s4
changeset 33:54dba4c5e61d
Use group-id, not gname
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Wed, 22 Jul 2015 13:14:06 +0900 |
parents | 280024035566 |
children | 77e2aeb2d7ad |
files | s4-funcs.sh |
diffstat | 1 files changed, 56 insertions(+), 43 deletions(-) [+] |
line diff
1.1 --- a/s4-funcs.sh Wed Jul 22 09:38:28 2015 +0900 1.2 +++ b/s4-funcs.sh Wed Jul 22 13:14:06 2015 +0900 1.3 @@ -509,8 +509,8 @@ 1.4 fi 1.5 done 1.6 pk=`gettblpkey $1` 1.7 -# key=`sq $db "select $pk from $1 where rowid=$3"` 1.8 key=`query "select $pk from $1 where rowid=$3;"` 1.9 + getkey="(select $pk from $1 where rowid=$3)" 1.10 ### err "select $pk from $1 where rowid=$3" - key=$key '$4(tmp)'=$4 1.11 for kt in s m; do 1.12 td=${4:-$tmpd} 1.13 @@ -519,10 +519,9 @@ 1.14 for c in `gettbl_${kt}_cols $1`; do 1.15 vcount=1 # count(val) 1.16 if [ x"$2" = x"$c" ]; then 1.17 - cond="$t where $pk=\"$key\" and key=\"$c\"" 1.18 - ###val=`query "select val from $cond;"` 1.19 + #### cond="$t where $pk=\"$key\" and key=\"$c\"" #2015-07-22 1.20 + cond="$t where $pk=$getkey and key=\"$c\"" 1.21 val=`query "select val from $cond limit 1;"` 1.22 - ###type=`query "select type from $cond;"` 1.23 type=`query "select type from $cond limit 1;"` 1.24 if [ $kt = m ]; then 1.25 ###vcount=`sq $db "select count(val) from $cond"` 1.26 @@ -1202,7 +1201,7 @@ 1.27 # $1=user/group $2=SearchKeyword $3=condition(if any) 1.28 # Referring variable $iamowner=$grp to attach owner-request links 1.29 err listentry: \$1=$1 \$2=$2 \$3=$3 1.30 - cond= 1.31 + cond='' 1.32 offset=`getpar offset` 1.33 offset=${offset%%[!0-9]*} 1.34 offset=$((offset + 0)) # change to numeric forcibly 1.35 @@ -1213,10 +1212,12 @@ 1.36 hrb="$myname?home" 1.37 deficon=person-default.png 1.38 entity="ユーザ" tbl=user link=rowid nm=name stage=mems 1.39 + gcs=gecos 1.40 else # if group 1.41 hrb="$myname?grp" 1.42 deficon=group-default.png 1.43 entity="グループ" tbl=grp link=rowid nm=gname stage=grps 1.44 + gcs=name 1.45 tagline=`grep :tag: $formdir/grp.def|cut -d: -f5-` 1.46 if [ -n "$tagline" ]; then 1.47 tagconv=`echo $tagline|sed 's/\([^= :]*\)=\([^= :]*\)/-D\2=\1/g'` 1.48 @@ -1232,11 +1233,14 @@ 1.49 fi 1.50 1.51 # XX: これ複雑すぎるかな。もっとシンプルにしたい。$3条件も。2015-07-08 1.52 - qgrp=`sqlquote $grp` 1.53 - qgrp=${qgrp:-'""'} 1.54 - sql="select a.rowid, a.$link, coalesce(b.gecos, a.$nm) as nick, b.tag, 1.55 + # grpは呼出し元の動的スコープ変数でよくないな... 1.56 + ##qgrp=`sqlquote $grp` 1.57 + getgrp="(select gname from grp where rowid=${rowid:--1})" 1.58 + sql="select a.rowid, a.$link, coalesce(b.$gcs, a.$nm) as nick, 1.59 + coalesce(b.gecos, a.$nm) as name, 1.60 + b.tag, 1.61 case when a.$nm in (select user from grp_adm 1.62 - where gname=$qgrp) then '(管理者)' -- from group mode 1.63 + where gname=$getgrp) then '(管理者)' -- from group mode 1.64 when '$user' in (select user from grp_adm where gname=a.$nm) 1.65 then '(ADMIN)' 1.66 when '$iamowner' = '' then '' 1.67 @@ -1260,7 +1264,7 @@ 1.68 echo '</div>' 1.69 fi 1.70 cat<<EOF 1.71 - <p>${total}件中の${offset}件めから${kwd:+" - 検索語: $kwd"}</p> 1.72 + <p>${total}件中の$((offset+1))件めから${kwd:+" - 検索語: $kwd"}</p> 1.73 EOF 1.74 if [ $((offset+limit)) -lt $total ]; then 1.75 cat<<EOF 1.76 @@ -1284,7 +1288,7 @@ 1.77 err ListEntry: `echo $sql\;` 1.78 1.79 query "$sql limit $limit ${offset:+offset $offset};" \ 1.80 - | while IFS='|' read id lnk name tag ownerp; do 1.81 + | while IFS='|' read id lnk name gecos tag ownerp; do 1.82 err name=$name owner=$ownerp lnk=$lnk 1.83 err newlnk=$lnk 1.84 files=`getvalbyid $tbl profimg $id $dir` 1.85 @@ -1293,9 +1297,9 @@ 1.86 | m4 $tagconv 1.87 if [ -n "$files" ]; then 1.88 icon=`echo "$files"|head -1` 1.89 - iconhref $dir/$icon "$hrb+$lnk" "$name" 1.90 + iconhref $dir/$icon "$hrb+$lnk" "$gecos" 1.91 else 1.92 - iconhref $dir/$deficon "$hrb+$lnk" "$name" 1.93 + iconhref $dir/$deficon "$hrb+$lnk" "$gecos" 1.94 fi 1.95 echo "<br>$name${ownerp:+<br>$ownerp}" 1.96 echo "</div>" 1.97 @@ -1307,18 +1311,17 @@ 1.98 listgroup() { 1.99 listentry group "$@" 1.100 } 1.101 -showgroup() { 1.102 - grp=$1 1.103 -err showgroup1: grp=$grp qgrp="[$(sqlquote $grp)]" 1.104 +showgroup() { # $1=group-rowid 1.105 1.106 gname=`getpar gname` 1.107 if [ -n "$gname" ]; then 1.108 err UPdating/Removing of group::::::: 1.109 par2table $formdir/grp.def 1.110 fi 1.111 + grp=`getgroupbyid $1` 1.112 err showgroup2: grp=$grp qgrp="[$(sqlquote $grp)]" 1.113 if isgroup "$grp"; then 1.114 - showgroupsub $formdir/grp.def "$grp" | \ 1.115 + showgroupsub $formdir/grp.def "$1" | \ 1.116 m4 -D_TITLE_="グループ $grp" \ 1.117 -D_FORM_="syscmd(\`cat')" \ 1.118 -D_DUMPTABLE_="" \ 1.119 @@ -1328,21 +1331,22 @@ 1.120 fi 1.121 } 1.122 showgroupsub() { 1.123 - # $1=def-file $2=group 1.124 - grp=$2 1.125 + # $1=def-file $2=group-rowid 1.126 + rowid=$2 1.127 + grp=`getgroupbyid $2` 1.128 qgrp=`sqlquote $grp` 1.129 - rowid=`sq $db "select rowid from grp where gname=$qgrp"` 1.130 + #rowid=`sq $db "select rowid from grp where gname=$qgrp"` 1.131 if [ -z "$rowid" ]; then 1.132 - rowid=`sq $db "select rowid from grp where rowid=$grp"` 1.133 - grp=`sq $db "select gname from grp where rowid=$grp"` 1.134 + #rowid=`sq $db "select rowid from grp where rowid=$grp"` 1.135 + #grp=`sq $db "select gname from grp where rowid=$grp"` 1.136 + echo "<p>showgroupsub: invalid argument($1 $2)</p>"; return 1.137 fi 1.138 - mmgrp=`echo "$grp"|nkf -Ww -MQ|tr '=' '%'` 1.139 val=`getvalbyid grp profimg $rowid $tmpd` 1.140 # 6/14の次グループのHOMEで出す情報を作る Done 1.141 viewtable $1 grp $rowid 1.142 if isgrpowner "$user" "$grp"; then 1.143 echo "<p><a href=\"?groupconf+$rowid\">グループ情報の編集</a>" 1.144 - iamowner=$grp 1.145 + iamowner=$rowid 1.146 fi 1.147 if ismember "$user" "$grp"; then 1.148 echo "${iamowner:+ / }<a href=\"?blog+$rowid\">グループの新規話題作成</a></p>" 1.149 @@ -1387,7 +1391,7 @@ 1.150 同じでよい場合は空欄に)</small></th> 1.151 <td>`cgi_text email $eml`</td></tr> 1.152 </table> 1.153 -`cgi_hidden grp $grp` 1.154 +`cgi_hidden grp $rowid` 1.155 EOF 1.156 echo '</div></div>' 1.157 echo '<h2>話題一覧</h2>' 1.158 @@ -1399,8 +1403,9 @@ 1.159 DT_CHLD=article:blogid \ 1.160 DT_VIEW=replyblog dumptable html blog 'ctime title heading' "$cond" 1.161 1.162 - c="group by b.name having b.name in (select user from grp_mem where gname='$grp')" 1.163 - cm="?commission+$mmgrp" 1.164 + getgname="(select gname from grp where rowid=$rowid)" 1.165 + c="group by b.name having b.name in (select user from grp_mem where gname=$getgname)" 1.166 + cm="?commission+$rowid" 1.167 thumbxy=50x50 listmember "" "$c" \ 1.168 |sed -e "s|\(<br>\),not=\(.*\)|\1<a href=\"$cm+\2\">管理者委託</a>|" 1.169 } 1.170 @@ -1444,26 +1449,27 @@ 1.171 return 1.172 fi 1.173 fi 1.174 - cond="where gname='$1' and user='$2'" 1.175 + qgname=`sqlquote $1` 1.176 + cond="where gname=$qgname and user='$2'" 1.177 if [ x"$3" = x"yes" ]; then 1.178 - query "replace into grp_mem values('$1', '$2');" 1.179 + query "replace into grp_mem values($qgname, '$2');" 1.180 if [ -n "$4" ]; then 1.181 if msg=`emaildomaincheck "$4"`; then 1.182 -err "replace into grp_mem_s values('$1', '$user', 'email', \ 1.183 +err "replace into grp_mem_s values($qgname, '$user', 'email', \ 1.184 'string', '$4', NULL);" 1.185 - query "replace into grp_mem_s values('$1', '$user', 'email', \ 1.186 + query "replace into grp_mem_s values($qgname, '$user', 'email', \ 1.187 'string', '$4', NULL);" 1.188 if [ -n "$5" ]; then # as ADMIN 1.189 # Coming here means newly created group 1.190 sql="select case\ 1.191 - when (select count(*) from grp_mem where gname='$1')=1\ 1.192 + when (select count(*) from grp_mem where gname=$qgname)=1\ 1.193 then (select user from grp_mem\ 1.194 - where gname='$1' and user='$user')\ 1.195 + where gname=$qgname and user='$user')\ 1.196 else '' end;" 1.197 err NewGrpChk: $sql 1.198 if [ -n "`query \"$sql\"`" ]; then 1.199 - err ADMIN: "replace into grp_adm values('$1', '$user');" 1.200 - query "replace into grp_adm values('$1', '$user');" 1.201 + err ADMIN: "replace into grp_adm values($qgname, '$user');" 1.202 + query "replace into grp_adm values($qgname, '$user');" 1.203 fi 1.204 fi 1.205 else 1.206 @@ -1479,21 +1485,26 @@ 1.207 fi 1.208 } 1.209 grp_reg_adm() { 1.210 - # $1=grp $2=user-rowid 1.211 - if ! isgrpowner $user $1; then 1.212 - echo "<p>$1 グループの管理者しかこの操作はできません。"; return 1.213 + # $1=grp-rowid $2=user-rowid 1.214 + grp=`getgroupbyid "$1"` 1.215 + if [ -z "$grp" ]; then 1.216 + echo "<p>無効なグループIDです</p>"; return 1.217 + fi 1.218 + if ! isgrpowner $user "$grp"; then 1.219 + echo "<p>$grp グループの管理者しかこの操作はできません。"; return 1.220 fi 1.221 newadm=`query "select name from user where rowid=$2;"` 1.222 if [ -z "$newadm" ]; then 1.223 echo "<p>指定ユーザIDがおかしいようです。</p>"; return 1.224 fi 1.225 -err GRP_reg_adm: "replace into grp_adm values('$1', '$newadm');" 1.226 -err ismember $newadm $1 1.227 - if ismember $newadm $1; then 1.228 +err GRP_reg_adm: "replace into grp_adm values(`sqlquote $grp`, '$newadm');" 1.229 +err ismember $newadm $grp 1.230 + if ismember $newadm $grp; then 1.231 # OK, go ahead 1.232 - query "replace into grp_adm values('$1', '$newadm');" 1.233 + getgname="(select gname from grp where rowid=$1)" 1.234 + query "replace into grp_adm values($getgname, '$newadm');" 1.235 # confirm insertion 1.236 - sql="select * from grp_adm where gname='$1' and user='$newadm'" 1.237 + sql="select * from grp_adm where gname=$getgname and user='$newadm'" 1.238 if [ -n "`query \"$sql;\"`" ]; then 1.239 echo "<p>追加完了</p>" 1.240 else 1.241 @@ -1821,6 +1832,8 @@ 1.242 form="" val="" 1.243 if [ -n "$rowid" ]; then 1.244 val=`getvalbyid $2 $name $rowid $tmpd` 1.245 +err genform3a: getvalbyid $2 $name $rowid $tmpd 1.246 +err genform3b: val="[$val]" 1.247 fi 1.248 if [ -n "$GF_VIEWONLY" ]; then 1.249 is_hidden "$2" "$name" && continue