Mercurial > hg > rlgwebd
annotate sqlickrypt.c @ 24:9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
Switch the check() function to use parametrized SQL queries instead of
contructing statements with strcat(), for obvious reasons.
author | John "Elwin" Edwards <elwin@sdf.org> |
---|---|
date | Sun, 03 Jun 2012 17:08:40 -0700 |
parents | 59ea628abb81 |
children | f275d816e857 |
rev | line source |
---|---|
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
1 #include <stdio.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
2 #include <stdlib.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
3 #include <string.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
4 #include <ctype.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
5 #include <sqlite3.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
6 #include <unistd.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
7 #include <crypt.h> |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
8 |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
9 #define DATABASE "/dgldir/dgamelaunch.db" |
18
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
10 #define IBUFSIZE 200 |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
11 |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
12 int xcallback(void *targ, int ncols, char **vals, char **colnames) { |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
13 char *pws; |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
14 int j; |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
15 pws = *((char **) targ); |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
16 if (pws == NULL) { |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
17 for (j = 0; j < ncols; j++) { |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
18 if (!strcmp(colnames[j], "password")) |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
19 *((char **) targ) = strdup(vals[j]); |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
20 } |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
21 } |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
22 /* Otherwise, this isn't the first row. */ |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
23 return 0; |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
24 } |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
25 |
18
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
26 /* Simple callback, for checking if there are any matches. */ |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
27 int searchcallback(void *targ, int ncols, char **vals, char **colnames) { |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
28 *((int *) targ) = 1; |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
29 return 0; |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
30 } |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
31 |
18
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
32 int check(char *uname, char *pw) { |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
33 char *pwhash, *comphash; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
34 char *query = "SELECT password FROM dglusers WHERE username=?;"; |
18
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
35 int status; |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
36 sqlite3 *db; |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
37 sqlite3_stmt *qstmt; |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
38 |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
39 status = sqlite3_open(DATABASE, &db); |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
40 if (status) { |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
41 sqlite3_close(db); |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
42 return 3; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
43 } |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
44 sqlite3_prepare_v2(db, query, -1, &qstmt, NULL); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
45 if (qstmt == NULL) { |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
46 sqlite3_close(db); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
47 return 3; |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
48 } |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
49 status = sqlite3_bind_text(qstmt, 1, uname, -1, SQLITE_TRANSIENT); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
50 if (status) { |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
51 sqlite3_finalize(qstmt); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
52 sqlite3_close(db); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
53 return 3; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
54 } |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
55 status = sqlite3_step(qstmt); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
56 if (status != SQLITE_ROW) { |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
57 sqlite3_finalize(qstmt); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
58 sqlite3_close(db); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
59 if (status == SQLITE_DONE) |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
60 return 2; /* User not found */ |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
61 return 3; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
62 } |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
63 pwhash = strdup((char *) sqlite3_column_text(qstmt, 0)); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
64 /* Clean up */ |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
65 sqlite3_finalize(qstmt); |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
66 sqlite3_close(db); |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
67 |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
68 /* Check the password */ |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
69 comphash = crypt(pw, pwhash); |
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
70 if (!strcmp(pwhash, comphash)) |
24
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
71 status = 0; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
72 else |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
73 status = 1; |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
74 free(pwhash); |
9d5da43c0e83
sqlickrypt.c: begin converting to parametrized queries.
John "Elwin" Edwards <elwin@sdf.org>
parents:
18
diff
changeset
|
75 return status; |
17
d3e3d6b4016b
rlgwebd: switch to dgamelaunch's SQLite database.
John "Elwin" Edwards <elwin@sdf.org>
parents:
diff
changeset
|
76 } |
18
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
77 |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
78 int insertuser(char *uname, char *pw, char *email) { |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
79 char finduser_sql[160]; |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org>
parents:
17
diff
changeset
|
80 int status; |
59ea628abb81
sqlickrypt.c: add the ability to register new users.
John "Elwin" Edwards <elwin@sdf.org> |