DCL 4.0
Loading...
Searching...
No Matches
EShopSession.cpp
Go to the documentation of this file.
1#include <dcl/Config.h>
2
3#if __DCL_WINDOWS
4#include <windows.h>
5#endif
6
7#include <dcl/String.h>
8#include <dcl/Files.h>
9#include <dcl/MD5.h>
10#include <dcl/HttpHeader.h>
11
12#include "EShopServlet.h"
13#include "EShopSession.h"
14
15__DCL_BEGIN_NAMESPACE
16
17#ifdef __DCL_DEBUG
18#undef __THIS_FILE__
19static const wchar_t __THIS_FILE__[] = L"eshop/Session.cpp";
20#endif
21
22EShopSession::EShopSession(
23 HttpServletContextEx& ctx,
24 SQLConnection* pSQLConn
25 ) __DCL_THROWS1(SQLException*)
26{
27 m_pSQLConn = pSQLConn;
28
29 m_nCommand = CM_ABOUT;
30 ListedStringToStringArrayMap::Iterator it = ctx.__queryMap.find(COMMAND_STR);
31 if ((it != ctx.__queryMap.end()) && (!(*it).value.isEmpty())) {
32 try {
33 m_nCommand = Int32::parse((*it).value[0]);
34 }
35 catch(Exception* e) {
36 e->destroy();
37 }
38 }
39
40 m_nUserID = 2;
41 m_nGroupID = 2; //
42 m_strSessionID = ctx.__cookieMap[L"sid"];
43 if (m_strSessionID.isEmpty()) {
44 StringBuilder str = ctx.remoteAddr();
45 str += String::valueOf(ctx.remotePort());
46 str += String::valueOf(time(NULL));
47 m_strSessionID = MD5::final(str);
48
49 __DCL_TRACE2(L"sessionId [%zd][%ls]\n",
50 m_strSessionID.length(), m_strSessionID.data());
51
52 HttpSetCookie cookie(
53 L"sid",
54 m_strSessionID,
55 0,
56 Files::dirname(ctx.path())
57 );
58 ctx.addHeader(cookie);
59
60 SQLQuery q(pSQLConn);
61 q.prepare(L""
62 "INSERT INTO ES_SESSION(SESSION_ID, LAST_USE) "
63 " VALUES(:SESSION_ID, CURRENT_TIMESTAMP)"
64 );
65 q.params()[0].setValue(m_strSessionID);
66 q.execute();
67// __DCL_TRACE1(L"%d\n", q.affectedRows());
68 }
69 else {
70 // user info
71 SQLQuery q(pSQLConn);
72 q.execute(L""
73 "SELECT USER_ID "
74 " FROM ES_SESSION "
75 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
76 );
77 q.fetch();
78 if (!q.eof()) {
79 q.execute(L""
80 "UPDATE ES_SESSION "
81 " SET LAST_USE = CURRENT_TIMESTAMP "
82 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
83 );
84 }
85 else {
86// if (q.affectedRows() == 0)
87// {
88 // mysql에서 1초 미만에 update 했더니 affectedRows() 가 0인 경우가 있다.
89 // 세션 시간이 초과되어 삭제 되었다.
90 // guest 세션을 생성한다.
91 q.prepare(L""
92 "INSERT INTO ES_SESSION(SESSION_ID, USER_ID, LAST_USE) "
93 " VALUES(:SESSION_ID, :USER_ID, CURRENT_TIMESTAMP)"
94 );
95
96 int nUserID = 2;
97 q.params()[0].setValue(m_strSessionID);
98 q.params()[1].setValue(nUserID); // guest id
99 q.execute();
100 __DCL_TRACE1(L"%d\n", q.affectedRows());
101 }
102
103 q.execute(L""
104 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
105 " FROM ES_SESSION S "
106 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
107 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
108 );
109 q.fetch();
110 __DCL_ASSERT(!q.eof());
111
112 m_nUserID = q.fields().byName(L"USER_ID").asInteger();
113 m_nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
114 m_strUserName = q.fields().byName(L"USER_NAME").asString();
115 }
116}
117
118bool EShopSession::login(ListedStringToStringArrayMap& params)
119{
120 __DCL_ASSERT(m_pSQLConn != NULL);
121
122 String strLogin;
123 String strPassword = L"";
124
125 ListedStringToStringArrayMap::Iterator it = params.find(L"login");
126 if ((it != params.end()) && (!(*it).value.isEmpty()))
127 strLogin = (*it).value[0];
128
129 it = params.find(L"password");
130 if ((it != params.end()) && (!(*it).value.isEmpty()))
131 strPassword = (*it).value[0];
132
133 if (strLogin.isEmpty())
134 return false;
135
136 SQLQuery q(m_pSQLConn);
137 q.prepare(L""
138 "SELECT USER_ID FROM ES_USER "
139 " WHERE LOGIN_ID LIKE :LOGIN_ID AND PASSWORD LIKE :PASSWORD"
140 );
141 q.params()[0].setValue(strLogin);
142 q.params()[1].setValue(strPassword);
143
144 q.execute();
145 q.fetch();
146 if (q.eof()) {
147 __DCL_TRACE0(L"false\n");
148 return false;
149 }
150
151 int nUserID = 0;
152 nUserID = q.fields()[0].asInteger();
153
154 __DCL_TRACE1(L"UserID : %d\n", nUserID);
155 q.prepare(L""
156 "UPDATE ES_SESSION SET USER_ID = :USER_ID "
157 " WHERE SESSION_ID LIKE :SESSION_ID"
158 );
159
160 q.params()[0].setValue(nUserID);
161 q.params()[1].setValue(m_strSessionID);
162 q.execute();
163
164 q.execute(L""
165 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
166 " FROM ES_SESSION S "
167 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
168 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
169 );
170 q.fetch();
171 __DCL_ASSERT(!q.eof());
172
173 m_nUserID = q.fields().byName(L"USER_ID").asInteger();
174 m_nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
175 m_strUserName = q.fields().byName(L"USER_NAME").asString();
176
177 return true;
178}
179
180void EShopSession::logout()
181{
182 SQLQuery q(m_pSQLConn);
183 q.execute(L""
184 "DELETE FROM ES_SHOPPING_BASKET "
185 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
186 );
187
188 q.execute(L""
189 "UPDATE ES_SESSION SET USER_ID = 2 "
190 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
191 );
192
193 q.execute(L""
194 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
195 " FROM ES_SESSION S "
196 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
197 " WHERE SESSION_ID = \'" + m_strSessionID + L'\''
198 );
199 q.fetch();
200 __DCL_ASSERT(!q.eof());
201
202 m_nUserID = q.fields().byName(L"USER_ID").asInteger();
203 m_nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
204 m_strUserName = q.fields().byName(L"USER_NAME").asString();
205}
206
207
208void EShopSession::onViewSessions(
209 ListedStringToStringArrayMap& params,
210 Writer& out,
211 const String& strMainCommand,
212 int nMainCommandID,
213 const String& strCommandID,
214 const EShopServlet& _servlet
215 )
216{
217 SQLQuery q(m_pSQLConn);
218
219 ListedStringToStringArrayMap::Iterator it = params.find(L"idle");
220 if (it != params.end())
221 {
222 int nMin = 0;
223 try
224 {
225 nMin = Int32::parse(((*it).value)[0]);
226 }
227 catch(Exception* e)
228 {
229 e->destroy();
230 }
231
232 q.prepare(L""
233 "DELETE FROM ES_SESSION "
234 "WHERE SESSION_ID != :SESSION_ID "
235 " AND (CURRENT_TIMESTAMP - LAST_USE) >= (:MIN * 60) "
236 );
237 q.params()[0].setValue(sessionID());
238 q.params()[1].setValue(nMin);
239 q.execute();
240 }
241
242 TextTemplate tpl(_servlet.readTemplate(L"view_session.html"));
243 String strHREF = String::format(L"?%ls=%d",
244 strMainCommand.data(), nMainCommandID
245 );
246
247 tpl.assign(L"ACTION_HREF", strHREF);
248
249 TextTemplate& row = tpl[L"ROW"];
250 q.execute(L""
251 "SELECT S.SESSION_ID, U.LOGIN_ID, U.USER_NAME,"
252 " S.LAST_USE, (CURRENT_TIMESTAMP - S.LAST_USE) / 60 AS IDLE_TIME\n"
253 "FROM ES_SESSION S\n"
254 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID)\n"
255 "ORDER BY S.LAST_USE"
256 );
257 q.fetch();
258 while(!q.eof())
259 {
260 row.assign(q.fields(), L"&nbsp;");
261 tpl.append(L"ROW", row);
262 q.fetch();
263 }
264
265 out << tpl;
266}
267
268__DCL_END_NAMESPACE
269
270
271
__THIS_FILE__
#define __THIS_FILE__
Definition _trace.h:14
NULL
#define NULL
Definition Config.h:340
__DCL_THROWS1
#define __DCL_THROWS1(e)
Definition Config.h:167
COMMAND_STR
#define COMMAND_STR
Definition EShopServlet.h:90
CM_ABOUT
@ CM_ABOUT
Definition EShopServlet.h:104
__DCL_TRACE0
#define __DCL_TRACE0(psz)
Definition Object.h:375
__DCL_TRACE1
#define __DCL_TRACE1(fmt, arg1)
Definition Object.h:376
__DCL_ASSERT
#define __DCL_ASSERT(expr)
Definition Object.h:371
__DCL_TRACE2
#define __DCL_TRACE2(fmt, arg1, arg2)
Definition Object.h:377
EShopServlet::readTemplate
String readTemplate(const wchar_t *filename) const __DCL_THROWS1(IOException *)
Definition EShopServlet.cpp:404
EShopSession::sessionID
const String & sessionID() const
Definition EShopSession.h:28
EShopSession::m_strSessionID
String m_strSessionID
Definition EShopSession.h:40
EShopSession::m_strUserName
String m_strUserName
Definition EShopSession.h:44
EShopSession::m_pSQLConn
SQLConnection * m_pSQLConn
Definition EShopSession.h:46
EShopSession::login
bool login(ListedStringToStringArrayMap &params)
Definition EShopSession.cpp:118
EShopSession::onViewSessions
void onViewSessions(ListedStringToStringArrayMap &params, Writer &out, const String &strMainCommand, int nMainCommandID, const String &strCommandID, const EShopServlet &_servlet)
Definition EShopSession.cpp:208
EShopSession::EShopSession
EShopSession(HttpServletContextEx &ctx, SQLConnection *pSQLConn) __DCL_THROWS1(SQLException *)
Definition EShopSession.cpp:22
Exception::destroy
virtual void destroy()
Definition Exception.cpp:74
Files::dirname
static String dirname(const String &_path)
Definition Files.cpp:269
Int32::parse
static int32_t parse(const wchar_t *_number, unsigned _base=10) __DCL_THROWS1(NumericConvertException *)
Definition Numeric.cpp:284
MD5::final
String final()
Definition MD5.cpp:80
SQLFields::byName
_CONST SQLField & byName(const wchar_t *_name) _CONST __DCL_THROWS1(InvalidIndexException *)
Definition SQLQuery.cpp:77
SQLQuery::params
_CONST SQLParams & params() _CONST
Definition SQL.inl:144
SQLQuery::prepare
void prepare(const String &_sql) __DCL_THROWS2(SQLException *
SQLQuery::fields
_CONST SQLFields & fields() _CONST
Definition SQL.inl:139
SQLQuery::execute
void CharsetConvertException *void execute() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:307
SQLQuery::affectedRows
int64_t affectedRows() const
Definition SQL.inl:134
SQLQuery::eof
bool eof() const
Definition SQL.inl:129
SQLQuery::fetch
void CharsetConvertException *void fetch() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:329
TextTemplate
Definition TextTemplate.h:22