DCL 3.7.4
Loading...
Searching...
No Matches
EShopSession.cpp
Go to the documentation of this file.
1#include <dcl/Config.h>
2
3#ifdef __WINNT__
4#include <windows.h>
5#endif
6
7#include <dcl/String.h>
8#include <dcl/Files.h>
9#include <dcl/MD5.h>
10#include <dcl/HttpHeader.h>
11
12#include "EShopServlet.h"
13#include "EShopSession.h"
14
15__DCL_BEGIN_NAMESPACE
16
17#if __DCL_HAVE_THIS_FILE__
18#undef __THIS_FILE__
19static const char_t __THIS_FILE__[] = L"eshop/Session.cpp";
20#endif
21
22EShopSession::EShopSession(
23 HttpServletContextEx& ctx,
24 SQLConnection* pSQLConn
25) __DCL_THROWS1(SQLException*)
26{
27 __pSQLConn = pSQLConn;
28
29 __nCommand = CM_ABOUT;
30 ListedStringToStringArrayMap::Iterator it = ctx.__queryMap.find(COMMAND_STR);
31 if ((it != ctx.__queryMap.end()) && (!(*it).value.isEmpty())) {
32 try {
33 __nCommand = Int32::parse((*it).value[0]);
34 }
35 catch(Exception* e) {
36 e->destroy();
37 }
38 }
39
40 __nUserID = 2;
41 __nGroupID = 2; //
42 __strSessionID = ctx.__cookieMap[L"sid"];
43 if (__strSessionID.isEmpty()) {
44 StringBuilder str = ctx.remoteAddr();
45 str += String::valueOf(ctx.remotePort());
46 str += String::valueOf(time(NULL));
47 __strSessionID = MD5::final(str);
48
49 __DCL_TRACE2(L"sessionId [%zd][%ls]\n",
50 __strSessionID.length(), __strSessionID.data());
51
52 HttpSetCookie cookie(
53 L"sid",
54 __strSessionID,
55 0,
56 Files::dirname(ctx.path())
57 );
58 ctx.addHeader(cookie);
59
60 SQLQuery q(pSQLConn);
61 q.prepare(L""
62 "INSERT INTO ES_SESSION(SESSION_ID, LAST_USE) "
63 " VALUES(:SESSION_ID, CURRENT_TIMESTAMP)"
64 );
65 q.params()[0].setValue(__strSessionID);
66 q.execute();
67// __DCL_TRACE1(L"%d\n", q.affectedRows());
68 }
69 else {
70 // user info
71 SQLQuery q(pSQLConn);
72 q.execute(L""
73 "SELECT USER_ID "
74 " FROM ES_SESSION "
75 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
76 );
77 q.fetch();
78 if (!q.eof()) {
79 q.execute(L""
80 "UPDATE ES_SESSION "
81 " SET LAST_USE = CURRENT_TIMESTAMP "
82 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
83 );
84 }
85 else {
86// if (q.affectedRows() == 0)
87// {
88 // mysql에서 1초 미만에 update 했더니 affectedRows() 가 0인 경우가 있다.
89 // 세션 시간이 초과되어 삭제 되었다.
90 // guest 세션을 생성한다.
91 q.prepare(L""
92 "INSERT INTO ES_SESSION(SESSION_ID, USER_ID, LAST_USE) "
93 " VALUES(:SESSION_ID, :USER_ID, CURRENT_TIMESTAMP)"
94 );
95
96 int nUserID = 2;
97 q.params()[0].setValue(__strSessionID);
98 q.params()[1].setValue(nUserID); // guest id
99 q.execute();
100 __DCL_TRACE1(L"%d\n", q.affectedRows());
101 }
102
103 q.execute(L""
104 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
105 " FROM ES_SESSION S "
106 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
107 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
108 );
109 q.fetch();
110 __DCL_ASSERT(!q.eof());
111
112 __nUserID = q.fields().byName(L"USER_ID").asInteger();
113 __nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
114 __strUserName = q.fields().byName(L"USER_NAME").asString();
115 }
116}
117
118bool EShopSession::login(ListedStringToStringArrayMap& params)
119{
120 __DCL_ASSERT(__pSQLConn != NULL);
121
122 String strLogin;
123 String strPassword = L"";
124
125 ListedStringToStringArrayMap::Iterator it = params.find(L"login");
126 if ((it != params.end()) && (!(*it).value.isEmpty()))
127 strLogin = (*it).value[0];
128
129 it = params.find(L"password");
130 if ((it != params.end()) && (!(*it).value.isEmpty()))
131 strPassword = (*it).value[0];
132
133 if (strLogin.isEmpty())
134 return false;
135
136 SQLQuery q(__pSQLConn);
137 q.prepare(L""
138 "SELECT USER_ID FROM ES_USER "
139 " WHERE LOGIN_ID LIKE :LOGIN_ID AND PASSWORD LIKE :PASSWORD"
140 );
141 q.params()[0].setValue(strLogin);
142 q.params()[1].setValue(strPassword);
143
144 q.execute();
145 q.fetch();
146 if (q.eof()) {
147 __DCL_TRACE0(L"false\n");
148 return false;
149 }
150
151 int nUserID = 0;
152 nUserID = q.fields()[0].asInteger();
153
154 __DCL_TRACE1(L"UserID : %d\n", nUserID);
155 q.prepare(L""
156 "UPDATE ES_SESSION SET USER_ID = :USER_ID "
157 " WHERE SESSION_ID LIKE :SESSION_ID"
158 );
159
160 q.params()[0].setValue(nUserID);
161 q.params()[1].setValue(__strSessionID);
162 q.execute();
163
164 q.execute(L""
165 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
166 " FROM ES_SESSION S "
167 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
168 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
169 );
170 q.fetch();
171 __DCL_ASSERT(!q.eof());
172
173 __nUserID = q.fields().byName(L"USER_ID").asInteger();
174 __nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
175 __strUserName = q.fields().byName(L"USER_NAME").asString();
176
177 return true;
178}
179
180void EShopSession::logout()
181{
182 SQLQuery q(__pSQLConn);
183 q.execute(L""
184 "DELETE FROM ES_SHOPPING_BASKET "
185 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
186 );
187
188 q.execute(L""
189 "UPDATE ES_SESSION SET USER_ID = 2 "
190 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
191 );
192
193 q.execute(L""
194 "SELECT S.USER_ID, U.GROUP_ID, U.USER_NAME "
195 " FROM ES_SESSION S "
196 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID) "
197 " WHERE SESSION_ID = \'" + __strSessionID + L'\''
198 );
199 q.fetch();
200 __DCL_ASSERT(!q.eof());
201
202 __nUserID = q.fields().byName(L"USER_ID").asInteger();
203 __nGroupID = q.fields().byName(L"GROUP_ID").asInteger();
204 __strUserName = q.fields().byName(L"USER_NAME").asString();
205}
206
207void EShopSession::onViewSessions(
208 ListedStringToStringArrayMap& params,
209 Writer& out,
210 const String& strMainCommand,
211 int nMainCommandID,
212 const String& strCommandID,
213 const EShopServlet& _servlet
214)
215{
216 SQLQuery q(__pSQLConn);
217
218 ListedStringToStringArrayMap::Iterator it = params.find(L"idle");
219 if (it != params.end()) {
220 int nMin = 0;
221 try {
222 nMin = Int32::parse(((*it).value)[0]);
223 }
224 catch(Exception* e) {
225 e->destroy();
226 }
227
228 q.prepare(L""
229 "DELETE FROM ES_SESSION "
230 "WHERE SESSION_ID != :SESSION_ID "
231 " AND (CURRENT_TIMESTAMP - LAST_USE) >= (:MIN * 60) "
232 );
233 q.params()[0].setValue(sessionID());
234 q.params()[1].setValue(nMin);
235 q.execute();
236 }
237
238 TextTemplate tpl(_servlet.readTemplate(L"view_session.html"));
239 String strHREF = String::format(L"?%ls=%d",
240 strMainCommand.data(), nMainCommandID
241 );
242
243 tpl.assign(L"ACTION_HREF", strHREF);
244
245 TextTemplate& row = tpl[L"ROW"];
246 q.execute(L""
247 "SELECT S.SESSION_ID, U.LOGIN_ID, U.USER_NAME,"
248 " S.LAST_USE, (CURRENT_TIMESTAMP - S.LAST_USE) / 60 AS IDLE_TIME\n"
249 "FROM ES_SESSION S\n"
250 " INNER JOIN ES_USER U ON (S.USER_ID = U.USER_ID)\n"
251 "ORDER BY S.LAST_USE"
252 );
253 q.fetch();
254 while(!q.eof()) {
255 row.assign(q.fields(), L"&nbsp;");
256 tpl.append(L"ROW", row);
257 q.fetch();
258 }
259
260 out << tpl;
261}
262
263__DCL_END_NAMESPACE
__THIS_FILE__
#define __THIS_FILE__
Definition _trace.h:14
NULL
#define NULL
Definition Config.h:312
char_t
wchar_t char_t
Definition Config.h:247
__DCL_THROWS1
#define __DCL_THROWS1(e)
Definition Config.h:152
COMMAND_STR
#define COMMAND_STR
Definition EShopServlet.h:91
CM_ABOUT
@ CM_ABOUT
Definition EShopServlet.h:105
__DCL_TRACE0
#define __DCL_TRACE0(psz)
Definition Object.h:398
__DCL_TRACE1
#define __DCL_TRACE1(fmt, arg1)
Definition Object.h:399
__DCL_ASSERT
#define __DCL_ASSERT(expr)
Definition Object.h:394
__DCL_TRACE2
#define __DCL_TRACE2(fmt, arg1, arg2)
Definition Object.h:400
EShopServlet::readTemplate
String readTemplate(const wchar_t *filename) const __DCL_THROWS1(IOException *)
Definition EShopServlet.cpp:394
EShopSession::sessionID
const String & sessionID() const
Definition EShopSession.h:28
EShopSession::__pSQLConn
SQLConnection * __pSQLConn
Definition EShopSession.h:46
EShopSession::login
bool login(ListedStringToStringArrayMap &params)
Definition EShopSession.cpp:118
EShopSession::__strSessionID
String __strSessionID
Definition EShopSession.h:40
EShopSession::onViewSessions
void onViewSessions(ListedStringToStringArrayMap &params, Writer &out, const String &strMainCommand, int nMainCommandID, const String &strCommandID, const EShopServlet &_servlet)
Definition EShopSession.cpp:207
EShopSession::__strUserName
String __strUserName
Definition EShopSession.h:44
EShopSession::EShopSession
EShopSession(HttpServletContextEx &ctx, SQLConnection *pSQLConn) __DCL_THROWS1(SQLException *)
Definition EShopSession.cpp:22
Exception::destroy
virtual void destroy()
Definition Exception.cpp:74
Files::dirname
static String dirname(const String &_path)
Definition Files.cpp:268
Int32::parse
static int32_t parse(const wchar_t *_number, unsigned _base=10) __DCL_THROWS1(NumericConvertException *)
Definition Numeric.cpp:264
MD5::final
String final()
Definition MD5.cpp:80
SQLFields::byName
_CONST SQLField & byName(const wchar_t *_name) _CONST __DCL_THROWS1(InvalidIndexException *)
Definition SQLQuery.cpp:77
SQLQuery::prepare
void prepare(const String &_sql) __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:282
SQLQuery::params
_CONST SQLParams & params() _CONST
Definition SQL.inl:106
SQLQuery::fields
_CONST SQLFields & fields() _CONST
Definition SQL.inl:101
SQLQuery::execute
void execute() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:316
SQLQuery::affectedRows
int64_t affectedRows() const
Definition SQL.inl:96
SQLQuery::eof
bool eof() const
Definition SQL.inl:91
SQLQuery::fetch
void fetch() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:336
TextTemplate
Definition TextTemplate.h:22