Ejemplo n.º 1
0
Account *accountGetBySId(sqlite3 *DB, char *sid) {
    if (sid == NULL)
        return NULL;

    Session *session = sessionGetBySId(DB, sid);

    if (session == NULL)
        return NULL;

    Account *account = NULL;
    sqlite3_stmt *statement;

    if (sqlite3_prepare_v2(DB,
                           "SELECT id, createdAt, name, email, username"
                           "  FROM accounts"
                           " WHERE id = ?",
                           -1, &statement, NULL) != SQLITE_OK) {
        return NULL;
    }

    if (sqlite3_bind_int(statement, 1, session->accountId) != SQLITE_OK) goto fail;
    if (sqlite3_step(statement) != SQLITE_ROW)                           goto fail;

    account = accountNew(sqlite3_column_int(statement, 0),
                         sqlite3_column_int(statement, 1),
                         (char *)sqlite3_column_text(statement, 2),
                         (char *)sqlite3_column_text(statement, 3),
                         (char *)sqlite3_column_text(statement, 4));


fail:
    sessionDel(session);
    sqlite3_finalize(statement);
    return account;
}
Ejemplo n.º 2
0
Session *sessionCreate(sqlite3 *DB, char *username, char *password)
{
    int aid;
    char *sid = NULL;
    Session *session = NULL;
    sqlite3_stmt *statement;

    if (sqlite3_prepare_v2(DB,
                           "SELECT id"
                           "  FROM accounts"
                           " WHERE username = ?"
                           "   AND password = ?",
                           -1, &statement, NULL) != SQLITE_OK) {
        return NULL;
    }

    if (sqlite3_bind_text(statement, 1, username, -1, NULL) != SQLITE_OK)
        goto fail;
    if (sqlite3_bind_text(statement, 2, password, -1, NULL) != SQLITE_OK)
        goto fail;
    if (sqlite3_step(statement) != SQLITE_ROW)
        goto fail;

    sid = bsRandom(24, username);
    aid = sqlite3_column_int(statement, 0);
    sqlite3_finalize(statement);

    if (sqlite3_prepare_v2(DB,
                           "INSERT INTO sessions(createdAt, account, session)"
                           "     VALUES         (        ?,       ?,       ?)",
                           -1, &statement, NULL) != SQLITE_OK) {
        goto fail;
    }

    if (sqlite3_bind_int(statement, 1, time(NULL)) != SQLITE_OK) goto fail;
    if (sqlite3_bind_int(statement, 2, aid) != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 3, sid, -1, NULL) != SQLITE_OK) goto fail;
    if (sqlite3_step(statement) != SQLITE_DONE)
        goto fail;

    session = sessionGetBySId(DB, sid);

fail:
    if (sid)
        bsDel(sid);

    sqlite3_finalize(statement);

    return session;
}