Mercurial > hgrepos > hgweb.cgi > s4
changeset 33:54dba4c5e61d
Use group-id, not gname
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Wed, 22 Jul 2015 13:14:06 +0900 |
parents | 280024035566 |
children | 77e2aeb2d7ad |
files | s4-funcs.sh |
diffstat | 1 files changed, 56 insertions(+), 43 deletions(-) [+] |
line wrap: on
line diff
--- a/s4-funcs.sh Wed Jul 22 09:38:28 2015 +0900 +++ b/s4-funcs.sh Wed Jul 22 13:14:06 2015 +0900 @@ -509,8 +509,8 @@ fi done pk=`gettblpkey $1` -# key=`sq $db "select $pk from $1 where rowid=$3"` key=`query "select $pk from $1 where rowid=$3;"` + getkey="(select $pk from $1 where rowid=$3)" ### err "select $pk from $1 where rowid=$3" - key=$key '$4(tmp)'=$4 for kt in s m; do td=${4:-$tmpd} @@ -519,10 +519,9 @@ for c in `gettbl_${kt}_cols $1`; do vcount=1 # count(val) if [ x"$2" = x"$c" ]; then - cond="$t where $pk=\"$key\" and key=\"$c\"" - ###val=`query "select val from $cond;"` + #### cond="$t where $pk=\"$key\" and key=\"$c\"" #2015-07-22 + cond="$t where $pk=$getkey and key=\"$c\"" val=`query "select val from $cond limit 1;"` - ###type=`query "select type from $cond;"` type=`query "select type from $cond limit 1;"` if [ $kt = m ]; then ###vcount=`sq $db "select count(val) from $cond"` @@ -1202,7 +1201,7 @@ # $1=user/group $2=SearchKeyword $3=condition(if any) # Referring variable $iamowner=$grp to attach owner-request links err listentry: \$1=$1 \$2=$2 \$3=$3 - cond= + cond='' offset=`getpar offset` offset=${offset%%[!0-9]*} offset=$((offset + 0)) # change to numeric forcibly @@ -1213,10 +1212,12 @@ hrb="$myname?home" deficon=person-default.png entity="ユーザ" tbl=user link=rowid nm=name stage=mems + gcs=gecos else # if group hrb="$myname?grp" deficon=group-default.png entity="グループ" tbl=grp link=rowid nm=gname stage=grps + gcs=name tagline=`grep :tag: $formdir/grp.def|cut -d: -f5-` if [ -n "$tagline" ]; then tagconv=`echo $tagline|sed 's/\([^= :]*\)=\([^= :]*\)/-D\2=\1/g'` @@ -1232,11 +1233,14 @@ fi # XX: これ複雑すぎるかな。もっとシンプルにしたい。$3条件も。2015-07-08 - qgrp=`sqlquote $grp` - qgrp=${qgrp:-'""'} - sql="select a.rowid, a.$link, coalesce(b.gecos, a.$nm) as nick, b.tag, + # grpは呼出し元の動的スコープ変数でよくないな... + ##qgrp=`sqlquote $grp` + getgrp="(select gname from grp where rowid=${rowid:--1})" + sql="select a.rowid, a.$link, coalesce(b.$gcs, a.$nm) as nick, + coalesce(b.gecos, a.$nm) as name, + b.tag, case when a.$nm in (select user from grp_adm - where gname=$qgrp) then '(管理者)' -- from group mode + where gname=$getgrp) then '(管理者)' -- from group mode when '$user' in (select user from grp_adm where gname=a.$nm) then '(ADMIN)' when '$iamowner' = '' then '' @@ -1260,7 +1264,7 @@ echo '</div>' fi cat<<EOF - <p>${total}件中の${offset}件めから${kwd:+" - 検索語: $kwd"}</p> + <p>${total}件中の$((offset+1))件めから${kwd:+" - 検索語: $kwd"}</p> EOF if [ $((offset+limit)) -lt $total ]; then cat<<EOF @@ -1284,7 +1288,7 @@ err ListEntry: `echo $sql\;` query "$sql limit $limit ${offset:+offset $offset};" \ - | while IFS='|' read id lnk name tag ownerp; do + | while IFS='|' read id lnk name gecos tag ownerp; do err name=$name owner=$ownerp lnk=$lnk err newlnk=$lnk files=`getvalbyid $tbl profimg $id $dir` @@ -1293,9 +1297,9 @@ | m4 $tagconv if [ -n "$files" ]; then icon=`echo "$files"|head -1` - iconhref $dir/$icon "$hrb+$lnk" "$name" + iconhref $dir/$icon "$hrb+$lnk" "$gecos" else - iconhref $dir/$deficon "$hrb+$lnk" "$name" + iconhref $dir/$deficon "$hrb+$lnk" "$gecos" fi echo "<br>$name${ownerp:+<br>$ownerp}" echo "</div>" @@ -1307,18 +1311,17 @@ listgroup() { listentry group "$@" } -showgroup() { - grp=$1 -err showgroup1: grp=$grp qgrp="[$(sqlquote $grp)]" +showgroup() { # $1=group-rowid gname=`getpar gname` if [ -n "$gname" ]; then err UPdating/Removing of group::::::: par2table $formdir/grp.def fi + grp=`getgroupbyid $1` err showgroup2: grp=$grp qgrp="[$(sqlquote $grp)]" if isgroup "$grp"; then - showgroupsub $formdir/grp.def "$grp" | \ + showgroupsub $formdir/grp.def "$1" | \ m4 -D_TITLE_="グループ $grp" \ -D_FORM_="syscmd(\`cat')" \ -D_DUMPTABLE_="" \ @@ -1328,21 +1331,22 @@ fi } showgroupsub() { - # $1=def-file $2=group - grp=$2 + # $1=def-file $2=group-rowid + rowid=$2 + grp=`getgroupbyid $2` qgrp=`sqlquote $grp` - rowid=`sq $db "select rowid from grp where gname=$qgrp"` + #rowid=`sq $db "select rowid from grp where gname=$qgrp"` if [ -z "$rowid" ]; then - rowid=`sq $db "select rowid from grp where rowid=$grp"` - grp=`sq $db "select gname from grp where rowid=$grp"` + #rowid=`sq $db "select rowid from grp where rowid=$grp"` + #grp=`sq $db "select gname from grp where rowid=$grp"` + echo "<p>showgroupsub: invalid argument($1 $2)</p>"; return fi - mmgrp=`echo "$grp"|nkf -Ww -MQ|tr '=' '%'` val=`getvalbyid grp profimg $rowid $tmpd` # 6/14の次グループのHOMEで出す情報を作る Done viewtable $1 grp $rowid if isgrpowner "$user" "$grp"; then echo "<p><a href=\"?groupconf+$rowid\">グループ情報の編集</a>" - iamowner=$grp + iamowner=$rowid fi if ismember "$user" "$grp"; then echo "${iamowner:+ / }<a href=\"?blog+$rowid\">グループの新規話題作成</a></p>" @@ -1387,7 +1391,7 @@ 同じでよい場合は空欄に)</small></th> <td>`cgi_text email $eml`</td></tr> </table> -`cgi_hidden grp $grp` +`cgi_hidden grp $rowid` EOF echo '</div></div>' echo '<h2>話題一覧</h2>' @@ -1399,8 +1403,9 @@ DT_CHLD=article:blogid \ DT_VIEW=replyblog dumptable html blog 'ctime title heading' "$cond" - c="group by b.name having b.name in (select user from grp_mem where gname='$grp')" - cm="?commission+$mmgrp" + getgname="(select gname from grp where rowid=$rowid)" + c="group by b.name having b.name in (select user from grp_mem where gname=$getgname)" + cm="?commission+$rowid" thumbxy=50x50 listmember "" "$c" \ |sed -e "s|\(<br>\),not=\(.*\)|\1<a href=\"$cm+\2\">管理者委託</a>|" } @@ -1444,26 +1449,27 @@ return fi fi - cond="where gname='$1' and user='$2'" + qgname=`sqlquote $1` + cond="where gname=$qgname and user='$2'" if [ x"$3" = x"yes" ]; then - query "replace into grp_mem values('$1', '$2');" + query "replace into grp_mem values($qgname, '$2');" if [ -n "$4" ]; then if msg=`emaildomaincheck "$4"`; then -err "replace into grp_mem_s values('$1', '$user', 'email', \ +err "replace into grp_mem_s values($qgname, '$user', 'email', \ 'string', '$4', NULL);" - query "replace into grp_mem_s values('$1', '$user', 'email', \ + query "replace into grp_mem_s values($qgname, '$user', 'email', \ 'string', '$4', NULL);" if [ -n "$5" ]; then # as ADMIN # Coming here means newly created group sql="select case\ - when (select count(*) from grp_mem where gname='$1')=1\ + when (select count(*) from grp_mem where gname=$qgname)=1\ then (select user from grp_mem\ - where gname='$1' and user='$user')\ + where gname=$qgname and user='$user')\ else '' end;" err NewGrpChk: $sql if [ -n "`query \"$sql\"`" ]; then - err ADMIN: "replace into grp_adm values('$1', '$user');" - query "replace into grp_adm values('$1', '$user');" + err ADMIN: "replace into grp_adm values($qgname, '$user');" + query "replace into grp_adm values($qgname, '$user');" fi fi else @@ -1479,21 +1485,26 @@ fi } grp_reg_adm() { - # $1=grp $2=user-rowid - if ! isgrpowner $user $1; then - echo "<p>$1 グループの管理者しかこの操作はできません。"; return + # $1=grp-rowid $2=user-rowid + grp=`getgroupbyid "$1"` + if [ -z "$grp" ]; then + echo "<p>無効なグループIDです</p>"; return + fi + if ! isgrpowner $user "$grp"; then + echo "<p>$grp グループの管理者しかこの操作はできません。"; return fi newadm=`query "select name from user where rowid=$2;"` if [ -z "$newadm" ]; then echo "<p>指定ユーザIDがおかしいようです。</p>"; return fi -err GRP_reg_adm: "replace into grp_adm values('$1', '$newadm');" -err ismember $newadm $1 - if ismember $newadm $1; then +err GRP_reg_adm: "replace into grp_adm values(`sqlquote $grp`, '$newadm');" +err ismember $newadm $grp + if ismember $newadm $grp; then # OK, go ahead - query "replace into grp_adm values('$1', '$newadm');" + getgname="(select gname from grp where rowid=$1)" + query "replace into grp_adm values($getgname, '$newadm');" # confirm insertion - sql="select * from grp_adm where gname='$1' and user='$newadm'" + sql="select * from grp_adm where gname=$getgname and user='$newadm'" if [ -n "`query \"$sql;\"`" ]; then echo "<p>追加完了</p>" else @@ -1821,6 +1832,8 @@ form="" val="" if [ -n "$rowid" ]; then val=`getvalbyid $2 $name $rowid $tmpd` +err genform3a: getvalbyid $2 $name $rowid $tmpd +err genform3b: val="[$val]" fi if [ -n "$GF_VIEWONLY" ]; then is_hidden "$2" "$name" && continue