, &err);`
		183	`free(query);`
		184	`if(ret != SQLITE_OK) {`
		185	`sqlite3_free(err);`
		186	`}`
		187	`return count > 0;`
		188	`}`

Subversion Repositories RepoView

(root)/trunk/CGI/db/sqlite.c – Rev 7