2017-11-20 14:17:24 +08:00
|
|
|
#include "Session.h"
|
|
|
|
#include "Util.h"
|
|
|
|
#include "json.hpp"
|
|
|
|
#include "jsonfail.h"
|
|
|
|
using namespace std;
|
|
|
|
using json=nlohmann::json;
|
|
|
|
|
|
|
|
#define postval(NAME) string NAME=req.post[#NAME]
|
|
|
|
#define gpostval(NAME) NAME=new string;*NAME=req.post[#NAME]
|
|
|
|
#define tpostval(NAME) string* NAME=nullptr; do { if(postexist(#NAME)) { gpostval(NAME); } }while(0)
|
|
|
|
|
|
|
|
int main()
|
|
|
|
{
|
|
|
|
Request req;
|
|
|
|
Session se(req);
|
|
|
|
Response res;
|
|
|
|
json j;
|
|
|
|
|
|
|
|
auto jsonfail=[&](int errcode,const string& detail="")
|
|
|
|
{
|
|
|
|
j["success"]=0;
|
|
|
|
j["errcode"]=errcode;
|
|
|
|
j["errmsg"]=string(GetErrMsg(errcode))+" : "+detail;
|
|
|
|
};
|
|
|
|
|
|
|
|
/// Used by Marco: tpostval(NAME)
|
|
|
|
auto postexist=[&](const string& key)->bool
|
|
|
|
{
|
|
|
|
return req.post.find(key)!=req.post.end();
|
|
|
|
};
|
|
|
|
|
|
|
|
do
|
|
|
|
{
|
|
|
|
if(!se.isReady())
|
|
|
|
{
|
|
|
|
jsonfail(err_session);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if(se.isNew()||se.getUser().empty())
|
|
|
|
{
|
|
|
|
jsonfail(err_need_login);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(req.requestMethod!="POST")
|
|
|
|
{
|
|
|
|
jsonfail(err_method_not_supported);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(req.post["book_key"].empty())
|
|
|
|
{
|
|
|
|
jsonfail(err_missing_parameter);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
postval(book_key);
|
|
|
|
int book_key_real=ParseInt(book_key);
|
|
|
|
if(book_key_real<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_parameter,"Book Key Parse Error");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
DBInfo db;
|
|
|
|
MySQLConn conn;
|
|
|
|
if(db.readConfig()<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_config);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(db.connectProxy(conn)<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_connect);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Check Permission
|
|
|
|
int permission_level;
|
|
|
|
if(conn.exec(make_str("select permission_level from bs_user where username='",
|
|
|
|
se.getUser(),
|
|
|
|
"'"),
|
|
|
|
[&](MySQLResult& res)
|
|
|
|
{
|
|
|
|
res.stepRow([&](char** val,unsigned long* len)
|
|
|
|
{
|
|
|
|
permission_level=ParseInt(val[0]);
|
|
|
|
});
|
|
|
|
})<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_sql,"Step 1");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(permission_level>1)
|
|
|
|
{
|
|
|
|
/// Permission Denied.
|
|
|
|
jsonfail(err_permission_denied);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Try to verify book_key (class_id)
|
|
|
|
int count_class_id_val;
|
|
|
|
if(conn.exec(make_str("select count(class_id) from bs_book where class_id=",
|
|
|
|
book_key_real),
|
|
|
|
[&](MySQLResult& res)
|
|
|
|
{
|
|
|
|
res.stepRow([&](char** val,unsigned long* len)
|
|
|
|
{
|
|
|
|
count_class_id_val=ParseInt(val[0]);
|
|
|
|
});
|
|
|
|
})<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_sql,"Step 2");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(count_class_id_val!=1)
|
|
|
|
{
|
|
|
|
/// Failed to verify
|
|
|
|
jsonfail(err_data,"Cannot verify book key.");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Try to fetch values.
|
|
|
|
tpostval(isbn);
|
|
|
|
tpostval(bookname);
|
|
|
|
tpostval(booktype);
|
|
|
|
tpostval(author);
|
|
|
|
tpostval(publisher);
|
|
|
|
tpostval(pubdate);
|
|
|
|
tpostval(status);
|
|
|
|
|
|
|
|
if(status!=nullptr)
|
|
|
|
{
|
|
|
|
int _in_status=ParseInt(*status);
|
|
|
|
if(_in_status<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_parameter,"Status parse failed.");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Verify status
|
|
|
|
int status_cnt;
|
|
|
|
if(conn.exec(make_str("select count(status) from bs_meta_book where status=",
|
|
|
|
_in_status),
|
|
|
|
[&](MySQLResult& res)
|
|
|
|
{
|
|
|
|
res.stepRow([&](char** val,unsigned long* len)
|
|
|
|
{
|
|
|
|
status_cnt=ParseInt(val[0]);
|
|
|
|
});
|
|
|
|
})<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_sql,"Step 3");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(status_cnt!=1)
|
|
|
|
{
|
|
|
|
jsonfail(err_data,"Cannot verify status");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(conn.exec(make_str("update bs_book set status=",_in_status),nullptr)<0)
|
|
|
|
{
|
|
|
|
jsonfail(err_sql,"Step 4 status");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(conn.getAffectedRows()!=1)
|
|
|
|
{
|
|
|
|
jsonfail(err_sql_logic,"status");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#define doUpdate(NAME,SETNAME) \
|
|
|
|
if(NAME!=nullptr) \
|
|
|
|
{\
|
|
|
|
if((*NAME).empty()) \
|
|
|
|
{\
|
|
|
|
*NAME="null";\
|
|
|
|
}\
|
|
|
|
else\
|
|
|
|
{\
|
|
|
|
*NAME=make_str("'",(*NAME),"'");\
|
|
|
|
}\
|
|
|
|
if(conn.exec(make_str("update bs_book set ",SETNAME,"=",\
|
|
|
|
*NAME,\
|
|
|
|
" where class_id=",\
|
|
|
|
book_key_real),nullptr)<0)\
|
|
|
|
{\
|
|
|
|
jsonfail(err_sql,make_str("Step 4 ",SETNAME));\
|
|
|
|
break;\
|
|
|
|
}\
|
|
|
|
if(conn.getAffectedRows()!=1)\
|
|
|
|
{\
|
|
|
|
jsonfail(err_sql_logic,SETNAME);\
|
|
|
|
break;\
|
|
|
|
}\
|
|
|
|
}
|
|
|
|
|
|
|
|
doUpdate(isbn,"isbn");
|
|
|
|
doUpdate(bookname,"name");
|
|
|
|
doUpdate(booktype,"book_type");
|
|
|
|
doUpdate(author,"author");
|
|
|
|
doUpdate(publisher,"publisher");
|
|
|
|
doUpdate(pubdate,"publish_time");
|
|
|
|
|
|
|
|
j["success"]=1;
|
|
|
|
}while(0);
|
|
|
|
|
|
|
|
res.content.append(j.dump());
|
|
|
|
res.show();
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|