#include "Session.h" #include "Util.h" #include "json.hpp" #include "jsonfail.h" using namespace std; using json=nlohmann::json; #define postval(NAME) string NAME=req.post[#NAME] #define gpostval(NAME) NAME=new string;*NAME=req.post[#NAME] #define tpostval(NAME) string* NAME=nullptr; do { if(postexist(#NAME)) { gpostval(NAME); } }while(0) int main() { Request req; Session se(req); Response res; json j; auto jsonfail=[&](int errcode,const string& detail="") { j["success"]=0; j["errcode"]=errcode; j["errmsg"]=string(GetErrMsg(errcode))+" : "+detail; }; /// Used by Marco: tpostval(NAME) auto postexist=[&](const string& key)->bool { return req.post.find(key)!=req.post.end(); }; do { if(!se.isReady()) { jsonfail(err_session); break; } if(se.isNew()||se.getUser().empty()) { jsonfail(err_need_login); break; } if(req.requestMethod!="POST") { jsonfail(err_method_not_supported); break; } if(req.post["book_key"].empty()) { jsonfail(err_missing_parameter); break; } postval(book_key); int book_key_real=ParseInt(book_key); if(book_key_real<0) { jsonfail(err_parameter,"Book Key Parse Error"); break; } DBInfo db; MySQLConn conn; if(db.readConfig()<0) { jsonfail(err_config); break; } if(db.connectProxy(conn)<0) { jsonfail(err_connect); break; } /// Check Permission int permission_level; if(conn.exec(make_str("select permission_level from bs_user where username='", se.getUser(), "'"), [&](MySQLResult& res) { res.stepRow([&](char** val,unsigned long* len) { permission_level=ParseInt(val[0]); }); })<0) { jsonfail(err_sql,"Step 1"); break; } if(permission_level>1) { /// Permission Denied. jsonfail(err_permission_denied); break; } /// Try to verify book_key (class_id) int count_class_id_val; if(conn.exec(make_str("select count(class_id) from bs_book where class_id=", book_key_real), [&](MySQLResult& res) { res.stepRow([&](char** val,unsigned long* len) { count_class_id_val=ParseInt(val[0]); }); })<0) { jsonfail(err_sql,"Step 2"); break; } if(count_class_id_val!=1) { /// Failed to verify jsonfail(err_data,"Cannot verify book key."); break; } /// Try to fetch values. tpostval(isbn); tpostval(bookname); tpostval(booktype); tpostval(author); tpostval(publisher); tpostval(pubdate); tpostval(status); if(status!=nullptr) { int _in_status=ParseInt(*status); if(_in_status<0) { jsonfail(err_parameter,"Status parse failed."); break; } /// Verify status int status_cnt; if(conn.exec(make_str("select count(status) from bs_meta_book where status=", _in_status), [&](MySQLResult& res) { res.stepRow([&](char** val,unsigned long* len) { status_cnt=ParseInt(val[0]); }); })<0) { jsonfail(err_sql,"Step 3"); break; } if(status_cnt!=1) { jsonfail(err_data,"Cannot verify status"); break; } if(conn.exec(make_str("update bs_book set status=",_in_status),nullptr)<0) { jsonfail(err_sql,"Step 4 status"); break; } if(conn.getAffectedRows()!=1) { jsonfail(err_sql_logic,"status"); break; } } #define doUpdate(NAME,SETNAME) \ if(NAME!=nullptr) \ {\ if((*NAME).empty()) \ {\ *NAME="null";\ }\ else\ {\ *NAME=make_str("'",(*NAME),"'");\ }\ if(conn.exec(make_str("update bs_book set ",SETNAME,"=",\ *NAME,\ " where class_id=",\ book_key_real),nullptr)<0)\ {\ jsonfail(err_sql,make_str("Step 4 ",SETNAME));\ break;\ }\ if(conn.getAffectedRows()!=1)\ {\ jsonfail(err_sql_logic,SETNAME);\ break;\ }\ } doUpdate(isbn,"isbn"); doUpdate(bookname,"name"); doUpdate(booktype,"book_type"); doUpdate(author,"author"); doUpdate(publisher,"publisher"); doUpdate(pubdate,"publish_time"); j["success"]=1; }while(0); res.content.append(j.dump()); res.show(); return 0; }