Newer
Older
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
IF pRate < 0 THEN
INSERT INTO logs_rating (StudentID, SubmoduleID, TeacherID, Rate, Action ) VALUES
(pStudentID, pSubmoduleID, pTeacherID, pRate, 'delete');
# TODO: extract method log rate
DELETE FROM rating_table
WHERE rating_table.StudentID = pStudentID AND
rating_table.SubmoduleID = pSubmoduleID
LIMIT 1;
RETURN ROW_COUNT()-1;
END IF;
SET vIsOver = TRUE;
SELECT disciplines.ID,
disciplines.IsLocked,
disciplines.Milestone,
submodules.IsUsed,
submodules.maxRate,
modules.Type
INTO vDisciplineID, vIsLocked, vIsOver, vIsUsed, vMaxRate, vModuleType
FROM submodules
INNER JOIN modules ON submodules.ModuleID = modules.ID
INNER JOIN disciplines ON modules.DisciplineID = disciplines.ID
WHERE submodules.ID = pSubmoduleID
LIMIT 1;
# correct max rate for extra module
IF vModuleType = 4 THEN # 4 - extra
SET vMaxRate = CalculateMaxRateForExtra(vDisciplineID, pStudentID);
END IF;
# 1) check rights
# 2) check, you can't rate regular and bonus after milestone
# 3) check, max rate exceeding
IF NOT InternalIsStudentAttached(pStudentID, vDisciplineID) OR
NOT InternalIsTeacherBound(pTeacherID, vDisciplineID) OR
pRate > vMaxRate OR
(vIsOver AND (vModuleType = 1 OR vModuleType = 3)) # 1 - regular, 3 - bonus
THEN
RETURN -2;
END IF;
# add rate, or update old
SET @isUpdated = FALSE;
INSERT INTO rating_table (StudentID, TeacherID, SubmoduleID, Rate, Date)
VALUES ( pStudentID, pTeacherID, pSubmoduleID, pRate, CURDATE() )
ON DUPLICATE KEY UPDATE
rating_table.TeacherID = (@isUpdated := pTeacherID),
rating_table.Rate = pRate,
rating_table.Date = CURDATE();
# log rate
INSERT INTO logs_rating (StudentID, SubmoduleID, TeacherID, Rate, Action )
VALUES (pStudentID, pSubmoduleID, pTeacherID, pRate, IF(@isUpdated, 'change', 'add') );
# lock discipline for structure editing
IF NOT vIsLocked THEN
UPDATE disciplines
SET disciplines.IsLocked = TRUE
WHERE disciplines.ID = vDisciplineID
LIMIT 1;
END IF;
# add submodule to max rate counting (see triggers)
IF NOT vIsUsed THEN
UPDATE submodules
SET submodules.IsUsed = TRUE
WHERE submodules.ID = pSubmoduleID
LIMIT 1;
END IF;
RETURN 0;
END //
# -------------------------------------------------------------------------------------------
# Label: requests
# -------------------------------------------------------------------------------------------
DROP FUNCTION IF EXISTS SetRequestStatus//
CREATE FUNCTION SetRequestStatus (
pRequestID INT,
pStatus enum('opened','processed','closed')
) RETURNS int(11)
NO SQL
BEGIN
DECLARE EXIT HANDLER FOR SQLEXCEPTION RETURN -1;
UPDATE requests
SET requests.Status = pStatus
WHERE requests.ID = pRequestID
LIMIT 1;
RETURN ROW_COUNT()-1;
END//
-- todo: does it work? HasImage field not found
DROP FUNCTION IF EXISTS CreateRequest//
CREATE FUNCTION CreateRequest (
pAccountID INT,
pTitle VARCHAR(50) CHARSET utf8,
pDescription TEXT CHARSET utf8,
pImage BOOLEAN
) RETURNS int(11)
NO SQL
BEGIN
DECLARE EXIT HANDLER FOR SQLEXCEPTION RETURN -1;
INSERT INTO requests (AccountID, Title, Description, Status, HasImage)
VALUES (pAccountID, pTitle, pDescription, 'opened', pImage);
RETURN LAST_INSERT_ID();
END//
DROP FUNCTION IF EXISTS UpdateRequest//
CREATE FUNCTION UpdateRequest (
pRequestID INT,
pTitle VARCHAR(50) CHARSET utf8,
pDescription TEXT CHARSET utf8
) RETURNS int(11)
NO SQL
BEGIN
DECLARE EXIT HANDLER FOR SQLEXCEPTION RETURN -1;
UPDATE requests
SET requests.Description = pDescription,
requests.Title = pTitle,
requests.Date = NOW()
WHERE requests.ID = pRequestID AND
requests.Description IS NULL AND
requests.Title IS NULL
LIMIT 1;
RETURN ROW_COUNT()-1;
END//
# return StudentID or TeacherID depending on UserRoleID
DROP FUNCTION IF EXISTS GetUserStudentOrTeacherID//
CREATE FUNCTION GetUserStudentOrTeacherID (
pAccountID INT(11),
pUserRoleID INT(11)
) RETURNS INT(11)
READS SQL DATA
BEGIN
DECLARE vID INT DEFAULT -1;
IF pUserRoleID = GetUserRole('student') THEN
SELECT students.ID
INTO vID
FROM students
WHERE students.AccountID = pAccountID
LIMIT 1;
ELSE
SELECT teachers.ID
INTO vID
FROM teachers
WHERE teachers.AccountID = pAccountID
LIMIT 1;
END IF;
RETURN vID;
END//
# -------------------------------------------------------------------------------------------
# Label: recovery
# -------------------------------------------------------------------------------------------
DROP FUNCTION IF EXISTS CreateRecoveryToken//
CREATE FUNCTION CreateRecoveryToken (
pAccountOrEMail VARCHAR(255) CHARSET utf8,
pToken VARCHAR(100) CHARSET utf8
) RETURNS VARCHAR(255) charset utf8
NO SQL
BEGIN
DECLARE vAccountID INT DEFAULT -1;
DECLARE vUserFullName TEXT charset utf8;
DECLARE EXIT HANDLER FOR SQLEXCEPTION RETURN -2;
# get account ID
SELECT accounts.ID INTO vAccountID
FROM accounts
WHERE accounts.EMail = pAccountOrEMail OR
accounts.Login = pAccountOrEMail
LIMIT 1;
IF vAccountID <= 0 THEN
RETURN '';
END IF;
SET vUserFullName = GetUserFullNameByAccountID(vAccountID);
IF vUserFullName IS NULL OR vUserFullName = '' THEN
RETURN '';
END IF;
# transform all unused recovery tokens into used
UPDATE recovery_tokens
SET recovery_tokens.isUsed = 1
WHERE recovery_tokens.isUsed = 0 AND
recovery_tokens.AccountID = vAccountID;
# handle catch constraints violations
INSERT INTO recovery_tokens
( AccountID, Token )
VALUES (vAccountID, pToken);
RETURN vUserFullName;
END//
DROP FUNCTION IF EXISTS GetUserFullNameByAccountID//
CREATE FUNCTION GetUserFullNameByAccountID (
pAccountID INT(11)
) RETURNS VARCHAR(255) charset utf8
READS SQL DATA
BEGIN
DECLARE vUserFullName VARCHAR(255) charset utf8;
DECLARE vChecker INT DEFAULT -1;
# try to find student with that account id
SELECT students.ID, CONCAT(students.LastName,' ',students.FirstName,' ',students.SecondName)
INTO vChecker, vUserFullName
FROM students
WHERE students.AccountID = pAccountID
LIMIT 1;
IF vChecker <= 0 THEN # try to find teacher with that account id
SELECT teachers.ID, CONCAT(teachers.LastName,' ',teachers.FirstName,' ',teachers.SecondName)
INTO vChecker, vUserFullName
FROM teachers
WHERE teachers.AccountID = pAccountID
LIMIT 1;
IF vChecker <= 0 THEN
RETURN '';
END IF;
END IF;
RETURN vUserFullName;
END//
DROP FUNCTION IF EXISTS UseRecoveryToken//
CREATE FUNCTION UseRecoveryToken (
pToken VARCHAR(100) CHARSET utf8
) RETURNS int(11)
NO SQL
BEGIN
DECLARE vChecker INT DEFAULT -1;
# set token used
UPDATE recovery_tokens
SET recovery_tokens.IsUsed = 1
WHERE recovery_tokens.Token = pToken
LIMIT 1;
RETURN ROW_COUNT()-1;
END//
PavelBegunkov
committed
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
# -------------------------------------------------------------------------------------------
# Label: authorization
# -------------------------------------------------------------------------------------------
DROP FUNCTION IF EXISTS SignIn//
CREATE FUNCTION SignIn (
pLoginOrMail VARCHAR(255) CHARSET utf8,
pPassword VARCHAR(64) CHARSET utf8
) RETURNS int(11) # account id
NO SQL
BEGIN
DECLARE vAccountID INT DEFAULT -1;
#check account existence
SELECT accounts.ID INTO vAccountID FROM accounts
WHERE accounts.Password = SHA1(pPassword) AND
(accounts.Login = pLoginOrMail OR accounts.EMail = pLoginOrMail)
LIMIT 1;
IF vAccountID <= 0 THEN
RETURN -1;
END IF;
INSERT INTO logs_signin (AccountID) VALUES (vAccountID);
RETURN vAccountID;
END //
-- returns:
-- -1 : invalid token
-- >0 : accountID
DROP FUNCTION IF EXISTS SignInByToken//
CREATE FUNCTION SignInByToken (pToken char(40) charset ascii) RETURNS int(11) # account id
NO SQL
BEGIN
DECLARE vAccountID INT DEFAULT -1;
SELECT auth_tokens.AccountID INTO vAccountID
FROM auth_tokens
WHERE auth_tokens.Token = pToken
LIMIT 1;
IF vAccountID = -1 THEN
RETURN -1; -- token not found
END IF;
UPDATE auth_tokens
SET Accessed = CURRENT_TIMESTAMP
WHERE auth_tokens.Token = pToken
LIMIT 1;
INSERT INTO logs_signin(AccountID) VALUES (vAccountID);
RETURN vAccountID;
END //
DROP FUNCTION IF EXISTS DeleteAuthToken//
CREATE FUNCTION DeleteAuthToken(pToken char(40) CHARSET ascii) RETURNS int(11)
NO SQL
BEGIN
DELETE FROM auth_tokens
WHERE auth_tokens.Token = pToken;
RETURN ROW_COUNT()-1;
END//
DROP FUNCTION IF EXISTS CreateAuthToken//
CREATE FUNCTION CreateAuthToken(
pAccountID int(11),
pRightMask int(11)
) RETURNS char(40) charset ascii
NO SQL
BEGIN
DECLARE vCounter int(11) DEFAULT 666;
DECLARE vCreated boolean DEFAULT FALSE;
DECLARE vSeed int(11) DEFAULT FLOOR(4294967296 * RAND(CURRENT_TIMESTAMP ^ LAST_INSERT_ID() ^ (pAccountID << 10)));
DECLARE vToken char(40) charset ascii DEFAULT SHA1(vSeed);
WHILE NOT vCreated AND vCounter > 0 DO BEGIN
DECLARE CONTINUE HANDLER FOR SQLEXCEPTION SET vCreated = FALSE;
SET vToken = SHA1(RAND());
INSERT INTO auth_tokens(Token, AccountID, Mask) VALUES (vToken, pAccountID, pRightMask);
SET vCreated = TRUE;
SET vCounter = vCounter - 1;
END; END WHILE;
RETURN IF(vCreated, vToken, '');
END//