Mercurial > hgrepos > hgweb.cgi > s4
changeset 16:636df1c1bdf2
Track group by rowid in URLs
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Tue, 21 Jul 2015 14:38:21 +0900 |
parents | 5e75802f2f0b |
children | 01f579d2c889 |
files | y4-blog.sh y4-funcs.sh y4.cgi |
diffstat | 3 files changed, 74 insertions(+), 30 deletions(-) [+] |
line wrap: on
line diff
--- a/y4-blog.sh Tue Jul 21 14:37:00 2015 +0900 +++ b/y4-blog.sh Tue Jul 21 14:38:21 2015 +0900 @@ -284,7 +284,7 @@ blog_addentry() { # $1=GRPname(if it is a group) - grp=$1 + grprowid=$1 rowid=`getpar rowid` err ba: rowid=$rowid #if [ -z "$rowid" ]; then @@ -293,8 +293,9 @@ listing=$user guide="[個人]" #listing代入は rowid 時でもするべき else - if isgroup $1; then - listing=$1 guide="[${1}]" GF_OWNER=$1 + grp=`getgroupbyid $grprowid` + if [ -n "$grp" ]; then + listing=$1 guide="[${grp}]" GF_OWNER=$grp else echo "<p>無効なグループ指定です。</p>" return @@ -355,7 +356,8 @@ if isuser "$owner"; then subtitle="`gecos $owner` さんの話題" else - subtitle="<a href=\"?grp+$owner\">`gecos $owner`</a> での話題" + grprowid=`query "select rowid from grp where gname=\"$owner\";"` + subtitle="<a href=\"?grp+$grprowid\">`gecos $owner`</a> での話題" fi if [ -z "$title" ]; then echo "<p>日記番号指定が無効です。</p>"
--- a/y4-funcs.sh Tue Jul 21 14:37:00 2015 +0900 +++ b/y4-funcs.sh Tue Jul 21 14:38:21 2015 +0900 @@ -16,7 +16,7 @@ layout=$templ/default formdir=$templ/form imgdir=img -url=${URL:-"${REQUEST_SCHEME}://$HTTP_HOST$REQUEST_URI"} +url=${URL:-"${REQUEST_SCHEME:-http${HTTPS:+s}}://$HTTP_HOST$REQUEST_URI"} urlbase=${url%%\?*} msg=$templ/msg timeout="+2 days" @@ -311,20 +311,30 @@ } ismember() { # $1=user, $2=group -err ismem: "select user from grp_mem where gname='$2' and user='$1';" - test -n "`query \"select user from grp_mem where gname='$2' and user='$1';\"`" +err ismem: "select user from grp_mem where gname=$(sqlquote $2) and user='$1';" + test -n "`query \"select user from grp_mem where gname=$(sqlquote $2) and user='$1';\"`" } isuser() { # Check if $1 is a valid user test -n "`query \"select name from user where name='$1';\"`" } isgroup() { # Check if $1 is a valid group - test -n "`query \"select gname from grp where gname='$1';\"`" + err isgroup: "select gname from grp where gname=$(sqlquote $1);" + test -n "`query \"select gname from grp where gname=$(sqlquote $1);\"`" } -isgrpowner() { +isgrpowner() ( # $1=user, $2=group - test -n "`query \"select user from grp_adm - where gname='$2' and user='$1';\"`" -} + gn=`sqlquote "$2"` + sql="select user from grp_adm where gname=$gn and user='$1';" + err isgrpowner: $sql + test -n "`query $sql`" +) +getgroupbyid() ( + # $1=id|gname + sql="select coalesce((select gname from grp where gname=$(sqlquote $1)), + (select gname from grp where rowid=$(sqlquote $1)));" +err ggbyid: `echo $sql` + query $sql +) isfilereadable() { # $1=user $2=tbl $3=rowid # Return true if user($1) can read attachment files in tbl($2):rowid($3) [ -z "$1" -o -z "$2" -o -z "$3" ] && return 1 # invalid argument @@ -384,22 +394,30 @@ fi } gecos() ( - u=${1:-$user} + u=`sqlquote ${1:-$user}` #gecos=`query "select val from user_s where name='$u' and key='gecos';"` - sql="select case when (select name from user where name='$u') is not null - then (select val from user_s where name='$u' and key='gecos') - when (select gname from grp where gname='$u') is not null - then (select val from grp_s where gname='$u' and key='gecos') - else '$u' + sql="select case when (select name from user where name=$u) is not null + then (select val from user_s where name=$u and key='gecos') + when (select gname from grp where gname=$u) is not null + then (select val from grp_s where gname=$u and key='gecos') + else $u end;" query "$sql" ) +setpar() { + query "replace into par values('$session', '$1', '$2', \"$3\");" +} +replpar() { + query "update par set val=\"$3\" where sessid='$session' and var='$1' and type='$2';" +} getpar() { err getpar: "select val from par where var='$1' and sessid='$session' $2;" val=`query "select val from par where var='$1' and sessid='$session' $2;"` +err getpar/val1: "val=[$val]" if [ -z "$val" ]; then val=`query "select val from cookie where var='$1' and sessid='$session' $2;"` fi +err getpar/val2: "val=[$val]" case "$var" in owner) if [ x"$user" = x"$val" ]; then @@ -408,6 +426,7 @@ echo $val; return fi ;; esac +err getpar/ret: "val=[$val]" echo "$val" } @@ -964,7 +983,7 @@ k=${us%%\=*} #echo u=$us #v="`echo ${us#*=}|nkf -Ww -mQ|sed -e 's/\"/\"\"/g'`" - v="`echo ${us#*=}|unhexize`" + v="`echo ${us#*=}|unhexize|sed -e 's/\"/\"\"/g'`" # err k=$k v=$v case "$k" in *:filename) @@ -980,7 +999,8 @@ type='string' ;; esac - sq $db "replace into par values('$session', '$k', '$type', \"$v\")" + #sq $db "replace into par values('$session', '$k', '$type', \"$v\")" + setpar "$k" "$type" "$v" done ;; *) @@ -1085,8 +1105,10 @@ GF_ACTION="?home" edittable "$formdir/user.def" "user" "$user" } groupconf() { + # $1=rowid in grp (2015-07-21 changed from gname) m4 -D_BODYCLASS_=groupconf -D_TITLE_="グループ情報編集" $layout/html.m4.html - rowid=`query "select rowid from grp where gname='$1';"` + #rowid=`query "select rowid from grp where gname='$1';"` + rowid=${1%%[!A-Z0-9a-z_]*} err gcon \$1=$1 rowid=$rowid GF_ACTION="?grp+$1" edittable "$formdir/grp.def" "grp" "$rowid" } @@ -1173,7 +1195,7 @@ else # if group hrb="$myname?grp" deficon=person-default.png - entity="グループ" tbl=grp link=gname nm=gname stage=grps + entity="グループ" tbl=grp link=rowid nm=gname stage=grps tagline=`grep :tag: $formdir/grp.def|cut -d: -f5-` if [ -n "$tagline" ]; then tagconv=`echo $tagline|sed 's/\([^= :]*\)=\([^= :]*\)/-D\2=\1/g'` @@ -1189,9 +1211,11 @@ fi # XX: これ複雑すぎるかな。もっとシンプルにしたい。$3条件も。2015-07-08 + qgrp=`sqlquote $grp` + qgrp=${qgrp:-'""'} sql="select a.rowid, a.$link, coalesce(b.gecos, a.$nm) as nick, b.tag, case when a.$nm in (select user from grp_adm - where gname='$grp') then '(管理者)' -- from group mode + where gname=$qgrp) then '(管理者)' -- from group mode when '$user' in (select user from grp_adm where gname=a.$nm) then '(ADMIN)' when '$iamowner' = '' then '' @@ -1203,6 +1227,7 @@ from ${tbl}_s group by $nm) b on a.$nm=b.name $cond $3 order by b.tag desc, a.rowid asc" +err LE:sql.1="$sql" total=`query "with x as ($sql) select count(*) from x;"` echo "<h2>${entity} 一覧</h2>" if [ $total -gt $limit ]; then @@ -1239,7 +1264,8 @@ query "$sql limit $limit ${offset:+offset $offset};" \ | while IFS='|' read id lnk name tag ownerp; do -err name=$name owner=$ownerp +err name=$name owner=$ownerp lnk=$lnk +err newlnk=$lnk files=`getvalbyid $tbl profimg $id $dir` # Pick up only first icon echo "<div class=\"iconlist xy$thumbxy\"><p class=\"tag _$tag\">$tag</p>" \ @@ -1262,12 +1288,14 @@ } showgroup() { grp=$1 +err showgroup1: grp=$grp qgrp="[$(sqlquote $grp)]" gname=`getpar gname` if [ -n "$gname" ]; then - err REMOVING::::::: + err UPdating/Removing of group::::::: par2table $formdir/grp.def fi +err showgroup2: grp=$grp qgrp="[$(sqlquote $grp)]" if isgroup "$grp"; then showgroupsub $formdir/grp.def "$grp" | \ m4 -D_TITLE_="グループ $grp" \ @@ -1281,20 +1309,22 @@ showgroupsub() { # $1=def-file $2=group grp=$2 - rowid=`sq $db "select rowid from grp where gname='$grp'"` + qgrp=`sqlquote $grp` + rowid=`sq $db "select rowid from grp where gname=$qgrp"` if [ -z "$rowid" ]; then rowid=`sq $db "select rowid from grp where rowid=$grp"` grp=`sq $db "select gname from grp where rowid=$grp"` fi + mmgrp=`echo "$grp"|nkf -Ww -MQ|tr '=' '%'` val=`getvalbyid grp profimg $rowid $tmpd` # 6/14の次グループのHOMEで出す情報を作る Done viewtable $1 grp $rowid if isgrpowner "$user" "$grp"; then - echo "<p><a href=\"?groupconf+$grp\">グループ情報の編集</a>" + echo "<p><a href=\"?groupconf+$rowid\">グループ情報の編集</a>" iamowner=$grp fi if ismember "$user" "$grp"; then - echo "${iamowner:+ / }<a href=\"?blog+$grp\">グループの新規話題作成</a></p>" + echo "${iamowner:+ / }<a href=\"?blog+$rowid\">グループの新規話題作成</a></p>" fi # 加入ボタン + 加入者リスト err ismember $user $grp @@ -1329,7 +1359,7 @@ DT_VIEW=replyblog dumptable html blog 'ctime title heading' "$cond" c="group by b.name having b.name in (select user from grp_mem where gname='$grp')" - cm="?commission+$grp" + cm="?commission+$mmgrp" thumbxy=50x50 listmember "" "$c" \ |sed -e "s|\(<br>\),not=\(.*\)|\1<a href=\"$cm+\2\">管理者委託</a>|" } @@ -1337,6 +1367,7 @@ # $1=group $2=user $3=yes/no $4=email(if any $5=AsAdmin) err joingrp: \$1=$1 \$2=$2 \$3=$3 \$4=$4 isgrpowner "$user" "$1" && isowner="yes" || isowner="" +err jg:isgrpowner: isowner="$isowner" if [ x"$2" != x"$user" ]; then # if user is not login user if [ -z "$isowner" ; then echo "<p>本人か、グループ管理者しか加入操作はできません。</p>"
--- a/y4.cgi Tue Jul 21 14:37:00 2015 +0900 +++ b/y4.cgi Tue Jul 21 14:38:21 2015 +0900 @@ -56,12 +56,21 @@ contenttype; echo gname=`getpar gname` if [ -n "$gname" ]; then + #gname=${gname%%[!-A-Z0-9a-z_.!#$%^&()=:/*]*} + newgname=`echo "$gname"|tr -dc '\-0-9A-Za-z#=:/_.,'` + if [ x"$newgname" != x"$gname" ]; then + err NewGNAME: gname=$newgname + echo "<p>使用禁止文字を除去し $gname としました。</p>" + gname=$newgname + fi + replpar gname string "$gname" par2table $formdir/grp.def joingrp "$gname" "$user" yes "$user" as-admin fi GF_STAGE=groupman + note="<p>グループ名に使用できない文字は自動的に削除されます。</p>" m4 -D_TITLE_="グループ作成" \ - -D_FORM_="`genform $formdir/grp.def`" \ + -D_FORM_="$note`genform $formdir/grp.def`" \ -D_DUMPTABLE_="`DT_VIEW=grp dumptable html grp 'gname gecos:DESC mtime:TIME' 'order by b.TIME desc'`" \ $layout/html.m4.html $layout/groupman.m4.html ;; @@ -108,6 +117,8 @@ contenttype; echo gpg=`getpar grp` grp=${2:-$gpg} + grp=`getgroupbyid "$grp"` +err grp: getpar-grp"(gpg)=[$grp]" ## . ./y4-blog.sh jg=`getpar joingrp` if [ -n "$jg" ]; then