aboutsummaryrefslogtreecommitdiff
path: root/src/com/juick/server/UserQueries.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/com/juick/server/UserQueries.java')
-rw-r--r--src/com/juick/server/UserQueries.java218
1 files changed, 218 insertions, 0 deletions
diff --git a/src/com/juick/server/UserQueries.java b/src/com/juick/server/UserQueries.java
new file mode 100644
index 00000000..97cae91f
--- /dev/null
+++ b/src/com/juick/server/UserQueries.java
@@ -0,0 +1,218 @@
+/*
+ * Juick
+ * Copyright (C) 2008-2011, Ugnich Anton
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.juick.server;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.Random;
+
+/**
+ *
+ * @author Ugnich Anton
+ */
+public class UserQueries {
+
+ static final String ABCDEF = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+
+ public static com.juick.User getUserByNick(Connection sql, String username) {
+ com.juick.User user = null;
+
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT id,nick FROM users WHERE nick=?");
+ stmt.setString(1, username);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ user = new com.juick.User();
+ user.UID = rs.getInt(1);
+ user.UName = rs.getString(2);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+ return user;
+ }
+
+ public static String getJIDbyUID(Connection sql, int UID) {
+ String jid = null;
+
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT jid FROM jids WHERE user_id=? AND active=1");
+ stmt.setInt(1, UID);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ jid = rs.getString(1);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+
+ return jid;
+ }
+
+ public static int getUIDbyHash(Connection sql, String hash) {
+ int UID = 0;
+
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT user_id FROM logins WHERE hash=?");
+ stmt.setString(1, hash);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ UID = rs.getInt(1);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+ return UID;
+ }
+
+ public static com.juick.User getUserByHash(Connection sql, String hash) {
+ com.juick.User user = null;
+
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT logins.user_id,users.nick FROM logins INNER JOIN users ON logins.user_id=users.id WHERE logins.hash=?");
+ stmt.setString(1, hash);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ user = new com.juick.User();
+ user.UID = rs.getInt(1);
+ user.UName = rs.getString(2);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+ return user;
+ }
+
+ public static String getHashByUID(Connection sql, int uid) {
+ String hash = null;
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT logins.hash FROM logins WHERE user_id=?");
+ stmt.setInt(1, uid);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ hash = rs.getString(2);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+
+ if (hash == null) {
+ hash = generateHash(16);
+ try {
+ stmt = sql.prepareStatement("INSERT INTO logins(user_id,hash) VALUES (?,?)");
+ stmt.setInt(1, uid);
+ stmt.setString(2, hash);
+ stmt.executeUpdate();
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(null, stmt);
+ }
+ }
+
+ return hash;
+ }
+
+ public static String generateHash(int len) {
+ Random rnd = new Random();
+ StringBuilder sb = new StringBuilder(len);
+ for (int i = 0; i < len; i++) {
+ sb.append(ABCDEF.charAt(rnd.nextInt(ABCDEF.length())));
+ }
+ return sb.toString();
+ }
+
+ public static int checkPassword(Connection sql, String username, String password) {
+ int uid = 0;
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT id,passw FROM users WHERE nick=?");
+ stmt.setString(1, username);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ if (password.equals(rs.getString(2))) {
+ uid = rs.getInt(1);
+ } else {
+ uid = -1;
+ }
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+ return uid;
+ }
+
+ public static int getUserOptionInt(Connection sql, int uid, String option, int defaultValue) {
+ int ret = defaultValue;
+
+ PreparedStatement stmt = null;
+ ResultSet rs = null;
+ try {
+ stmt = sql.prepareStatement("SELECT " + option + " FROM useroptions WHERE user_id=?");
+ stmt.setInt(1, uid);
+ rs = stmt.executeQuery();
+ if (rs.first()) {
+ ret = rs.getInt(1);
+ }
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(rs, stmt);
+ }
+ return ret;
+ }
+
+ public static void setUserOptionInt(Connection sql, int uid, String option, int value) {
+ PreparedStatement stmt = null;
+ try {
+ stmt = sql.prepareStatement("UPDATE useroptions SET " + option + "=? WHERE user_id=?");
+ stmt.setInt(1, value);
+ stmt.setInt(2, uid);
+ stmt.executeUpdate();
+ } catch (SQLException e) {
+ System.err.println(e);
+ } finally {
+ Utils.finishSQL(null, stmt);
+ }
+ }
+}