diff --git a/game/g_local.h b/game/g_local.h index 7e4cce0..b6d6e60 100644 --- a/game/g_local.h +++ b/game/g_local.h @@ -993,9 +993,10 @@ qboolean G_Sql_Init(void); void G_Sql_Shutdown(void); qboolean G_Sql_UserDB_Add(const char *uName, const char *password); qboolean G_Sql_UserDB_CheckRight(int uid, int right); +qboolean G_Sql_UserDB_AddRight(int uid, int right); +qboolean G_Sql_UserDB_RemoveRight(int uid, int right); qboolean G_Sql_UserDB_Del(const char *uName); qboolean G_Sql_UserDB_Login(const char *uName, const char *pwd, int clientnum); -qboolean G_Sql_UserDB_Mod(const char *uName, const char *right, int value); //RPG-X: J2J - Nice neat struct to hold info for admin tricorder transport..////// //TiM: I may be a complete nutter here, but I'm gonna try and mod this to see if we can mosey SP transportery FX in here diff --git a/game/g_sql.c b/game/g_sql.c index 7b0eee1..e682be2 100644 --- a/game/g_sql.c +++ b/game/g_sql.c @@ -24,12 +24,61 @@ extern void QDECL G_PrintfClient( gentity_t *ent, const char *fmt, ...); sqlite3 *user_db; qboolean sql_ready = qfalse; +/* +=============== +G_Sql_Check_StepReturn +=============== +*/ +static qboolean G_Sql_Check_StepReturn(int r) { + switch(r) { + case SQLITE_ROW: + case SQLITE_DONE: + return qfalse; + default: + G_Printf(S_COLOR_RED "SQL ERROR: %s\n", sqlite3_errmsg(user_db)); + break; + } + return qtrue; +} + +/* +=============== +G_Sql_Check_PrepareReturn +=============== +*/ +static qboolean G_Sql_Check_PrepareReturn(int r) { + switch(r) { + case SQLITE_OK: + return qfalse; + default: + G_Printf(S_COLOR_RED "SQL ERROR: %s\n", sqlite3_errmsg(user_db)); + break; + } + return qtrue; +} + +/* +=============== +G_Sql_Check_BindReturn +=============== +*/ +static qboolean G_Sql_Check_BindReturn(int r) { + switch(r) { + case SQLITE_OK: + return qfalse; + default: + G_Printf(S_COLOR_RED "SQL ERROR: %s\n", sqlite3_errmsg(user_db)); + break; + } + return qtrue; +} + /* =============== G_Sql_Md5 =============== */ -char *G_Sql_Md5(char *s) { +static char *G_Sql_Md5(const char *s) { char *res; unsigned char sig[16]; struct MD5Context md5c; @@ -63,37 +112,52 @@ qboolean G_Sql_Init(void) { if(!sql_use.integer) return qtrue; res = sqlite3_open("db/users.db", &user_db); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Could not open user database\n"); + if(res != SQLITE_OK) { + G_Printf(S_COLOR_RED "SQL ERROR: %s\n", sqlite3_errmsg(user_db)); return qfalse; } res = sqlite3_prepare_v2(user_db, SQL_ENABLE_FOREIGN_KEY_CONSTRAINTS, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Enabling foreign key constraints failed\n"); + if(G_Sql_Check_PrepareReturn(res)) { sqlite3_close(user_db); sql_ready = qfalse; return qfalse; } - sqlite3_free(stmt); + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + sqlite3_close(user_db); + sql_ready = qfalse; + return qfalse; + } + sqlite3_finalize(stmt); res = sqlite3_prepare_v2(user_db, SQL_USER_CREATEUSERTABLE, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + if(G_Sql_Check_PrepareReturn(res)) { sqlite3_close(user_db); sql_ready = qfalse; return qfalse; } - sqlite3_free(stmt); + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + sqlite3_close(user_db); + sql_ready = qfalse; + return qfalse; + } + sqlite3_finalize(stmt); res = sqlite3_prepare_v2(user_db, SQL_USER_CREATERIGHTSTABLE, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + if(G_Sql_Check_PrepareReturn(res)) { sqlite3_close(user_db); sql_ready = qfalse; return qfalse; } - sqlite3_free(stmt); + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + sqlite3_close(user_db); + sql_ready = qfalse; + return qfalse; + } + sqlite3_finalize(stmt); sql_ready = qtrue; return qtrue; @@ -119,57 +183,69 @@ G_Sql_UserDB_Del */ qboolean G_Sql_UserDB_Del(const char *uName) { sqlite3_stmt *stmt; - int res, i, id = -1; + int res, id = -1; - res = sqlite3_prepare_v2(user_db, SQL_USER_GETUID(uName), -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + res = sqlite3_prepare_v2(user_db, "SELECT id FROM rpgx_users WHERE username = :UNAME", -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { + return qfalse; + } + res = sqlite3_bind_text(stmt, 1, uName, sizeof(uName), SQLITE_STATIC); + if(G_Sql_Check_BindReturn(res)) { + return qfalse; + } + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { return qfalse; } res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } if(res == SQLITE_ROW) { id = sqlite3_column_int(stmt, 0); } else if(res == SQLITE_DONE) { G_Printf("SQL: User \'%s\' not found\n", uName); return qfalse; - } else { - G_Printf(S_COLOR_RED "SQL ERROR: An error occured getting results from a row\n"); - return qfalse; - } - sqlite3_free(stmt); + } + sqlite3_finalize(stmt); if(id == -1) { G_Printf(S_COLOR_RED "SQL ERROR: no user %s found\n", uName); return qfalse; } - res = sqlite3_prepare_v2(user_db, SQL_USER_DELTE_RIGHTS(id), -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + res = sqlite3_prepare_v2(user_db, SQL_USER_DELTE_RIGHTS, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { return qfalse; } - sqlite3_free(stmt); + res = sqlite3_bind_int(stmt, 1, id); + if(G_Sql_Check_BindReturn(res)) { + return qfalse; + } + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } + sqlite3_finalize(stmt); - res = sqlite3_prepare_v2(user_db, SQL_USER_DELETE(uName), -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + res = sqlite3_prepare_v2(user_db, SQL_USER_DELETE, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { return qfalse; } - sqlite3_free(stmt); + res = sqlite3_bind_text(stmt, 1, uName, sizeof(uName), SQLITE_STATIC); + if(G_Sql_Check_BindReturn(res)) { + return qfalse; + } + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } + sqlite3_finalize(stmt); return qtrue; } -/* -=============== -G_Sql_UserDB_Mod -=============== -*/ -qboolean G_Sql_UserDB_Mod(const char *uName, const char *right, int value) { - return qfalse; -} - /* =============== G_Sql_UserAdd @@ -180,74 +256,82 @@ qboolean Do_Sql_UserAdd(const char *uName, const char *password) { int res, id; char *hashedpw; - res = sqlite3_prepare_v2(user_db, SQL_USER_GETUID(uName), -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + res = sqlite3_prepare_v2(user_db, SQL_USER_GET_UID, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { + return qfalse; + } + res = sqlite3_bind_text(stmt, 1, uName, sizeof(uName), SQLITE_STATIC); + if(G_Sql_Check_BindReturn(res)) { return qfalse; } res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } if(res == SQLITE_ROW) { G_Printf("SQL: There already exists a user with username \'%s\'\n", uName); G_Printf("SQL: If you lost your password please contact an admin with access to the database.\n"); - sqlite3_free(stmt); + sqlite3_finalize(stmt); return qfalse; } - sqlite3_free(stmt); + sqlite3_finalize(stmt); - res = sqlite3_prepare_v2(user_db, SQL_BEGIN_TRANSACTION, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + hashedpw = G_Sql_Md5(password); + res = sqlite3_prepare_v2(user_db, SQL_USER_ADD, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { return qfalse; } - sqlite3_free(stmt); - - hashedpw = G_Sql_Md5((const char*)password); - res = sqlite3_prepare_v2(user_db, SQL_USER_ADD(uName, hashedpw), -1, &stmt, 0); - free(hashedpw); - if(res) { - G_Printf("SQL ERROR: User add query failed\n"); + res = sqlite3_bind_text(stmt, 1, uName, sizeof(uName), SQLITE_STATIC); + if(G_Sql_Check_BindReturn(res)) { + return qfalse; + } + res = sqlite3_bind_text(stmt, 2, hashedpw, sizeof(hashedpw), free); + if(G_Sql_Check_BindReturn(res)) { + return qfalse; + } + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { return qfalse; } - res = sqlite3_prepare_v2(user_db, SQL_USER_GETUID(uName), -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); - + res = sqlite3_prepare_v2(user_db, SQL_USER_GET_UID, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { + return qfalse; + } + res = sqlite3_bind_text(stmt, 1, uName, sizeof(uName), SQLITE_STATIC); + if(G_Sql_Check_BindReturn(res)) { return qfalse; } res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } if(res == SQLITE_ROW) { id = sqlite3_column_int(stmt, 0); } else { G_Printf("SQL: There already exists a user with username \'%s\'\n", uName); - G_Printf("SQL: If you lost your password please contact an admin with access to the database.\n"); - sqlite3_free(stmt); + sqlite3_finalize(stmt); return qfalse; } - sqlite3_free(stmt); + sqlite3_finalize(stmt); - res = sqlite3_prepare_v2(user_db, SQL_USER_ADD_RIGHTS(id), -1, &stmt, 0); - if(res) { - G_Printf("SQL ERROR: Add user rights query failed\n"); - res = sqlite3_prepare_v2(user_db, SQL_ROLLBACK_TRANSACTION, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); - return qfalse; - } + res = sqlite3_prepare_v2(user_db, SQL_USER_ADD_RIGHTS, -1, &stmt, 0); + if(G_Sql_Check_PrepareReturn(res)) { return qfalse; } - sqlite3_free(stmt); - - res = sqlite3_prepare_v2(user_db, SQL_COMMIT_TRANSACTION, -1, &stmt, 0); - if(res) { - G_Printf(S_COLOR_RED "SQL ERROR: Query failed\n"); + res = sqlite3_bind_int(stmt, 1, id); + if(G_Sql_Check_BindReturn(res)) { return qfalse; } - sqlite3_free(stmt); + res = sqlite3_step(stmt); + if(G_Sql_Check_StepReturn(res)) { + return qfalse; + } + sqlite3_finalize(stmt); - return qfalse; + return qtrue; } /* @@ -256,6 +340,7 @@ G_Sql_UserDB_login =============== */ qboolean G_Sql_UserDB_login(const char *uName, const char *pwd, int clientnum) { + return qfalse; } @@ -268,4 +353,22 @@ qboolean G_Sql_UserDB_CheckRight(int uid, int right) { return qfalse; } +/* +=============== +G_Sql_UserDB_AddRight +=============== +*/ +qboolean G_Sql_UserDB_AddRight(int uid, int right) { + +} + +/* +=============== +G_Sql_UserDB_RemoveRight +=============== +*/ +qboolean G_Sql_UserDB_RemoveRight(int uid, int right) { + +} + #endif //SQL diff --git a/game/g_sql.h b/game/g_sql.h index 5d36ec0..75f350d 100644 --- a/game/g_sql.h +++ b/game/g_sql.h @@ -7,7 +7,6 @@ #define SQL_BEGIN_TRANSACTION "BEGIN TRANSACTION" #define SQL_ROLLBACK_TRANSACTION "ROLLBACK TRANSACTION" #define SQL_COMMIT_TRANSACTION "COMMIT TRANSACTION" -#define SQL_USER_GETUID(UNAME) va("SELECT id FROM rpgx_users WHERE username = %s", UNAME) #define SQL_USER_CREATEUSERTABLE "CREATE TABLE IF NOT EXISTS rpgx_users ( \ id INTEGER PRIMARY KEY AUTOINCREMENT, \ username TEXT NOT NULL , \ @@ -19,10 +18,15 @@ rights LONG NOT NULL, \ FOREIGN KEY(id) REFERENCES rpgx_users(id) \ )" -#define SQL_USER_DELETE(UNAME) va("DELETE FROM rpgx_users WHERE username = %s", UNAME) -#define SQL_USER_DELTE_RIGHTS(ID) va("DELETE FROM rpgx_userRights WHERE id = %d", ID) -#define SQL_USER_ADD(USERNAME,PASSWORD) va("INSERT INTO rpgx_users VALUES(NULL,%s,%s)", USERNAME, PASSWORD) -#define SQL_USER_ADD_RIGHTS(ID) va("INSERT INTO rpgx_userRights VALUES(NULL, 0, 0, %d)", ID) +#define SQL_USER_DELETE "DELETE FROM rpgx_users WHERE username = :UNAME" +#define SQL_USER_DELTE_RIGHTS "DELETE FROM rpgx_userRights WHERE id = :ID" +#define SQL_USER_ADD "INSERT INTO rpgx_users VALUES(NULL,:USERNAME,:PASSWORD)" +#define SQL_USER_ADD_RIGHTS "INSERT INTO rpgx_userRights VALUES(NULL, 0, 0, :ID)" +#define SQL_USER_MOD_RIGHTS "UPDATE rpgx_userRights SET rights = :RIGHTS WHERE id = :ID" +#define SQL_USER_GET_RIGHTS "SELECT rights FROM rpgx_userRights WHERE id = :ID" +#define SQL_USER_GET_PASSWORD "SELECT password FROM rpgx_users WHERE id = :ID" +#define SQL_USER_SET_PASSWORD "UPDATE rpgx_users SET password = :PASSWORD WHERE id = :ID" +#define SQL_USER_GET_UID "SELECT id FROM rpgx_users WHERE username = :UNAME" typedef enum { SQLF_GIVE = 1, diff --git a/stefgame.suo b/stefgame.suo index 36ac91f..b44edba 100644 Binary files a/stefgame.suo and b/stefgame.suo differ