DCL 3.7.4
Loading...
Searching...
No Matches
User.cpp
Go to the documentation of this file.
1#include <dcl/Config.h>
2
3#ifdef __WINNT__
4#include <windows.h>
5#endif
6
7#include <dcl/Files.h>
8#include <dcl/DateTime.h>
9#include <dcl/Html.h>
10#include <dcl/URI.h>
11
12#include "ServletMain.h"
13#include "HtmlPage.h"
14#include "LinkUtility.h"
15#include "User.h"
16
17#if __DCL_HAVE_THIS_FILE__
18#undef __THIS_FILE__
19static const char_t __THIS_FILE__[] = __T("fastpage/User.cpp");
20#endif
21
22__DCL_BEGIN_NAMESPACE
23
24IMPLEMENT_CLASSINFO_EX(SignCheckForm, FormView)
25
26SignCheckForm::SignCheckForm(HtmlPage* pPage)
27 : FormView(pPage)
28{
29}
30
31void SignCheckForm::init(SQLFields& fields)
32 __DCL_THROWS1(Exception*)
33{
34 HtmlView::init(fields);
35
36 __mapParams.lookup(L"REJECT", __strReject);
37}
38
39static bool __isValidSignID(const String& strSignID)
40{
41 const wchar_t* psz = strSignID.data();
42 for( ; *psz; psz++) {
43 if (!(
44 (L'a' <= *psz && *psz <= 'z')
45 || (L'0' <= *psz && *psz <= '9')
46 || (*psz == '_')
47 ))
48 return false;
49 }
50 return true;
51}
52
53void SignCheckForm::onPrint(Session& session)
54 __DCL_THROWS1(Exception*)
55{
56 SQLQuery& q = session.__query;
57 ListedStringToStringArrayMap& mapQuery = session.__ctx.__queryMap;
58 ListedStringToStringArrayMap& mapForm = session.__ctx.__formMap;
59
60 String strSignID = getDefault(mapForm, L"SIGN_ID");
61 String strNickname = getDefault(mapForm, L"NICKNAME");
62
63 assign(L"SIGN_ID", strSignID);
64 assign(L"NICKNAME", strNickname);
65
66 if (!strSignID.isEmpty() || !strNickname.isEmpty()) {
67 bool bAcceptSignID = false;
68 bool bAcceptNickname = false;
69
70 q.execute(L""
71 "DELETE FROM DCL_SIGN_LOCK"
72 "\n WHERE UPDATE_TIME < SUBTIME(CURRENT_TIMESTAMP, \'01:00:00\')"
73 );
74
75 q.execute(L"SET AUTOCOMMIT = 0");
76 q.execute(L""
77 "SELECT MESSAGE_ID"
78 "\n FROM DCL_DATA_SOURCE"
79 "\n WHERE USER_ID = 0 AND DS_ID = -1"
80 "\n FOR UPDATE"
81 );
82
83 if (!strSignID.isEmpty()) {
84 strSignID = strSignID.toLowerCase();
85 for( ; ; ) {
86 if (__strReject.contains(strSignID))
87 break; // reject
88
89 if (!__isValidSignID(strSignID))
90 break; // reject
91
92 q.execute(L""
93 "SELECT USER_ID, SIGN_ID"
94 "\n FROM DCL_USER"
95 "\n WHERE SIGN_ID = \'" + strSignID + L"\'"
96 );
97 q.fetch();
98 if (!q.eof() && q.fields()[0].asInteger() != session.__nUserID)
99 break; // reject
100
101 q.execute(L""
102 "SELECT SESSION_ID, SIGN_ID"
103 "\n FROM DCL_SIGN_LOCK"
104 "\n WHERE SIGN_ID = \'" + strSignID + L"\'"
105 );
106 q.fetch();
107 if (!q.eof() && q.fields()[0].asString() != session.__strSessionID)
108 break; // reject
109
110 bAcceptSignID = true;
111 break;
112 }
113 }
114
115 if (!strNickname.isEmpty()) {
116 for( ; ; ) {
117 if (__strReject.contains(strNickname))
118 break; // reject
119
120 q.execute(L""
121 "SELECT USER_ID, NICKNAME"
122 "\n FROM DCL_USER"
123 "\n WHERE NICKNAME = \'" + strNickname + L"\'"
124 );
125 q.fetch();
126 if (!q.eof() && q.fields()[0].asInteger() != session.__nUserID)
127 break; // reject
128
129 q.execute(L""
130 "SELECT SESSION_ID, NICKNAME"
131 "\n FROM DCL_SIGN_LOCK"
132 "\n WHERE NICKNAME = \'" + strNickname + L"\'"
133 );
134 q.fetch();
135 if (!q.eof() && q.fields()[0].asString() != session.__strSessionID)
136 break; // reject
137
138 bAcceptNickname = true;
139 break;
140 }
141 }
142
143 StringBuilder strSQL = L"UPDATE DCL_SIGN_LOCK SET UPDATE_TIME = CURRENT_TIMESTAMP, L";
144 if (!strSignID.isEmpty()) {
145 if (bAcceptSignID)
146 strSQL += L"SIGN_ID = \'" + strSignID + L"\'";
147 else
148 strSQL += L"SIGN_ID = NULL";
149 }
150 if (!strNickname.isEmpty()) {
151 if (!strSignID.isEmpty())
152 strSQL += L", L";
153 if (bAcceptNickname)
154 strSQL += L"NICKNAME = \'" + strNickname + L"\'";
155 else
156 strSQL += L"NICKNAME = NULL";
157 }
158 strSQL += L"\n WHERE SESSION_ID = \'" + session.__strSessionID + L"\'";
159 q.execute(strSQL);
160 if (q.affectedRows() == 0) {
161 try {
162 q.prepare(L""
163 "INSERT INTO DCL_SIGN_LOCK"
164 "\n (SESSION_ID, SIGN_ID, NICKNAME, UPDATE_TIME)"
165 "\n VALUES(:SESSION_ID, :SIGN_ID, :NICKNAME, CURRENT_TIMESTAMP)"
166 );
167
168 q.params()[0].setValue(session.__strSessionID);
169 if (bAcceptSignID)
170 q.params()[1].setValue(strSignID);
171 if (bAcceptNickname)
172 q.params()[2].setValue(strNickname);
173 q.execute();
174 }
175 catch(Exception* e) {
176 __DCL_TRACE1(L"%ls\n", e->toStringAll().data());
177 e->destroy();
178 }
179 }
180
181 q.execute(L"COMMIT");
182 q.execute(L"SET AUTOCOMMIT = 1");
183
184 bool bAcceptAssigned = false;
185 bool bRejectAssigned = false;
186
187 TextTemplate& ACCEPTED = (*this)[L"ACCEPTED"];
188 TextTemplate& REJECTED = (*this)[L"REJECTED"];
189 if (!strSignID.isEmpty()) {
190 if (bAcceptSignID) {
191 assign(L"ACCEPTED_SIGN_ID", strSignID);
192 ACCEPTED.assign(L"SIGN_ID", strSignID);
193 bAcceptAssigned = true;
194 }
195 else {
196 REJECTED.assign(L"SIGN_ID", strSignID);
197 bRejectAssigned = true;
198 }
199 }
200
201 if (!strNickname.isEmpty()) {
202 if (bAcceptNickname) {
203 assign(L"ACCEPTED_NICKNAME", strNickname);
204 ACCEPTED.assign(L"NICKNAME", strNickname);
205 bAcceptAssigned = true;
206 }
207 else {
208 REJECTED.assign(L"NICKNAME", strNickname);
209 bRejectAssigned = true;
210 }
211 }
212
213 if (bAcceptAssigned) {
214 ACCEPTED.assign(L"VNO", VNO());
215 assign(L"ACCEPTED", ACCEPTED);
216 }
217 if (bRejectAssigned) {
218 REJECTED.assign(L"VNO", VNO());
219 assign(L"REJECTED", REJECTED);
220 }
221 }
222
223 FormView::onPrint(session);
224}
225
226void SignCheckForm::onPost(Session& session)
227 __DCL_THROWS1(Exception*)
228{
229 __pPage->print(session);
230}
231
232IMPLEMENT_CLASSINFO_EX(UserListView, HtmlView)
233
234UserListView::UserListView(HtmlPage* pPage)
235 : HtmlView(pPage)
236{
237 __nParts = DEFAULT_PARTS;
238 __nRows = DEFAULT_ROWS;
239 __nShortComment = DEFAULT_SHORT_STRING;
240 __origin = ORIGIN_ALL;
241 __bNoAsc = false;
242}
243
244void UserListView::init(SQLFields& fields)
245 __DCL_THROWS1(Exception*)
246{
247 HtmlView::init(fields);
248
249 __mapParams.lookup(L"DETAIL", __strDetailPage);
250 __mapParams.lookup(L"WRITE", __strWritePage);
251
252 String rValue;
253 if (__mapParams.lookup(L"PARTS", rValue) && !rValue.isEmpty()) {
254 int n = Integer::parse(rValue, 10, 0);
255 if (5 <= n && n <= 20)
256 __nParts = n;
257 }
258
259 if (__mapParams.lookup(L"ROWS", rValue) && !rValue.isEmpty()) {
260 __nRows = Integer::parse(rValue, 10, __nRows);
261 if (__nRows <= 0)
262 __nRows = 20;
263 }
264
265 if (__mapParams.lookup(L"SHORT_COMMENT", rValue) && !rValue.isEmpty()) {
266 int n = Integer::parse(rValue, 10, __nShortComment);
267 if (n > 0)
268 __nShortComment = n;
269 }
270
271 if (__mapParams.lookup(L"ORIGIN", rValue) && !rValue.isEmpty()) {
272 if (!rValue.compareNoCase(L"USER"))
273 __origin = ORIGIN_USER;
274 else if (!rValue.compareNoCase(L"GROUP"))
275 __origin = ORIGIN_GROUP;
276 else if (!rValue.compareNoCase(L"SYSTEM"))
277 __origin = ORIGIN_SYSTEM;
278 }
279 if (__mapParams.lookup(L"NO", rValue) && !rValue.isEmpty()) {
280 if (!rValue.compareNoCase(L"ASC"))
281 __bNoAsc = true;
282 }
283}
284
285void UserListView::onPrint(Session& session)
286 __DCL_THROWS1(Exception*)
287{
288 SQLQuery& q = session.__query;
289 ListedStringToStringArrayMap& mapQuery = session.__ctx.__queryMap;
290
291 int nCurrentPart = Integer::parse(getDefault(mapQuery, L"part"), 10, 1);
292 int nRows = __nRows;
293
294 String strDetailPage = __strDetailPage;
295 String strWritePage = __strWritePage;
296 StringBuilder strThisPage = __pPage->__strPageID;
297 String strThisPageEnc;
298
299 String strOrigin = getDefault(mapQuery, L"origin");
300 String strCategoryID = getDefault(mapQuery, L"category");
301 String strName = getDefault(mapQuery, L"name");
302 String strOwner = getDefault(mapQuery, L"owner");
303 String strSort = getDefault(mapQuery, L"sort");
304
305 StringBuilder strWhere;
306 String strOrderBy;
307
308 switch(__origin) {
309 default :
310 case ORIGIN_ALL: {
311 if (!strCategoryID.isEmpty())
312 strWhere = L"U.CATEGORY_ID = " + strCategoryID;
313 else if (!strOrigin.isEmpty()) {
314 int nOrigin = Integer::parse(strOrigin, 10, 0);
315 if (nOrigin > 0)
316 strWhere = L"U.CATEGORY_ID > 0";
317 else if (nOrigin < 0)
318 strWhere = L"U.CATEGORY_ID < 0";
319 else
320 strWhere = L"U.CATEGORY_ID = 0";
321 }
322 break;
323 }
324 case ORIGIN_GROUP: {
325 int nCategoryID = Integer::parse(strCategoryID, 10, 0);
326 if (nCategoryID > 0)
327 nCategoryID = -nCategoryID;
328 if (nCategoryID < 0)
329 strWhere = L"U.CATEGORY_ID = " + String::valueOf(nCategoryID);
330 else
331 strWhere = L"U.CATEGORY_ID < 0";
332 break;
333 }
334 case ORIGIN_USER : {
335 int nCategoryID = Integer::parse(strCategoryID, 10, 0);
336 if (nCategoryID < 0)
337 nCategoryID = -nCategoryID;
338
339 if (nCategoryID > 0)
340 strWhere = L"U.CATEGORY_ID = " + String::valueOf(nCategoryID);
341 else
342 strWhere = L"U.CATEGORY_ID > 0";
343 break;
344 }
345 case ORIGIN_SYSTEM: {
346 strWhere = L"U.CATEGORY_ID = 0";
347 break;
348 }
349 }
350
351 if (!strName.isEmpty() || !strOwner.isEmpty()) {
352 if (!strWhere.isEmpty())
353 strWhere += L" AND ";
354
355 if (!strName.isEmpty())
356 strWhere += L"(U.SIGN_ID LIKE \'%" + strName + L"%\'"
357 " OR U.USER_NAME LIKE \'%" + strName + L"%\')";
358 else
359 strWhere += L"(O.SIGN_ID LIKE \'%" + strOwner + L"%\'"
360 " OR O.USER_NAME LIKE \'%" + strOwner + L"%\')";
361 }
362
363 if (!strCategoryID.isEmpty())
364 strThisPage += L"&category=" + strCategoryID;
365 else if (!strOrigin.isEmpty())
366 strThisPage += L"&origin=" + strOrigin;
367
368 if (!strSort.isEmpty()) {
369 if (strSort == L"member") {
370 strOrderBy = L"U.NUSER DESC, U.USER_NAME ASC";
371 strThisPage += L"&sort=member";
372 }
373/* else if (strSort == L"visit") {
374 strOrderBy = L" G.NVISIT_ALL DESC,";
375 strThisPage += L"&sort=visit";
376 }
377*/ else if (strSort == L"message") {
378 strOrderBy = L"U.NMESSAGE DESC, U.USER_NAME ASC";
379 strThisPage += L"&sort=message";
380 }
381 else if (session.isSysAdmin()) {
382 if (strSort == L"id") { // && session.isSysAdmin())
383 // 관리자만 USER_ID를 사용하여 소트할 수 있다.
384 strOrderBy = L"U.USER_ID ASC";
385 strThisPage += L"&sort=id";
386 }
387 else if (strSort == L"sign") {
388 strOrderBy = L"U.SIGN_ID ASC, U.USER_NAME ASC";
389 strThisPage += L"&sort=sign";
390 }
391 else if (strSort == L"name") {
392 strOrderBy = L"U.USER_NAME ASC, U.SIGN_ID ASC";
393 strThisPage += L"&sort=name";
394 }
395 else if (strSort == L"owner") {
396 strOrderBy = L"U.OWNER_ID ASC, U.USER_ID ASC";
397 strThisPage += L"&sort=owner";
398 }
399 else if (strSort == L"register") {
400 strOrderBy = L"U.REGISTER_DATE DESC, U.SIGN_ID ASC";
401 strThisPage += L"&sort=register";
402 }
403 }
404 }
405
406 if (strOrderBy.isEmpty())
407 strOrderBy = L"U.NMEMBER DESC, U.NMESSAGE DESC, U.USER_NAME ASC";
408
409// __DCL_TRACE1(L"\n%ls\n", strWhere.data());
410// __DCL_TRACE1(L"\n%ls\n", strOrderBy.data());
411
412 assign(L"DETAIL", strDetailPage);
413 assign(L"WRITE", strWritePage);
414 assign(L"SORT", strSort);
415 assign(L"CATEGORY", strCategoryID);
416 assign(L"ORIGIN", strOrigin);
417 assign(L"NAME", strName);
418 assign(L"OWNER", strOwner);
419
420 int nUsingRecord = nRows;
421 int nTotalRecord = nUsingRecord;
422 int nTotalPart = 1;
423
424 // nNo를 표시하기 위해서 조건에 만족하는 전체레코드의 개수가 항상 필요하다.
425 StringBuilder strSQL = L""
426 "SELECT COUNT(*) "
427 "\n FROM DCL_USER AS U";
428 if (!strOwner.isEmpty())
429 strSQL += L"\n INNER JOIN DCL_USER AS O ON (U.OWNER_ID = O.USER_ID)";
430 if (!strWhere.isEmpty())
431 strSQL += L"\n WHERE " + strWhere.toString();
432
433 q.execute(strSQL);
434 q.fetch();
435 nTotalRecord = q.fields()[0].asInteger();
436 if (nTotalRecord == 0) {
437 assign(L"EMPTY", (*this)[L"EMPTY"]);
438 HtmlView::onPrint(session);
439 return;
440 }
441
442 __DCL_VERIFY(nTotalRecord > 0);
443
444 nTotalPart = nTotalRecord / nUsingRecord;
445 if (nTotalRecord % nUsingRecord)
446 nTotalPart++;
447
448 if (nCurrentPart <= 0 || nCurrentPart > nTotalPart)
449 nCurrentPart = nTotalPart;
450
451 StringBuilder strThisPageEx = strThisPage;
452 if (nCurrentPart > 1)
453 strThisPageEx += L"&part=" + String::valueOf(nCurrentPart);
454 strThisPageEnc = URLEncoder::encode(strThisPageEx);
455
456 assign(L"_THIS", strThisPageEnc);
457 if (!session.isSysGuest()) {
458 TextTemplate& ADD = (*this)[L"ADD"];
459 ADD.assign(L"WRITE", strWritePage);
460 ADD.assign(L"CATEGORY_ID", strCategoryID);
461 ADD.assign(L"_THIS", strThisPageEnc);
462 assign(L"ADD", ADD);
463 }
464 else
465 assign(L"ADD", (*this)[L"NADD"]);
466
467 int nOffset = (nCurrentPart - 1) * nUsingRecord;
468
469 int nNo = nTotalRecord - ((nCurrentPart - 1) * nUsingRecord);
470 int nRow = 1;
471
472 TextTemplate& ROW = (*this)[L"ROW"];
473
474 strSQL = L""
475 "SELECT U.USER_ID, U.SIGN_ID, U.USER_NAME, U.NICKNAME"
476 "\n, U.CATEGORY_ID, U.ROLE_ID, U.OWNER_ID"
477 "\n, U.OPEN_LEVEL, U.REGISTER_DATE, U.COMMENT"
478 "\n, U.TODAY_NMEMBER, U.TODAY_NMESSAGE, U.TODAY_NVISIT"
479 "\n, U.NMEMBER, U.NMESSAGE, U.NVISIT"
480 "\n, R.ROLE_NAME"
481 "\n, O.USER_NAME AS OWNER_NAME, O.NICKNAME AS OWNER_NICKNAME"
482 "\n FROM DCL_USER AS U"
483 "\n INNER JOIN DCL_ROLE AS R ON (U.ROLE_ID = R.ROLE_ID)"
484 "\n INNER JOIN DCL_USER AS O ON (U.OWNER_ID = O.USER_ID)";
485 if (!strWhere.isEmpty())
486 strSQL += L"\n WHERE " + strWhere.toString();
487 strSQL += L""
488 "\n ORDER BY " + strOrderBy + L""
489 "\n LIMIT " + String::valueOf(nUsingRecord) + L""
490 "\n OFFSET " + String::valueOf(nOffset);
491
492 __DCL_TRACE1(L"\n%ls\n", strSQL.data());
493
494 q.execute(strSQL);
495 q.fetch();
496 if (q.eof())
497 assign(L"EMPTY", (*this)[L"EMPTY"]);
498 else {
499 if (__bNoAsc)
500 nNo = 1;
501 do {
502 ROW.assign(q.fields(), L"&nbsp;");
503
504 if (session.isSysAdmin()) {
505 int nCategoryID = q.fields().byName(L"CATEGORY_ID").asInteger();
506 String strOrigin;
507 if (nCategoryID > 0)
508 strOrigin = L"개인";
509 else if (nCategoryID < 0)
510 strOrigin = L"그룹";
511 else
512 strOrigin = L"시스템";
513 ROW.assign(L"ORIGIN", strOrigin);
514 }
515
516 if (__nShortComment > 0) {
517 String strLong;
518 String strShort;
519 if (getShortString(q.fields().byName(L"COMMENT"),
520 __nShortComment, strLong, strShort) == 0
521 ) {
522 strShort = L"&nbsp;";
523 }
524
525 ROW.assign(L"SHORT_COMMENT", strShort);
526 ROW.assign(L"COMMENT", strLong);
527 }
528
529 ROW.assign(L"NO", String::valueOf(nNo));
530 if (__bNoAsc)
531 nNo++;
532 else
533 nNo--;
534
535 ROW.assign(L"DETAIL", strDetailPage);
536 ROW.assign(L"WRITE", strWritePage);
537 ROW.assign(L"_THIS", strThisPageEnc);
538#ifdef __DCL_DEBUG
539 ROW.assign(L"_DHE", L"dhed");
540#else
541 ROW.assign(L"_DHE", L"dhe");
542#endif
543 append(L"ROW", ROW);
544
545 q.fetch();
546 } while(!q.eof());
547
548 TextTemplate* pPART_LINK = atP(L"PART_LINK");
549 if (pPART_LINK && nTotalPart > 1) {
550 PartLink pl(pPART_LINK, strThisPage, String());
551 pl.assign(this, nTotalPart, nCurrentPart, __nParts);
552 }
553 }
554
555 HtmlView::onPrint(session);
556}
557
558IMPLEMENT_CLASSINFO_EX(UserWriteForm, FormView)
559
560UserWriteForm::UserWriteForm(HtmlPage* pPage)
561 : FormView(pPage)
562{
563 __origin = ORIGIN_ALL;
564}
565
566void UserWriteForm::init(SQLFields& fields)
567 __DCL_THROWS1(Exception*)
568{
569 FormView::init(fields);
570
571 __mapParams.lookup(L"LIST", __strListPage);
572 __mapParams.lookup(L"DETAIL", __strDetailPage);
573
574 String rValue;
575 if (__mapParams.lookup(L"ORIGIN", rValue) && !rValue.isEmpty()) {
576 if (!rValue.compareNoCase(L"USER"))
577 __origin = ORIGIN_USER;
578 else if (!rValue.compareNoCase(L"GROUP"))
579 __origin = ORIGIN_GROUP;
580 else if (!rValue.compareNoCase(L"SYSTEM"))
581 __origin = ORIGIN_SYSTEM;
582 }
583}
584
585void UserWriteForm::onPrint(Session& session)
586 __DCL_THROWS1(Exception*)
587{
588 ListedStringToStringArrayMap& mapQuery = session.__ctx.__queryMap;
589 SQLQuery& q = session.__query;
590
591 String strListPage = getDefault(mapQuery, L"list");
592 if (!strListPage.isEmpty()) {
593 String strListPageEnc = URLEncoder::encode(strListPage);
594 assign(L"_LIST", strListPageEnc);
595 }
596 else
597 strListPage = __strListPage;
598
599 assign(L"LIST", strListPage);
600
601 TextTemplate* pROLE = atP(L"ROLE");
602 if (pROLE) {
603 q.execute(L""
604 "SELECT ROLE_ID, ROLE_NAME FROM DCL_ROLE"
605// "\n WHERE ROLE_ID > 0"
606 "\n ORDER BY ROLE_ID"
607 );
608 q.fetch();
609 while(!q.eof()) {
610 pROLE->assign(q.fields(), L"");
611 append(L"ROLE", *pROLE);
612 q.fetch();
613 }
614 }
615
616#define CM_INVALID 0
617#define CM_INSERT 1
618#define CM_UPDATE 2
619 int nCM = CM_INVALID;
620
621 int nCategoryID = SYSTEM_CATEGORY_ID;
622 int nUserID = Session::NOUSER_USER_ID;
623 {
624 String strCategoryID = getDefault(mapQuery, L"category");
625
626 // "category"가 있으면 새로운 사용자
627 // "category"와 "user" 모두가 비어 있으면 현재 세션의 사용자
628 if (!strCategoryID.isEmpty()) {
629 nCM = CM_INSERT;
630 assign(L"ACTION", L"&category=" + strCategoryID);
631 nCategoryID = Integer::parse(strCategoryID, 10, nCategoryID);
632
633 if (nCategoryID == SYSTEM_CATEGORY_ID) {
634 if (!session.isSysAdmin()) {
635 __DCL_TRACE0(L"Invalid User\n");
636 return;
637 }
638 }
639 else {
640 switch(__origin) {
641 case ORIGIN_USER: {
642 if (nCategoryID < 0)
643 nCategoryID = -nCategoryID;
644 break;
645 }
646 case ORIGIN_GROUP: {
647 if (nCategoryID > 0)
648 nCategoryID = -nCategoryID;
649 }
650 }
651 }
652
653 // CATEGORY_ID 검사
654 q.execute(L""
655 "SELECT CATEGORY_ID, CATEGORY_NAME"
656 "\n FROM DCL_GROUP_CATEGORY"
657 "\n WHERE CATEGORY_ID = " + String::valueOf(nCategoryID)
658 );
659 q.fetch();
660 if (q.eof()) {
661 // invalid CATEGORY_ID
662 __DCL_TRACE1(L"Invalid CATEGORY_ID: %d\n", nCategoryID);
663 return;
664 }
665 }
666 else {
667 nCM = CM_UPDATE;
668 String strUserID = getDefault(mapQuery, L"user");
669 if (!strUserID.isEmpty()) {
670 assign(L"ACTION", L"&user=" + strUserID);
671 nUserID = Integer::parse(strUserID, 10, nUserID);
672 }
673 else
674 nUserID = session.__nUserID;
675
676 if (session.isSysGuest()) {
677 __DCL_TRACE0(L"Invalid User\n");
678 return;
679 }
680 }
681 }
682
683 if (nCM == CM_INVALID)
684 return;
685
686 {
687 String strOrigin;
688 if (nCategoryID > 0)
689 strOrigin = L"개인";
690 else if (nCategoryID < 0)
691 strOrigin = L"그룹";
692 else
693 strOrigin = L"시스템";
694 assign(L"ORIGIN", strOrigin);
695 }
696
697 if (nCM == CM_INSERT) {
698 assign(q.fields(), L"");
699 assign(L"ROLE_ID", String::valueOf(Session::DEFAULT_ROLE_ID));
700 }
701 else {
702 // CM_UPDATE
703 q.execute(L""
704 "SELECT U.USER_ID, U.SIGN_ID, U.USER_NAME, U.NICKNAME"
705 "\n,U.ROLE_ID, U.OWNER_ID, U.CATEGORY_ID"
706 "\n,U.OPEN_LEVEL, U.REMARK"
707 "\n,U.JUMIN_NUMBER"
708 "\n,U.BIRTHDAY, U.SEX, U.MARRIAGE"
709 "\n,U.JOB, U.OFFICE"
710 "\n,U.COMMENT"
711 "\n,U.EMAIL, U.HOMEPAGE, U.MESSENGER1, U.MESSENGER2, U.TEL1, U.TEL2"
712 "\n,U.ZIPCODE, U.ADDR, U.ADDR_BUNJI, U.PIC_NAME"
713 "\n,O.USER_NAME AS OWNER_NAME"
714 "\n,C.CATEGORY_NAME"
715 "\n FROM DCL_USER AS U"
716 "\n INNER JOIN DCL_USER AS O ON (U.OWNER_ID = O.USER_ID)"
717 "\n INNER JOIN DCL_USER_CATEGORY AS C ON (U.CATEGORY_ID = C.CATEGORY_ID)"
718 "\n WHERE U.USER_ID = " + String::valueOf(nUserID)
719 );
720 q.fetch();
721 if (q.eof()) {
722 __DCL_TRACE1(L"Invalid User : %d\n", nUserID);
723 return;
724 }
725
726 assign(q.fields(), L"");
727 }
728
729 FormView::onPrint(session);
730}
731
732void UserWriteForm::onPost(Session& session)
733 __DCL_THROWS1(Exception*)
734{
735 session.__ctx.setContentType(L"text/html");
736// dump(session);
737// return;
738
739 SQLQuery& q = session.__query;
740 ListedStringToStringArrayMap& mapQuery = session.__ctx.__queryMap;
741 ListedStringToStringArrayMap& mapForm = session.__ctx.__formMap;
742
743 int nCM = CM_INVALID;
744
745 int nCategoryID = SYSTEM_CATEGORY_ID;
746 int nUserID = Session::NOUSER_USER_ID;
747 {
748 String strCategoryID = getDefault(mapQuery, L"category");
749
750 // "category"가 있으면 새로운 사용자
751 // "category"와 "user" 둘다 비어 있으면 현재 세션의 사용자
752 if (!strCategoryID.isEmpty()) {
753 nCM = CM_INSERT;
754
755 nCategoryID = Integer::parse(strCategoryID, 10, nCategoryID);
756 if (nCategoryID == SYSTEM_CATEGORY_ID) {
757 if (!session.isSysAdmin()) {
758 __DCL_TRACE0(L"Invalid User\n");
759 return;
760 }
761 }
762 else {
763 switch(__origin) {
764 case ORIGIN_USER: {
765 if (nCategoryID < 0)
766 nCategoryID = -nCategoryID;
767 break;
768 }
769 case ORIGIN_GROUP: {
770 if (nCategoryID > 0)
771 nCategoryID = -nCategoryID;
772 }
773 }
774 }
775
776 // CATEGORY_ID 검사
777 q.execute(L""
778 "SELECT CATEGORY_ID, CATEGORY_NAME"
779 "\n FROM DCL_GROUP_CATEGORY"
780 "\n WHERE CATEGORY_ID = " + String::valueOf(nCategoryID)
781 );
782 q.fetch();
783 if (q.eof()) {
784 // invalid CATEGORY_ID
785 __DCL_TRACE1(L"Invalid CATEGORY_ID: %d\n", nCategoryID);
786 return;
787 }
788 }
789 else {
790 nCM = CM_UPDATE;
791 if (session.isSysGuest()) {
792 __DCL_TRACE0(L"Invalid User\n");
793 return;
794 }
795
796 String strUserID = getDefault(mapQuery, L"user");
797 if (!strUserID.isEmpty())
798 nUserID = Integer::parse(strUserID, 10, nUserID);
799 else
800 nUserID = session.__nUserID;
801
802 strUserID = getDefault(mapForm, L"USER_ID");
803 if (strUserID.isEmpty()
804 || nUserID != Integer::parse(strUserID, 10, Session::NOUSER_USER_ID)
805 ) {
806 __DCL_TRACE2(L"%d != %ls\n", nUserID, strUserID.data());
807 return;
808 }
809
810 nCategoryID = Integer::parse(getDefault(mapForm, L"CATEGORY_ID"), 10, 0);
811 }
812 }
813
814 if (nCM == CM_INVALID) {
815 TRACE0(L"CM_INVALID\n");
816 return;
817 }
818#ifdef __DCL_DEBUG
819 else if (nCM == CM_INSERT)
820 TRACE0(L"CM_INSERT\n");
821 else
822 TRACE0(L"CM_UPDATE\n");
823#endif
824
825 bool bModifiedSignID = false;
826
827 String strSignID = getDefault(mapForm, L"SIGN_ID");
828 {
829 String strOrgSignID = getDefault(mapForm, L"_SIGN_ID");
830 if (strSignID != strOrgSignID) {
831 // SIGN_ID가 변경되었다. 변경된 SIGN_ID는 SIGN_LOCK.SIGN_ID와 값이 같아야 한다.
832 // check SIGN_ID
833 q.execute(L""
834 "SELECT SIGN_ID"
835 "\n FROM DCL_SIGN_LOCK"
836 "\n WHERE SESSION_ID = \'" + session.__strSessionID + L"\'"
837 );
838 q.fetch();
839 if (q.eof()
840 || q.fields()[0].isNull()
841 || q.fields()[0].asString() != strSignID
842 ) {
843 __DCL_TRACE1(L"검사되지 않은 SIGN_ID !! - \"%ls\"\n", strSignID.data());
844 return;
845 }
846 bModifiedSignID = true;
847 }
848 }
849
850 String strPassword = getDefault(mapForm, L"PASSWORD");
851 String strUserName = getDefault(mapForm, L"USER_NAME");
852 String strNickname = getDefault(mapForm, L"NICKNAME");
853
854 String strComment = Html::strip(getDefault(mapForm, L"COMMENT"), NULL);
855 String strRemark = getDefault(mapForm, L"REMARK");
856
857 String strJuminNumber = getDefault(mapForm, L"JUMIN_NUMBER");
858 String strBirthday = getDefault(mapForm, L"BIRTHDAY");
859 String strSex = getDefault(mapForm, L"SEX");
860 String strMarriage = getDefault(mapForm, L"MARRIAGE");
861 String strJob = getDefault(mapForm, L"JOB");
862 String strOffice = getDefault(mapForm, L"OFFICE");
863
864 String strEMail = getDefault(mapForm, L"EMAIL");
865 String strHomePage = getDefault(mapForm, L"HOMEPAGE");
866 String strMessenger1 = getDefault(mapForm, L"MESSENGER1");
867 String strMessenger2 = getDefault(mapForm, L"MESSENGER2");
868 String strTel1 = getDefault(mapForm, L"TEL1");
869 String strTel2 = getDefault(mapForm, L"TEL2");
870
871 String strZipcode = getDefault(mapForm, L"ZIPCODE");
872 String strAddr = getDefault(mapForm, L"ADDR");
873 String strAddrBunji = getDefault(mapForm, L"ADDR_BUNJI");
874
875 int nOwnerID = Integer::parse(getDefault(mapForm, L"OWNER_ID"), 10, Session::SYSTEM_USER_ID);
876 int nRoleID = Integer::parse(getDefault(mapForm, L"ROLE_ID")
877 ,10, Session::DEFAULT_ROLE_ID);
878 int nOpenLevel = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL")
879 , 10, 0);
880 {
881 int nMembership = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL_MEMBERSHIP"), 10, 0);
882 int nMember = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL_MEMBER"), 10, 0);
883 int nLife = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL_LIFE"), 10, 0);
884 int nContect = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL_CONTECT"), 10, 0);
885 int nAddress = Integer::parse(getDefault(mapForm, L"OPEN_LEVEL_ADDRESS"), 10, 0);
886
887 int n = nMembership | (nMember << 4)
888 | (nLife << 16) | (nContect << 20) | (nAddress << 24);
889
890 if (nOpenLevel != n) {
891 __DCL_TRACE2(L"Warning! Not Equal %x != %x\n", nOpenLevel, n);
892 nOpenLevel = n;
893 }
894 }
895
896 int nSex = Integer::parse(strSex, 10, 0);
897 int nMarriage = Integer::parse(strMarriage, 10, 0);
898
899 bool bValidPicture = false;
900 String strPicType;
901 String strPicName;
902 ByteString picData;
903 if (session.__ctx.__formFileMap.size() > 0) {
904 StoredHttpFormData::FileInfoArray& vPicture =
905 session.__ctx.__formFileMap[0];
906 if (vPicture.size() > 0 &&
907 vPicture[0].contentType.compareNoCase(L"image/", 6) == 0
908 ) {
909 strPicType = vPicture[0].contentType;
910 strPicName = vPicture[0].filename;
911
912 try {
913 picData = Files::readBytes(vPicture[0].filename);
914 }
915 catch(IOException* e) {
916 __DCL_TRACE1(L"picData read error %ls", e->toStringAll().data());
917 e->destroy();
918 }
919 }
920 }
921
922 String strSQL;
923 if (nCM == CM_INSERT) {
924 strSQL = L""
925 "INSERT INTO DCL_USER"
926 "\n( USER_ID, SIGN_ID, PASSWORD, USER_NAME, NICKNAME"
927 "\n, ROLE_ID, OWNER_ID, CATEGORY_ID, OPEN_LEVEL"
928 "\n, REGISTER_DATE, REMARK, UPDATE_TIME"
929 "\n, LAST_SIGNIN, LAST_USE, TODAY"
930 "\n, JUMIN_NUMBER, BIRTHDAY, SEX, MARRIAGE, JOB, OFFICE, COMMENT"
931 "\n, EMAIL, MESSENGER1, MESSENGER2, TEL1, TEL2"
932 "\n, ZIPCODE, ADDR, ADDR_BUNJI"
933 "\n, PIC_NAME, PIC_TYPE, PIC_DATA)"
934 "\nVALUES"
935 "\n( :USER_ID, :SIGN_ID, :PASSWORD, :USER_NAME, :NICKNAME"
936 "\n, :ROLE_ID, :OWNER_ID, :CATEGORY_ID, :OPEN_LEVEL"
937 "\n, CURRENT_DATE, :REMARK, CURRENT_TIMESTAMP"
938 "\n, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, CURRENT_DATE"
939 "\n, :JUMIN_NUMBER, :BIRTHDAY, :SEX, :MARRIAGE, :JOB, :OFFICE, :COMMENT"
940 "\n, :EMAIL, :MESSENGER1, :MESSENGER2, :TEL1, :TEL2"
941 "\n, :ZIPCODE, :ADDR, :ADDR_BUNJI"
942 "\n, :PIC_NAME, :PIC_TYPE, :PIC_DATA)";
943
944 if (nCategoryID == SYSTEM_CATEGORY_ID) {
945 nOwnerID = Session::SYSTEM_USER_ID;
946 if (nUserID == Session::NOUSER_USER_ID) {
947 q.execute(L""
948 "SELECT MAX(USER_ID) + 1"
949 "\n FROM DCL_USER"
950 "\n WHERE USER_ID < " + String::valueOf(Session::GUEST_USER_ID)
951 );
952 q.fetch();
953 __DCL_ASSERT(!q.eof() && !q.fields()[0].isNull());
954 nUserID = q.fields()[0].asInteger();
955 }
956 }
957 else {
958 q.execute(L"SET AUTOCOMMIT = 0");
959 q.execute(L""
960 "SELECT MESSAGE_ID"
961 "\n FROM DCL_DATA_SOURCE"
962 "\n WHERE USER_ID = 0 AND DS_ID = -1"
963 "\n FOR UPDATE"
964 );
965 q.fetch();
966 nUserID = q.fields()[0].asInteger();
967 if (nCategoryID < SYSTEM_CATEGORY_ID) // GROUP
968 nOwnerID = session.__nUserID;
969 else
970 nOwnerID = nUserID;
971 }
972 }
973 else {
974 // CM_UPDATE
975 strSQL = L""
976 "UPDATE DCL_USER SET"
977 "\n SIGN_ID = :SIGN_ID, PASSWORD = :PASSWORD"
978 "\n, USER_NAME = :USER_NAME, NICKNAME = :NICKNAME"
979 "\n, ROLE_ID = :ROLE_ID, OWNER_ID = :OWNER_ID"
980 "\n, CATEGORY_ID = :CATEGORY_ID, OPEN_LEVEL = :OPEN_LEVEL"
981 "\n, REMARK = :REMARK"
982 "\n, UPDATE_TIME = CURRENT_TIMESTAMP"
983 "\n, JUMIN_NUMBER = :JUMIN_NUMBER, BIRTHDAY = :BIRTHDAY"
984 "\n, SEX = :SEX, MARRIAGE = :MARRIAGE"
985 "\n, JOB = :JOB, OFFICE = :OFFICE"
986 "\n, COMMENT = :COMMENT"
987 "\n, EMAIL = :EMAIL, MESSENGER1 = :MESSENGER1, MESSENGER2 = :MESSENGER2"
988 "\n, TEL1 = :TEL1, TEL2 = :TEL2"
989 "\n, ZIPCODE = :ZIPCODE, ADDR = :ADDR, ADDR_BUNJI = :ADDR_BUNJI"
990 "\n, PIC_NAME = :PIC_NAME, PIC_TYPE = :PIC_TYPE, PIC_DATA = :PIC_DATA"
991 "\n WHERE USER_ID = :USER_ID";
992 }
993
994 __DCL_TRACE1(L"%ls\n", strSQL.data());
995 try {
996 q.prepare(strSQL);
997 SQLParams& params = q.params();
998 params.byName(L"USER_ID").setValue(nUserID);
999 params.byName(L"SIGN_ID").setValue(strSignID);
1000 params.byName(L"PASSWORD").setValue(strPassword);
1001 params.byName(L"USER_NAME").setValue(strUserName);
1002 params.byName(L"ROLE_ID").setValue(nRoleID);
1003 params.byName(L"OWNER_ID").setValue(nOwnerID);
1004 params.byName(L"CATEGORY_ID").setValue(nCategoryID);
1005 params.byName(L"OPEN_LEVEL").setValue(nOpenLevel);
1006
1007 params.byName(L"REMARK").setValue(strRemark);
1008
1009 if (!strJuminNumber.isEmpty())
1010 params.byName(L"JUMIN_NUMBER").setValue(strJuminNumber);
1011 if (!strBirthday.isEmpty())
1012 params.byName(L"BIRTHDAY").setValue(strBirthday);
1013 if (!strSex.isEmpty())
1014 params.byName(L"SEX").setValue(strSex);
1015 if (!strMarriage.isEmpty())
1016 params.byName(L"MARRIAGE").setValue(strMarriage);
1017 if (!strJob.isEmpty())
1018 params.byName(L"JOB").setValue(strJob);
1019 if (!strOffice.isEmpty())
1020 params.byName(L"OFFICE").setValue(strOffice);
1021
1022 if (!strComment.isEmpty())
1023 params.byName(L"COMMENT").setValue(strComment);
1024
1025 if (!strEMail.isEmpty())
1026 params.byName(L"EMAIL").setValue(strEMail);
1027 if (!strHomePage.isEmpty())
1028 params.byName(L"HOMEPAGE").setValue(strHomePage);
1029 if (!strMessenger1.isEmpty())
1030 params.byName(L"MESSENGER1").setValue(strMessenger1);
1031 if (!strMessenger2.isEmpty())
1032 params.byName(L"MESSENGER2").setValue(strMessenger2);
1033 if (!strTel1.isEmpty())
1034 params.byName(L"TEL1").setValue(strTel1);
1035 if (!strTel2.isEmpty())
1036 params.byName(L"TEL2").setValue(strTel2);
1037 if (!strZipcode.isEmpty())
1038 params.byName(L"ZIPCODE").setValue(strZipcode);
1039 if (!strAddr.isEmpty())
1040 params.byName(L"ADDR").setValue(strAddr);
1041 if (!strAddrBunji.isEmpty())
1042 params.byName(L"ADDR_BUNJI").setValue(strAddrBunji);
1043
1044 if (bValidPicture) {
1045 __DCL_TRACE3(L"%ls, %ls, %d\n",
1046 strPicType.data(), strPicName.data(),
1047 picData.length()
1048 );
1049 params.byName(L"PIC_TYPE").setValue(strPicType);
1050 params.byName(L"PIC_NAME").setValue(strPicName);
1051 params.byName(L"PIC_DATA").setValue(
1052 picData, SQL::typeLongBinary
1053 );
1054 }
1055
1056 q.execute();
1057
1058 if (nCM == CM_INSERT) {
1059 q.execute(L""
1060 "DELETE FROM DCL_SIGN_LOCK"
1061 "\n WHERE SESSION_ID = \'" + session.__strSessionID + L"\'"
1062 );
1063
1064 if (nCategoryID != SYSTEM_CATEGORY_ID)
1065 q.execute(L""
1066 "UPDATE DCL_DATA_SOURCE"
1067 "\n SET MESSAGE_ID = MESSAGE_ID + 1"
1068 "\n WHERE USER_ID = 0 AND DS_ID = -1"
1069 );
1070 q.execute(L"COMMIT");
1071 q.execute(L"SET AUTOCOMMIT = 0");
1072 }
1073 }
1074 catch(Exception* e) {
1075 if (nCM == CM_INSERT)
1076 q.execute(L""
1077 "DELETE FROM DCL_SIGN_LOCK"
1078 "\n WHERE SESSION_ID = \'" + session.__strSessionID + L"\'"
1079 );
1080
1081 q.execute(L"COMMIT");
1082 q.execute(L"SET AUTOCOMMIT = 0");
1083 throw(e);
1084 }
1085
1086 if (nCM == CM_INSERT) {
1087 if (session.isSysGuest())
1088 {
1089 session.login(strSignID, strPassword);
1090 // redirect
1091 return;
1092 }
1093 }
1094
1095 session.__ctx.__queryMap[L"USER_ID"].add(String::valueOf(nUserID));
1096 __pPage->print(session);
1097}
1098
1099IMPLEMENT_CLASSINFO_EX(UserDetailView, HtmlView)
1100
1101UserDetailView::UserDetailView(HtmlPage* pPage)
1102 : HtmlView(pPage)
1103{
1104
1105}
1106
1107void UserDetailView::init(SQLFields& fields)
1108 __DCL_THROWS1(Exception*)
1109{
1110 HtmlView::init(fields);
1111
1112 __mapParams.lookup(L"LIST", __strListPage);
1113 __mapParams.lookup(L"WRITE", __strWritePage);
1114}
1115
1116static int __GetAge(Date dtBirthday)
1117{
1118 Date dtNow = DateTime::getCurrentLocalTime().date();
1119 int nAge = dtNow.year() - dtBirthday.year();
1120 if (!(dtNow.month() >= dtBirthday.month()
1121 && dtNow.day() >= dtBirthday.day()))
1122 nAge--;
1123
1124 return nAge;
1125}
1126
1127void UserDetailView::onPrint(Session& session)
1128 __DCL_THROWS1(Exception*)
1129{
1130 SQLQuery& q = session.__query;
1131 ListedStringToStringArrayMap& mapQuery = session.__ctx.__queryMap;
1132
1133 String strListPage = getDefault(mapQuery, L"list");
1134 String strListPageEnc;
1135 String strWritePage = __strWritePage;
1136 String strUserIDs = String::join(mapQuery[L"user"], L',');
1137
1138 if (strListPage.isEmpty())
1139 strListPage = __strListPage;
1140
1141 strListPageEnc = URLEncoder::encode(strListPage);
1142
1143 assign(L"LIST", strListPage);
1144 assign(L"_LIST", strListPageEnc);
1145 assign(L"WRITE", strWritePage);
1146
1147 TextTemplate& USER = (*this)[L"USER"];
1148 TextTemplate& EMPTY = (*this)[L"EMPTY"];
1149 TextTemplate& PICTURE = USER[L"PICTURE"];
1150 TextTemplate& NPICTURE = USER[L"NPICTURE"];
1151
1152 if (strUserIDs.isEmpty()) {
1153 EMPTY.assign(L"LIST", strListPage);
1154 assign(L"EMPTY", EMPTY);
1155 HtmlView::onPrint(session);
1156 return;
1157 }
1158
1159 String strSQL = L""
1160 "SELECT U.USER_ID, U.SIGN_ID, U.USER_NAME, U.NICKNAME"
1161 "\n,U.ROLE_ID, U.OWNER_ID, U.CATEGORY_ID"
1162 "\n,U.OPEN_LEVEL, U.REGISTER_DATE, U.REMARK, U.UPDATE_TIME"
1163 "\n,U.LAST_SIGNIN, U.LAST_USE"
1164 "\n,U.TODAY, U.TODAY_NMEMBER, U.TODAY_NMESSAGE, U.TODAY_NVISIT"
1165 "\n,U.NMEMBER, U.NMESSAGE, U.NVISIT"
1166 "\n,U.JUMIN_NUMBER"
1167 "\n,U.BIRTHDAY, U.SEX, U.MARRIAGE"
1168 "\n,U.JOB, U.OFFICE"
1169 "\n,U.COMMENT"
1170 "\n,U.EMAIL, U.HOMEPAGE, U.MESSENGER1, U.MESSENGER2, U.TEL1, U.TEL2"
1171 "\n,U.ZIPCODE, U.ADDR, U.ADDR_BUNJI, U.PIC_NAME"
1172 "\n,R.ROLE_NAME"
1173 "\n,O.USER_NAME AS OWNER_NAME"
1174 "\n,C.CATEGORY_NAME"
1175 "\n FROM DCL_USER AS U"
1176 "\n INNER JOIN DCL_ROLE AS R ON (U.ROLE_ID = R.ROLE_ID)"
1177 "\n INNER JOIN DCL_USER AS O ON (U.OWNER_ID = O.USER_ID)"
1178 "\n INNER JOIN DCL_USER_CATEGORY AS C ON (U.CATEGORY_ID = C.CATEGORY_ID)"
1179 "\n WHERE U.USER_ID IN (" + strUserIDs + L")"
1180 "\n ORDER BY U.USER_ID ASC";
1181
1182 __DCL_TRACE1(L"\n%ls\n", strSQL.data());
1183 q.execute(strSQL);
1184 q.fetch();
1185 if (q.eof())
1186 assign(L"EMPTY", EMPTY);
1187 else {
1188 do {
1189 USER.assign(q.fields(), L"&nbsp;");
1190
1191 int nCategoryID = q.fields().byName(L"CATEGORY_ID").asInteger();
1192 if (session.isSysAdmin()) {
1193 String strOrigin;
1194 if (nCategoryID > 0)
1195 strOrigin = L"개인";
1196 else if (nCategoryID < 0)
1197 strOrigin = L"그룹";
1198 else
1199 strOrigin = L"시스템";
1200 USER.assign(L"ORIGIN", strOrigin);
1201 }
1202
1203 if (q.fields().byName(L"PIC_NAME").isNull())
1204 USER.assign(L"PICTURE", NPICTURE);
1205 else {
1206 PICTURE.assign(L"PIC_NAME", q.fields().byName(L"PIC_NAME").asString());
1207 PICTURE.assign(L"USER_ID", q.fields().byName(L"USER_ID").asString());
1208 PICTURE.assign(L"SIGN_ID", q.fields().byName(L"SIGN_ID").asString());
1209#ifdef __DCL_DEBUG
1210 PICTURE.assign(L"DHE", L"dhed");
1211#else
1212 PICTURE.assign(L"DHE", L"dhe");
1213#endif
1214 USER.assign(L"PICTURE", PICTURE);
1215 }
1216
1217 if (nCategoryID > 0) {
1218 // 개인 사용자에 한하여
1219
1220 int nOpenLevel = q.fields().byName(L"OPEN_LEVEL").asInteger();
1221 bool bMemberOfMyGroups = false;
1222 int nUserID = q.fields().byName(L"USER_ID").asInteger();
1223
1224 {
1225 String strMeID = String::valueOf(nUserID);
1226 String strOtherID = String::valueOf(session.__nUserID);
1227
1228 SQLQuery qM(q.connection());
1229 // 내가 속한 그룹의 멤버, 나를 친구등록한 사용자의 멤버
1230 qM.execute(L""
1231 "SELECT O.USER_ID"
1232 "\n FROM DCL_USER_MEMBER AS G"
1233 "\n INNER JOIN DCL_USER_MEMBER AS O"
1234 "\n ON (G.USER_ID = O.USER_ID)"
1235 // "\n INNER JOIN DCL_USER AS U"
1236 // "\n ON (G.USER_ID = U.USER_ID)"
1237 "\n WHERE G.MEMBER_ID = " + strMeID + L""
1238 "\n AND O.MEMBER_ID = " + strOtherID + L""
1239 // "\n AND U.CATEGORY_ID < 0" // 그룹만
1240 "\n LIMIT 1"
1241 );
1242 qM.fetch();
1243 if (!qM.eof())
1244 bMemberOfMyGroups = true;
1245 /* else
1246 {
1247 // 내가 친구로 등록한 사용자의 멤버
1248 qM.execute(
1249 "SELECT O.USER_ID"
1250 "\n FROM DCL_USER_MEMBER AS M"
1251 "\n INNER JOIN DCL_USER_MEMBER AS O"
1252 "\n ON (M.MEMBER_ID = O.USER_ID)"
1253 "\n WHERE M.USER_ID = " + strMeID +
1254 "\n AND O.MEMBER_ID = " + strOtherID +
1255 "\n LIMIT 1"
1256 );
1257 qM.fetch();
1258 if (!qM.eof())
1259 bMemberOfMyGroups = true;
1260 }
1261 */
1262 }
1263
1264 {
1265 int nAge = -1;
1266 SQLField& f = q.fields().byName(L"BIRTHDAY");
1267 if (!f.isNull()) {
1268 nAge = __GetAge(f.asDate());
1269 for( ; ; ) {
1270 if (session.isSysAdmin() || session.isOwner(nUserID))
1271 break;
1272 if (nOpenLevel & 0x00080000) // GUEST
1273 break;
1274 if (nOpenLevel & 0x00040000) { // USER
1275 if (!session.isSysGuest())
1276 break;
1277 }
1278 if (nOpenLevel & 0x00020000) { // GROUP
1279 if (bMemberOfMyGroups)
1280 break;
1281 }
1282 if (nOpenLevel & 0x00010000) { // MEMBER
1283 if (!session.isMemberGuest())
1284 break;
1285 }
1286
1287 nAge = -1;
1288 break;
1289 }
1290 }
1291
1292 if (nAge >= 0)
1293 USER.assign(L"AGE", String::valueOf(nAge));
1294 else
1295 USER.assign(L"AGE", L"&nbsp;");
1296 }
1297
1298 if (!(session.isSysAdmin() || session.isOwner(nUserID)))
1299 {
1300 static const wchar_t* asz[] = {
1301 L"USER_NAME", L"JUMIN_NUMBER", L"BIRTHDAY", L"SEX", L"MARRIAGE",
1302 L"JOB", L"OFFICE", NULL,
1303 L"EMAIL", L"HOMEPAGE", L"MESSENGER1", L"MESSENGER2",
1304 L"TEL1", L"TEL2", NULL,
1305 L"ZIPCODE", L"ADDR", L"ADDR_BUNJI"
1306 };
1307 int nMaskMember = 0x00010000;
1308 int nMaskGroup = 0x00020000;
1309 int nMaskUser = 0x00040000;
1310 int nMaskGuest = 0x00080000;
1311 String strSp = L"&nbsp;";
1312
1313 for(size_t i = 0; i < (sizeof(asz) / sizeof(const char*)); i++) {
1314 if (asz[i] == NULL) {
1315 nMaskMember <<= 4;
1316 nMaskGroup <<= 4;
1317 nMaskUser <<= 4;
1318 nMaskGuest <<= 4;
1319 }
1320 else {
1321 for(; ; ) {
1322 if (nOpenLevel & nMaskGuest)
1323 break;
1324 if (nOpenLevel & nMaskUser) {
1325 if (!session.isSysGuest())
1326 break;
1327 }
1328 if (nOpenLevel & nMaskGroup) {
1329 if (bMemberOfMyGroups)
1330 break;
1331 }
1332 if (nOpenLevel & nMaskMember) {
1333 if (!session.isMemberGuest())
1334 break;
1335 }
1336
1337 SQLField& field = q.fields().byName(asz[i]);
1338 if (!field.isNull())
1339 USER.assign(asz[i], strSp);
1340
1341 break;
1342 }
1343 }
1344 }
1345 }
1346 }
1347
1348 append(L"USER", USER);
1349 q.fetch();
1350 } while(!q.eof());
1351 }
1352
1353 HtmlView::onPrint(session);
1354}
1355
1356void UserDetailView::onGet(Session& session)
1357 __DCL_THROWS1(Exception*)
1358{
1359 HttpServletContextEx& ctx = session.__ctx;
1360
1361 int nUserID = Session::NOUSER_USER_ID;
1362 ListedStringToStringArrayMap& map = ctx.__queryMap;
1363 ListedStringToStringArrayMap::ConstIterator it = map.find(L"user");
1364 if (!(it == map.end() || (*it).value.isEmpty()))
1365 nUserID = Integer::parse((*it).value[0], 10, nUserID);
1366
1367 if (nUserID != Session::NOUSER_USER_ID) {
1368 SQLQuery& q = session.__query;
1369 q.execute(L""
1370 "SELECT PIC_NAME, PIC_TYPE, PIC_DATA FROM DCL_USER"
1371 "\nWHERE USER_ID = L" + String::valueOf(nUserID)
1372 );
1373 q.fetch();
1374 if (!(q.eof() || q.fields()[0].isNull()
1375 || q.fields()[1].isNull() || q.fields()[2].isNull())
1376 ) {
1377 String strName = q.fields()[0].asString();
1378 String strType = q.fields()[1].asString();
1379 String strData = q.fields()[2].asString();
1380
1381 ctx.setStatusCode(HTTP_STATUS_OK);
1382 ctx.setContentType(strType);
1383 ctx.addHeader(
1384 HttpHeader(L"Content-Length", String::valueOf(strData.length()))
1385 );
1386 ctx.addHeader(
1387 HttpHeader(
1388 L"Content-Disposition",
1389 L"inline; filename=\"" + strName + L"\""
1390 )
1391 );
1392 ctx.write(strData.data(), strData.length());
1393 return;
1394 }
1395 }
1396 ctx.setStatusCode(HTTP_STATUS_NOT_FOUND);
1397}
1398
1399IMPLEMENT_CLASSINFO_EX(UserSearchForm, FormView)
1400
1401UserSearchForm::UserSearchForm(HtmlPage* pPage)
1402 : FormView(pPage)
1403{
1404}
1405
1406void UserSearchForm::onPrint(Session& session)
1407 __DCL_THROWS1(Exception*)
1408{
1409 ListedStringToStringArrayMap& map = session.__ctx.__formMap;
1410
1411 String strUserName = getDefault(map, L"USER_NAME");
1412 String strRoleID = getDefault(map, L"ROLE_ID");
1413 String strRegStart = getDefault(map, L"REG_START");
1414 String strRegEnd = getDefault(map, L"REG_END");
1415 String strPointsStart = getDefault(map, L"POINTS_START");
1416 String strPointsEnd = getDefault(map, L"POINTS_END");
1417
1418 assign(L"USER_NAME", strUserName);
1419 assign(L"REG_START", strRegStart);
1420 assign(L"REG_END", strRegEnd);
1421 assign(L"POINTS_START", strPointsStart);
1422 assign(L"POINTS_END", strPointsEnd);
1423
1424 TextTemplate& USER_ROLE = (*this)[L"USER_ROLE"];
1425 if (strRoleID == L"-1")
1426 USER_ROLE.assign(L"SELECTED", L"selected");
1427 else
1428 USER_ROLE.assign(L"SELECTED", L"");
1429 USER_ROLE.assign(L"ROLE_ID", L"-1");
1430 USER_ROLE.assign(L"ROLE_NAME", L"전체");
1431 append(L"USER_ROLE", USER_ROLE);
1432
1433 SQLQuery& q = session.__query;
1434 q.execute(L""
1435 "SELECT ROLE_ID, ROLE_NAME\n"
1436 " FROM DCL_ROLE\n"
1437 " ORDER BY ROLE_ID"
1438 );
1439 q.fetch();
1440 while(!q.eof()) {
1441 if (q.fields().byName(L"ROLE_ID").asString() == strRoleID)
1442 USER_ROLE.assign(L"SELECTED", L"selected");
1443 else
1444 USER_ROLE.assign(L"SELECTED", L"");
1445 USER_ROLE.assign(q.fields(), L"");
1446 append(L"USER_ROLE", USER_ROLE);
1447 q.fetch();
1448 }
1449
1450 String strSelect = L""
1451 "SELECT U.USER_ID, U.USER_NAME, U.SIGN_ID, U.POINTS\n"
1452 ", R.ROLE_NAME, U.LAST_SIGNIN, U.REGIST_DATE\n"
1453 "FROM DCL_USER U "
1454 " INNER JOIN DCL_ROLE R ON (U.ROLE_ID = R.ROLE_ID)\n";
1455
1456#define WHERE_USER_NAME 0x01
1457#define WHERE_ROLE_ID 0x02
1458#define WHERE_REGIST_DATE 0x04
1459#define WHERE_POINTS 0x08
1460 int nWhereFlags = 0;
1461
1462 StringBuilder strWhere;
1463 StringBuilder strOrderBy;
1464 if (!strUserName.isEmpty()) {
1465 strWhere = L"WHERE U.USER_NAME LIKE '" + strUserName + L"%'";
1466 nWhereFlags |= WHERE_USER_NAME;
1467 }
1468
1469 if (!strRoleID.isEmpty() && strRoleID != L"-1") {
1470 if (strWhere.isEmpty())
1471 strWhere = L"WHERE U.ROLE_ID = " + strRoleID;
1472 else
1473 strWhere += L"\nAND U.ROLE_ID = " + strRoleID;
1474
1475 nWhereFlags |= WHERE_ROLE_ID;
1476 }
1477
1478 if (!strRegStart.isEmpty()) {
1479 try {
1480 //String strStart = L"'" + DateTime::parseF(
1481 // strRegStart,
1482 // L"%Y%m%d"
1483 // ).date().toString() + L"'";
1484 String strStart = L"'" + strRegStart + L"'";
1485 if (strWhere.isEmpty())
1486 strWhere = L"WHERE REGIST_DATE >= " + strStart;
1487 else
1488 strWhere += L"\nAND REGIST_DATE >= " + strStart;
1489
1490 nWhereFlags |= WHERE_REGIST_DATE;
1491 }
1492 catch(ParseException* e) {
1493 e->destroy();
1494 }
1495 }
1496
1497 if (!strRegEnd.isEmpty()) {
1498 try {
1499 //String strEnd = L"'" + DateTime::parseF(
1500 // strRegEnd,
1501 // "%Y%m%d"
1502 // ).date().toString() + L"'";
1503 String strEnd = L"'" + strRegEnd + L"'";
1504 if (strWhere.isEmpty())
1505 strWhere = L"WHERE REGIST_DATE <= L" + strEnd;
1506 else
1507 strWhere += L"\nAND REGIST_DATE <= L" + strEnd;
1508
1509 nWhereFlags |= WHERE_REGIST_DATE;
1510 }
1511 catch(ParseException* e) {
1512 e->destroy();
1513 }
1514 }
1515
1516 if (!strPointsStart.isEmpty()) {
1517 try {
1518 int nPoints = Integer::parse(strPointsStart);
1519 if (strWhere.isEmpty())
1520 strWhere = L"WHERE POINTS >= L" + strPointsStart;
1521 else
1522 strWhere += L"\nAND POINTS >= L" + strPointsStart;
1523
1524 nWhereFlags |= WHERE_POINTS;
1525 }
1526 catch(ParseException* e) {
1527 e->destroy();
1528 }
1529 }
1530
1531 if (!strPointsEnd.isEmpty()) {
1532 try {
1533 int nPoints = Integer::parse(strPointsEnd);
1534 if (strWhere.isEmpty())
1535 strWhere = L"WHERE POINTS <= L" + strPointsEnd;
1536 else
1537 strWhere += L"\nAND POINTS <= L" + strPointsEnd;
1538
1539 nWhereFlags |= WHERE_POINTS;
1540 }
1541 catch(ParseException* e) {
1542 e->destroy();
1543 }
1544 }
1545
1546 if (nWhereFlags) {
1547 if (nWhereFlags & WHERE_USER_NAME)
1548 strOrderBy = L"\nORDER BY U.USER_NAME";
1549
1550 if (nWhereFlags & WHERE_REGIST_DATE) {
1551 if (strOrderBy.isEmpty())
1552 strOrderBy = L"\nORDER BY U.REGIST_DATE";
1553 else
1554 strOrderBy += L"\n,U.REGIST_DATE";
1555 }
1556 }
1557
1558 String strSQL = strSelect + strWhere.toString() + strOrderBy.toString()
1559 + L"\nLIMIT 20";
1560// TRACE1(L"%ls\n", strSQL.data());
1561
1562 q.execute(strSQL);
1563 q.fetch();
1564 if (q.eof())
1565 erase(L"USER");
1566 else {
1567 assign(L"WHERE", strWhere);
1568
1569 TextTemplate& USER = (*this)[L"USER"];
1570 int n = 1;
1571 while(!q.eof()) {
1572 USER.assign(L"NO", String::valueOf(n++));
1573 USER.assign(q.fields(), L"&nbsp;");
1574 append(L"USER", USER);
1575 q.fetch();
1576 }
1577 }
1578
1579 FormView::onPrint(session);
1580}
1581
1582void UserSearchForm::onPost(Session& session)
1583 __DCL_THROWS1(Exception*)
1584{
1585 __pPage->print(session);
1586}
1587
1588IMPLEMENT_CLASSINFO_EX(UserActivityView, HtmlView)
1589
1590UserActivityView::UserActivityView(HtmlPage* pPage)
1591 : HtmlView(pPage)
1592{
1593}
1594
1595void UserActivityView::onPrint(Session& session)
1596 __DCL_THROWS1(Exception*)
1597{
1598 SQLQuery& q = session.__query;
1599
1600 String strGroupID = String::valueOf(session.__nServiceUserID);
1601
1602 q.execute(L""
1603 "SELECT G.TODAY, G.TODAY_NUSER, G.TODAY_NVISIT, G.TODAY_NMESSAGE"
1604 ", G.NUSER, G.NVISIT, G.NMESSAGE"
1605 "\n FROM DCL_GROUP AS G"
1606 "\n WHERE G.GROUP_ID = " + strGroupID
1607 );
1608 q.fetch();
1609 if (q.eof()) {
1610 assign(L"EMPTY", (*this)[L"EMTPY"]);
1611 }
1612 else {
1613 TextTemplate& GROUP = (*this)[L"GROUP"];
1614 GROUP.assign(q.fields(), L"&nbsp;");
1615 assign(L"GROUP", GROUP);
1616 }
1617
1618 HtmlView::onPrint(session);
1619};
1620
1621__DCL_END_NAMESPACE
__THIS_FILE__
#define __THIS_FILE__
Definition _trace.h:14
NULL
#define NULL
Definition Config.h:312
char_t
wchar_t char_t
Definition Config.h:247
__DCL_THROWS1
#define __DCL_THROWS1(e)
Definition Config.h:152
CM_UPDATE
#define CM_UPDATE
Definition DataSource.cpp:26
CM_INSERT
#define CM_INSERT
Definition DataSource.cpp:25
CM_INVALID
#define CM_INVALID
HtmlPage.h
IMPLEMENT_CLASSINFO_EX
#define IMPLEMENT_CLASSINFO_EX(class_name, base_class_name)
Definition HtmlView.h:37
HTTP_STATUS_OK
@ HTTP_STATUS_OK
Definition HttpServerExtension.h:37
HTTP_STATUS_NOT_FOUND
@ HTTP_STATUS_NOT_FOUND
Definition HttpServerExtension.h:55
__DCL_TRACE0
#define __DCL_TRACE0(psz)
Definition Object.h:398
__DCL_TRACE1
#define __DCL_TRACE1(fmt, arg1)
Definition Object.h:399
__DCL_TRACE3
#define __DCL_TRACE3(fmt, arg1, arg2, arg3)
Definition Object.h:401
__DCL_VERIFY
#define __DCL_VERIFY(expr)
Definition Object.h:396
TRACE0
#define TRACE0
Definition Object.h:359
__DCL_ASSERT
#define __DCL_ASSERT(expr)
Definition Object.h:394
__T
#define __T(str)
Definition Object.h:60
__DCL_TRACE2
#define __DCL_TRACE2(fmt, arg1, arg2)
Definition Object.h:400
WHERE_USER_NAME
#define WHERE_USER_NAME
WHERE_POINTS
#define WHERE_POINTS
WHERE_REGIST_DATE
#define WHERE_REGIST_DATE
WHERE_ROLE_ID
#define WHERE_ROLE_ID
SYSTEM_CATEGORY_ID
#define SYSTEM_CATEGORY_ID
Definition User.h:10
Date::day
int day() const
Definition DateTime.cpp:203
Date::month
int month() const
Definition DateTime.cpp:196
Date::year
int year() const
Definition DateTime.cpp:189
DateTime::date
Date & date()
Definition DateTime.inl:152
DateTime::getCurrentLocalTime
static DateTime getCurrentLocalTime()
Definition DateTime.cpp:954
Exception::destroy
virtual void destroy()
Definition Exception.cpp:74
Exception::toStringAll
String toStringAll() const
Definition Exception.cpp:45
Files::readBytes
static ByteString readBytes(InputStream &_input, size_t _n=(size_t) -1) __DCL_THROWS1(IOException *)
Definition Files.cpp:397
Html::strip
static String strip(const String &_str, const wchar_t *_elementNames)
Definition Html.cpp:230
HtmlPage
Definition HtmlPage.h:29
HtmlView::onPrint
virtual void onPrint(Session &session) __DCL_THROWS1(Exception *)
Definition HtmlView.cpp:349
HtmlView::init
virtual void init(SQLFields &fields) __DCL_THROWS1(Exception *)
Definition HtmlView.cpp:298
Integer::parse
static int parse(const wchar_t *_number, unsigned _base=10) __DCL_THROWS1(NumericConvertException *)
Definition Numeric.inl:36
Object::toString
virtual String toString() const
Definition Object.cpp:187
SQLField
Definition SQL.h:48
SQLFields::byName
_CONST SQLField & byName(const wchar_t *_name) _CONST __DCL_THROWS1(InvalidIndexException *)
Definition SQLQuery.cpp:77
SQL::typeLongBinary
@ typeLongBinary
Definition SQLCore.h:76
SQLParams::byName
SQLParam & byName(const wchar_t *_name) _CONST __DCL_THROWS1(InvalidIndexException *)
Definition SQLQuery.cpp:157
SQLQuery::prepare
void prepare(const String &_sql) __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:282
SQLQuery::params
_CONST SQLParams & params() _CONST
Definition SQL.inl:106
SQLQuery::fields
_CONST SQLFields & fields() _CONST
Definition SQL.inl:101
SQLQuery::execute
void execute() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:316
SQLQuery::affectedRows
int64_t affectedRows() const
Definition SQL.inl:96
SQLQuery::eof
bool eof() const
Definition SQL.inl:91
SQLQuery::connection
SQLConnection * connection() const
Definition SQL.inl:116
SQLQuery::fetch
void fetch() __DCL_THROWS1(SQLException *)
Definition SQLQuery.cpp:336
Session::DEFAULT_ROLE_ID
@ DEFAULT_ROLE_ID
Definition Session.h:29
Session::NOUSER_USER_ID
@ NOUSER_USER_ID
Definition Session.h:19
Session::SYSTEM_USER_ID
@ SYSTEM_USER_ID
Definition Session.h:20
Session::GUEST_USER_ID
@ GUEST_USER_ID
Definition Session.h:23
TextTemplate
Definition TextTemplate.h:22
URLEncoder::encode
static ByteString encode(const ByteString &_str)
Definition URI.cpp:82