Improving sql_getuser procedure

author Jean-Marc Pigeon (Delson) <jmp@safe.ca>

Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)

committer Jean-Marc Pigeon (Delson) <jmp@safe.ca>

Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)
author Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)
committer Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)
diff --git a/lib/devsql.c b/lib/devsql.c

index 862cbf1ee355a15be40d38196f0097faf86c6cd9..13be582fa3beec64b40fa12ff3230e0299e0aeac 100644 (file)
--- a/lib/devsql.c
+++ b/lib/devsql.c
@@ -428,7 +428,7 @@ return cleanstr;
  /*      known within database.                          */
  /*                                                      */
  /********************************************************/
-PUBLIC USRTYP *sql_getusr(SQLPTR *sqlptr,char *email)
+PUBLIC USRTYP *sql_getusr(SQLPTR *sqlptr,char *email,USRTYP **usr)
  
  {
  #define OPEP    "devsql.c:sql_getuser,"
@@ -443,13 +443,11 @@ const char *usrfield[]={
            (char *)0
            };
  
-USRTYP *usr;
  SQLTYP *sql;
  SQLRES *rs;
  int phase;
  _Bool proceed;
  
-usr=(USRTYP *)0;
  sql=(SQLTYP *)sqlptr;
  rs=(SQLRES *)0;
  phase=0;
@@ -461,42 +459,20 @@ while (proceed==true) {
          (void) rou_alert(0,"%s SQL pointer is NUll (Bug?)",OPEP);
          phase=999;
          }
-      break;
-    case 1      :       //is email defined?
-      if ((email==(char *)0)||(strlen(email)==0)) {
-        (void) rou_alert(0,"%s Email <%s> is NUll or empty (Bug?)",OPEP,email);
+      if (sql_check_key(email)==false) {
+        (void) rou_alert(0,"%s %s table, key <%s> not acceptable!",
+                            OPEP,EMAILS,email);
          phase=999;
          }
        break;
-    case 2      :       //check email structure
-      for (int i=0,l=strlen(email);i<l;i++) {
-        register char car;
-      
-        car=email[i];
-        switch (car) {
-          case '@'      :
-          case '.'      :
-            continue;
-            break;
-          default       :
-            if (isalnum((int)car)!=0)
-              continue;
-            break;
-          }
-        (void) rou_alert(0,"%s Email <%s> not accepted, '%c' not an email char",
-                            OPEP,email,car);
-        phase=999; 
-        break;
-        }
-      break;
-    case 3      :       //getting user information
+    case 1      :       //getting user information
        if ((rs=gettupple(sql,SELUSR,SELFROM,EMAILS,email))==(SQLRES *)0) {
          (void) rou_alert(0,"%s Unable to get data for user <%s> (Database?)",
                              OPEP,email);
          phase=999;      //Trouble trouble
          } 
        break;
-    case 4      :       //do we have a user information?
+    case 2      :       //do we have a user information?
        int nbr;
  
        nbr=nbrtupple(sql,rs);
@@ -518,8 +494,11 @@ while (proceed==true) {
            break;
          }
        break;
-    case 5      :       //extracting user data
-      usr=(USRTYP *)calloc(1,sizeof(USRTYP));
+    case 3      :       //preparing user data
+      *usr=sql_freeusr(*usr);
+      *usr=(USRTYP *)calloc(1,sizeof(USRTYP));
+      break;
+    case 4      :       //extracting user data
        for (int i=0;usrfield[i]!=(char *)0;i++) {
          char *locval;
        
@@ -527,16 +506,16 @@ while (proceed==true) {
            continue;
          switch (i) {
            case 0        :       //user email
-            usr->email=strdup(locval);
+            (*usr)->email=strdup(locval);
              break;
            case 1        :       //user passwd
-            usr->passwd=strdup(locval);
+            (*usr)->passwd=strdup(locval);
              break;
            case 2        :       //user used space
-            usr->space=atoi(locval);
+            (*usr)->space=atoi(locval);
              break;
            case 3        :       //user max space available
-            usr->mxspace=atoi(locval);
+            (*usr)->mxspace=atoi(locval);
              break;
            default       :
              (void) rou_alert(0,"%s field <%s> not used (Bug?)",OPEP,usrfield[i]);
@@ -551,7 +530,7 @@ while (proceed==true) {
      }
    phase++;
    }
-return usr;
+return *usr;
  
  #undef  SELUSR
  #undef  OPEP
diff --git a/lib/devsql.h b/lib/devsql.h

index d128216b61080a0580f13e344f02c6a0ca384eab..ecf1dfbf0bf8f56cd3a086e07141a348b560fb11 100644 (file)
--- a/lib/devsql.h
+++ b/lib/devsql.h
@@ -24,6 +24,6 @@ extern SQLPTR *sql_closesql(SQLPTR *sqlptr);
  extern char *sql_cleanstr(SQLPTR *sqlptr,char *str);
  
  //procedure to get information on exiting user
-extern USRTYP *sql_getusr(SQLPTR *sqlptr,char *email);
+extern USRTYP *sql_getusr(SQLPTR *sqlptr,char *email,USRTYP **usr);
  
  #endif
diff --git a/lib/lvleml.c b/lib/lvleml.c

index 7de19f3fe4743dee16333690a1363e324bbdb247..3eb8366515002708042e2b7a85319976ac5bf781 100644 (file)
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -279,7 +279,7 @@ proceed=true;
  while (proceed==true) {
    switch (phase) {
      case 0      :       //is user a local user
-      if ((usr=sql_getusr(contact->sqlptr,rcptto))==(USRTYP *)0) {
+      if ((usr=sql_getusr(contact->sqlptr,rcptto,&usr))==(USRTYP *)0) {
          (void) transmit(contact,true,"%d 5.6.5 <%s> unknown user",UKNUSER,rcptto);
          phase=999;      //No user found in database
          }
diff --git a/lib/unisql.c b/lib/unisql.c

index 3c63376783ad5ec096cb7c9d9841cb53ac7456ff..e2dd00575fb17e41d74ad233283f635362048392 100644 (file)
--- a/lib/unisql.c
+++ b/lib/unisql.c
@@ -156,3 +156,46 @@ while (proceed==true) {
    phase++;
    }
  }
+/*
+\f
+*/
+/************************************************/
+/*                                             */
+/*     Routine to check if key is acceptable   */
+/*      to be used as a search element.         */
+/*      return true if OK.                      */
+/*                                             */
+/************************************************/
+PUBLIC _Bool sql_check_key(char *key)
+
+{
+#define OPEP    "unisql.c:sql_check_key,"
+
+_Bool isok;
+
+isok=true;
+if ((key!=(char *)0)&&(strlen(key)>0)) {
+  for (int i=0,l=strlen(key);i<l;i++) {
+    register char car;
+
+    car=key[i];
+    switch (car) {
+      case '@'      :
+      case '.'      :
+        continue;
+        break;
+      default       :
+        if (isalnum((int)car)!=0)
+          continue;
+        break;
+      }
+    isok=false;
+    (void) rou_alert(0,"%s search key <%s> not accepted, '%c' is not "
+                       "an acceptable char",OPEP,key,car);
+    break;      //no need to check further
+    }
+  }
+return isok;
+
+#undef OPEP
+}
diff --git a/lib/unisql.h b/lib/unisql.h

index d0da83908542d21f2601373ed47f48456f638e65..1f4b1984c11376c5efe0fa187c140e77a04f1f6f 100644 (file)
--- a/lib/unisql.h
+++ b/lib/unisql.h
@@ -20,7 +20,10 @@ typedef struct  {
  //procedure to free space used by an USRTYP
  extern USRTYP *sql_freeusr(USRTYP *usr);
  
-//PRocedure to check if string is properly coded according DB_LANG
+//Procedure to check if string is properly coded according DB_LANG
  extern void sql_checkencoding(char *strencoded);
  
+//Procedure to check if a SQL key is acceptable
+extern _Bool sql_check_key(char *key);
+
  #endif
author	Jean-Marc Pigeon (Delson) <jmp@safe.ca>
	Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)
committer	Jean-Marc Pigeon (Delson) <jmp@safe.ca>
	Fri, 27 Jun 2025 04:39:09 +0000 (00:39 -0400)
lib/devsql.c		patch \| blob \| history
lib/devsql.h		patch \| blob \| history
lib/lvleml.c		patch \| blob \| history
lib/unisql.c		patch \| blob \| history
lib/unisql.h		patch \| blob \| history