diff options
Diffstat (limited to 'src/com/juick/server/UserQueries.java')
-rw-r--r-- | src/com/juick/server/UserQueries.java | 218 |
1 files changed, 218 insertions, 0 deletions
diff --git a/src/com/juick/server/UserQueries.java b/src/com/juick/server/UserQueries.java new file mode 100644 index 00000000..97cae91f --- /dev/null +++ b/src/com/juick/server/UserQueries.java @@ -0,0 +1,218 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.server; + +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.Random; + +/** + * + * @author Ugnich Anton + */ +public class UserQueries { + + static final String ABCDEF = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + + public static com.juick.User getUserByNick(Connection sql, String username) { + com.juick.User user = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT id,nick FROM users WHERE nick=?"); + stmt.setString(1, username); + rs = stmt.executeQuery(); + if (rs.first()) { + user = new com.juick.User(); + user.UID = rs.getInt(1); + user.UName = rs.getString(2); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return user; + } + + public static String getJIDbyUID(Connection sql, int UID) { + String jid = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT jid FROM jids WHERE user_id=? AND active=1"); + stmt.setInt(1, UID); + rs = stmt.executeQuery(); + if (rs.first()) { + jid = rs.getString(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return jid; + } + + public static int getUIDbyHash(Connection sql, String hash) { + int UID = 0; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT user_id FROM logins WHERE hash=?"); + stmt.setString(1, hash); + rs = stmt.executeQuery(); + if (rs.first()) { + UID = rs.getInt(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return UID; + } + + public static com.juick.User getUserByHash(Connection sql, String hash) { + com.juick.User user = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT logins.user_id,users.nick FROM logins INNER JOIN users ON logins.user_id=users.id WHERE logins.hash=?"); + stmt.setString(1, hash); + rs = stmt.executeQuery(); + if (rs.first()) { + user = new com.juick.User(); + user.UID = rs.getInt(1); + user.UName = rs.getString(2); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return user; + } + + public static String getHashByUID(Connection sql, int uid) { + String hash = null; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT logins.hash FROM logins WHERE user_id=?"); + stmt.setInt(1, uid); + rs = stmt.executeQuery(); + if (rs.first()) { + hash = rs.getString(2); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + if (hash == null) { + hash = generateHash(16); + try { + stmt = sql.prepareStatement("INSERT INTO logins(user_id,hash) VALUES (?,?)"); + stmt.setInt(1, uid); + stmt.setString(2, hash); + stmt.executeUpdate(); + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + } + + return hash; + } + + public static String generateHash(int len) { + Random rnd = new Random(); + StringBuilder sb = new StringBuilder(len); + for (int i = 0; i < len; i++) { + sb.append(ABCDEF.charAt(rnd.nextInt(ABCDEF.length()))); + } + return sb.toString(); + } + + public static int checkPassword(Connection sql, String username, String password) { + int uid = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT id,passw FROM users WHERE nick=?"); + stmt.setString(1, username); + rs = stmt.executeQuery(); + if (rs.first()) { + if (password.equals(rs.getString(2))) { + uid = rs.getInt(1); + } else { + uid = -1; + } + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return uid; + } + + public static int getUserOptionInt(Connection sql, int uid, String option, int defaultValue) { + int ret = defaultValue; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT " + option + " FROM useroptions WHERE user_id=?"); + stmt.setInt(1, uid); + rs = stmt.executeQuery(); + if (rs.first()) { + ret = rs.getInt(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return ret; + } + + public static void setUserOptionInt(Connection sql, int uid, String option, int value) { + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE useroptions SET " + option + "=? WHERE user_id=?"); + stmt.setInt(1, value); + stmt.setInt(2, uid); + stmt.executeUpdate(); + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + } +} |