706c8c2b49fcbd941c9da43c1b8a950c0c33f5ba galt Mon Feb 10 23:54:13 2014 -0800 now converting hgsid and hguid to strings. when the hgsid cart var or hguid cookie is not found it returns NULL instead of 0. diff --git src/hg/lib/cartDb.c src/hg/lib/cartDb.c index 135c9e6..c77d61a 100644 --- src/hg/lib/cartDb.c +++ src/hg/lib/cartDb.c @@ -1,19 +1,33 @@ /* cartDb.c was originally generated by the autoSql program, which also * generated cartDb.h and cartDb.sql. This module links the database and * the RAM representation of objects. */ + +/* + * TODO + * + * autodetect + * or even better auto-upgrade of the userDb and sessionDb tables + * alter table userDb add column sessionKey varchar(255) NOT NULL default ''; + * alter table sessionDb add column sessionKey varchar(255) NOT NULL default ''; + * + * find and modify the .as and .sql corresponding to cartDb + * + * + */ + #include "common.h" #include "linefile.h" #include "dystring.h" #include "jksql.h" #include "hgConfig.h" #include "cartDb.h" boolean cartDbHasSessionKey(struct sqlConnection *conn, char *table) /* Check to see if the table has the sessionKey field */ { static boolean userDbInitialized = FALSE; static boolean sessionDbInitialized = FALSE; static boolean userDbHasSessionKey = FALSE; static boolean sessionDbHasSessionKey = FALSE; if (sameString(table, "userDb")) @@ -56,30 +70,62 @@ char *sessionKey = cfgOption2("browser", "sessionKey"); if (!sessionKey) sessionKey = "off"; // DEFAULT if (sameString(sessionKey, "on")) useSessionKey = TRUE; else if (sameString(sessionKey, "off")) useSessionKey = FALSE; else if (sameString(sessionKey, "autodetect")) { errAbort("brower.sessionKey=autodetect has not implemented yet."); // TODO } } return useSessionKey; } +void cartDbSecureId(char *buf, int bufSize, struct cartDb *cartDb) +/* Return combined string of session id plus sessionKey in buf if turned on.*/ +{ +if (cartDbUseSessionKey() && !sameString(cartDb->sessionKey,"")) + safef(buf, bufSize, "%d_%s", cartDb->id, cartDb->sessionKey); +else + safef(buf, bufSize, "%d", cartDb->id); +} + +unsigned int cartDbParseId(char *id, char **pSessionKey) +/* Parse out the numeric id and id_sessionKey string if present. */ +{ +unsigned int result = 0; +char *e = strchr(id, '_'); +if (e) + *e = 0; +result = sqlUnsigned(id); +if (e) + { + *e = '_'; + if (pSessionKey) + *pSessionKey = e+1; + } +else + { + if (pSessionKey) + *pSessionKey = NULL; + } +return result; +} + + void cartDbStaticLoad(char **row, struct cartDb *ret) /* Load a row from cartDb table into ret. The contents of ret will * be replaced at the next call to this function. */ { ret->id = sqlUnsigned(row[0]); ret->contents = row[1]; ret->reserved = sqlSigned(row[2]); ret->firstUse = row[3]; ret->lastUse = row[4]; ret->useCount = sqlSigned(row[5]); if (cartDbUseSessionKey()) ret->sessionKey = row[6]; } @@ -119,31 +165,31 @@ return list; } struct cartDb *cartDbLoadWhere(struct sqlConnection *conn, char *table, char *where) /* Load all cartDb from table that satisfy where clause. The * where clause may be NULL in which case whole table is loaded * Dispose of this with cartDbFreeList(). */ { struct cartDb *list = NULL, *el; struct dyString *query = dyStringNew(256); struct sqlResult *sr; char **row; sqlDyStringPrintf(query, "select * from %s", table); if (where != NULL) - dyStringPrintf(query, " where %s", where); // the where clause must be checked by caller for sqli + dyStringPrintf(query, " where %-s", where); // the where clause must be checked by caller for sqli sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr)) != NULL) { el = cartDbLoad(row); slAddHead(&list, el); } slReverse(&list); sqlFreeResult(&sr); dyStringFree(&query); return list; } struct cartDb *cartDbCommaIn(char **pS, struct cartDb *ret) /* Create a cartDb out of a comma separated string. * This will fill in ret if non-null, otherwise will