From 303453ac92b12f0a01ad44881379f9f948bfad39 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 8 Feb 2005 00:18:23 +0000 Subject: [PATCH] =?UTF-8?q?Fix:=20La=20description=20d'un=20groupe=20n'=E9?= =?UTF-8?q?tait=20pas=20sauvegard=E9=20ni=20restitu=E9.=20Qual:=20Cr=E9ati?= =?UTF-8?q?on=20des=20user=20et=20group=20au=20sein=20de=20transactions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- htdocs/user.class.php | 228 +++++++++++++++++------------------- htdocs/user/fiche.php | 35 ++++-- htdocs/user/group/fiche.php | 31 +++-- htdocs/usergroup.class.php | 65 +++++++--- 4 files changed, 198 insertions(+), 161 deletions(-) diff --git a/htdocs/user.class.php b/htdocs/user.class.php index 07d4b13b0cf..6ddefa9c305 100644 --- a/htdocs/user.class.php +++ b/htdocs/user.class.php @@ -571,7 +571,7 @@ class User if ($result) { - if ($this->db->num_rows()) + if ($this->db->num_rows($result)) { $obj = $this->db->fetch_object($result); $this->id = $obj->rowid; @@ -663,56 +663,55 @@ class User } /** - * \brief Crée en base un utilisateur + * \brief Crée un utilisateur en base + * \return si erreur <0, si ok renvoie id compte créé */ function create() { global $langs; - $sql = "SELECT login FROM ".MAIN_DB_PREFIX."user WHERE login ='$this->login';"; - //$sql = "SELECT login FROM ".MAIN_DB_PREFIX."user WHERE login ='$this->email';"; - if ($this->db->query($sql)) - { - $num = $this->db->num_rows(); - $this->db->free(); + $sql = "SELECT login FROM ".MAIN_DB_PREFIX."user WHERE login ='".$this->login."';"; + $result=$this->db->query($sql); + if ($result) + { + $num = $this->db->num_rows($result); + $this->db->free($result); + + if ($num) + { + $this->error = $langs->trans("ErrorLoginAlreadyExists"); + return -5; + } + else + { + $sql = "INSERT INTO ".MAIN_DB_PREFIX."user (datec,login,email) VALUES(now(),'$this->login','$this->email');"; + $result=$this->db->query($sql); - if ($num) - { - $this->error = $langs->trans("ErrorLoginAlreadyExists"); - return 0; - } - else - { - $sql = "insert into ".MAIN_DB_PREFIX."user (datec,login,email) - values(now(),'$this->login','$this->email');"; - if ($this->db->query($sql)) - { - /*if ($this->db->affected_rows()) - { - $this->id = $this->db->last_insert_id(); - $this->update(); - $this->set_default_rights(); - return $this->id; - }*/ // ce code pose probleme en postgres il est remplace par le bloc ci dessous - // fonctionne autant en postgres que mysql - $table = "".MAIN_DB_PREFIX."user"; - $this->id = $this->db->last_insert_id($table); - $this->set_default_rights(); - $this->update(); - return $this->id; - } - else - { - dolibarr_print_error($this->db); - } - } - } - else - { - dolibarr_print_error($this->db); - } - } //fin function + if ($result) + { + $table = "".MAIN_DB_PREFIX."user"; + $this->id = $this->db->last_insert_id($table); + + if ($this->set_default_rights() < 0) return -4; + + if ($this->update() < 0) return -3; + + return $this->id; + } + else + { + dolibarr_print_error($this->db); + return -2; + } + } + } + else + { + dolibarr_print_error($this->db); + return -1; + } + } /** * \brief Créé en base un utilisateur depuis l'objetc contact @@ -776,100 +775,83 @@ class User } /** - * \brief Affectation des permissions par défaut - * + * \brief Affectation des permissions par défaut + * \return si erreur <0, si ok renvoi le nbre de droits par defaut positionnés */ function set_default_rights() { - $sql = "SELECT id FROM ".MAIN_DB_PREFIX."rights_def WHERE bydefault = 1"; - - if ($this->db->query($sql)) - { - $num = $this->db->num_rows(); - $i = 0; - $rd = array(); - while ($i < $num) - { - $row = $this->db->fetch_row($i); - $rd[$i] = $row[0]; - $i++; - } - $this->db->free(); - } - $i = 0; - while ($i < $num) - { - - $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = $this->id AND fk_id=$rd[$i]"; - - $this->db->query($sql); - - $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (fk_user, fk_id) VALUES ($this->id, $rd[$i])"; - - if ($this->db->query($sql)) - { - } - $i++; - } + $sql = "SELECT id FROM ".MAIN_DB_PREFIX."rights_def WHERE bydefault = 1"; + + if ($this->db->query($sql)) + { + $num = $this->db->num_rows(); + $i = 0; + $rd = array(); + while ($i < $num) + { + $row = $this->db->fetch_row($i); + $rd[$i] = $row[0]; + $i++; + } + $this->db->free(); + } + $i = 0; + while ($i < $num) + { + + $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = $this->id AND fk_id=$rd[$i]"; + $result=$this->db->query($sql); + + $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (fk_user, fk_id) VALUES ($this->id, $rd[$i])"; + $result=$this->db->query($sql); + if (! $result) return -1; + $i++; + } + + return $i; } /** * \brief Mise à jour en base d'un utilisateur - * \return <0 si echec, >0 si ok + * \return <0 si echec, >=0 si ok */ - function update() { global $langs; - - $sql = "SELECT login FROM ".MAIN_DB_PREFIX."user WHERE login ='$this->login' AND rowid <> $this->id;"; - + + if (!strlen($this->code)) + $this->code = $this->login; - if ($this->db->query($sql)) - { - $num = $this->db->num_rows(); - $this->db->free(); - + $sql = "UPDATE ".MAIN_DB_PREFIX."user SET "; + $sql .= " name = '$this->nom'"; + $sql .= ", firstname = '$this->prenom'"; + $sql .= ", login = '$this->login'"; + $sql .= ", email = '$this->email'"; + $sql .= ", admin = $this->admin"; + $sql .= ", webcal_login = '$this->webcal_login'"; + $sql .= ", code = '$this->code'"; + $sql .= ", note = '$this->note'"; + $sql .= " WHERE rowid = ".$this->id; - if ($num) - { - $this->error = $langs->trans("ErrorLoginAlreadyExists"); - return -1; - } - else - { - if (!strlen($this->code)) - $this->code = $this->login; - $sql = "UPDATE ".MAIN_DB_PREFIX."user SET "; - $sql .= " name = '$this->nom'"; - $sql .= ", firstname = '$this->prenom'"; - $sql .= ", login = '$this->login'"; - $sql .= ", email = '$this->email'"; - $sql .= ", admin = $this->admin"; - $sql .= ", webcal_login = '$this->webcal_login'"; - $sql .= ", code = '$this->code'"; - $sql .= ", note = '$this->note'"; - $sql .= " WHERE rowid = $this->id;"; - - - $result = $this->db->query($sql); - - if ($result) - { - if ($this->db->affected_rows()) - { - return 1; - } - } - else - { - dolibarr_print_error($this->db); - } - } - } - } + $result = $this->db->query($sql); + + if ($result) + { + if ($this->db->affected_rows()) + { + return 1; + } + return 0; + } + else + { + dolibarr_print_error($this->db); + return -2; + } + + } /** * \brief Change le mot de passe d'un utilisateur et l'envoie par mail diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php index b567ac87812..fb4153e2455 100644 --- a/htdocs/user/fiche.php +++ b/htdocs/user/fiche.php @@ -64,6 +64,7 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes") } } + /** * Action ajout user */ @@ -78,6 +79,7 @@ if ($_POST["action"] == 'add' && $user->admin) $message='
'.$langs->trans("LoginNotDefined").'
'; $action="create"; // Go back to create page } + if (! $message) { $edituser = new User($db,0); @@ -89,20 +91,29 @@ if ($_POST["action"] == 'add' && $user->admin) $edituser->admin = trim($_POST["admin"]); $edituser->webcal_login = trim($_POST["webcal_login"]); + $db->begin(); + $id = $edituser->create(); - - if ($id) { - if (isset($_POST['password']) && trim($_POST['password'])) - { - $edituser->password($user,trim($_POST['password']),$conf->password_encrypted); - } - - Header("Location: fiche.php?id=$id"); + + if ($id > 0) + { + if (isset($_POST['password']) && trim($_POST['password'])) + { + $edituser->password($user,trim($_POST['password']),$conf->password_encrypted); + } + + $db->commit(); + + Header("Location: fiche.php?id=$id"); } - else { - $message='
'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'
'; - $action="create"; // Go back to create page + else + { + $db->rollback(); + + $message='
'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'
'; + $action="create"; // Go back to create page } + } } @@ -187,7 +198,7 @@ if ($action == 'create') print "
"; if ($message) { print $message."
"; } - print '
'; print ''; print ''; diff --git a/htdocs/user/group/fiche.php b/htdocs/user/group/fiche.php index cbf02e9e68d..3e0479baa3f 100644 --- a/htdocs/user/group/fiche.php +++ b/htdocs/user/group/fiche.php @@ -21,9 +21,9 @@ */ /** - \file htdocs/user/group/fiche.php - \brief Onglet groupes utilisateurs - \version $Revision$ + \file htdocs/user/group/fiche.php + \brief Onglet groupes utilisateurs + \version $Revision$ */ @@ -51,16 +51,22 @@ if ($_POST["action"] == 'add' && $user->admin) $editgroup->nom = trim($_POST["nom"]); $editgroup->note = trim($_POST["note"]); - $result = $editgroup->create(); + $db->begin(); + + $id = $editgroup->create(); - if ($result == 0) + if ($id > 0) { - Header("Location: fiche.php?id=".$editgroup->id); + $db->commit(); + + Header("Location: fiche.php?id=".$editgroup->id); } else { - $message='
'.$langs->trans("ErrorGroupAlreadyExists",$editgroup->nom).'
'; - $action="create"; // Go back to create page + $db->rollback(); + + $message='
'.$langs->trans("ErrorGroupAlreadyExists",$editgroup->nom).'
'; + $action="create"; // Go back to create page } } } @@ -224,7 +230,7 @@ else $result = $db->query($sql); if ($result) { - $num = $db->num_rows(); + $num = $db->num_rows($result); $i = 0; print "
"; @@ -238,7 +244,7 @@ else $var=True; while ($i < $num) { - $obj = $db->fetch_object(); + $obj = $db->fetch_object($result); $var=!$var; print ""; @@ -263,8 +269,11 @@ else $i++; } print "
"; - $db->free(); + print "
"; + $db->free($result); } + + print ''; } } diff --git a/htdocs/usergroup.class.php b/htdocs/usergroup.class.php index abfa90ebceb..e966ac85c34 100644 --- a/htdocs/usergroup.class.php +++ b/htdocs/usergroup.class.php @@ -65,7 +65,7 @@ class UserGroup { $this->id = $id; - $sql = "SELECT g.rowid, g.nom FROM ".MAIN_DB_PREFIX."usergroup as g"; + $sql = "SELECT g.rowid, g.nom, g.note FROM ".MAIN_DB_PREFIX."usergroup as g"; $sql .= " WHERE g.rowid = ".$this->id; @@ -73,15 +73,16 @@ class UserGroup if ($result) { - if ($this->db->num_rows()) + if ($this->db->num_rows($result)) { - $obj = $this->db->fetch_object(); + $obj = $this->db->fetch_object($result); $this->id = $obj->rowid; - $this->nom = stripslashes($obj->nom); + $this->nom = $obj->nom; + $this->note = $obj->note; } - $this->db->free(); + $this->db->free($result); } else @@ -108,7 +109,8 @@ class UserGroup } /** - * \brief Crée un groupe en base + * \brief Crée un groupe en base + * \return si erreur <0, si ok renvoie id groupe créé */ function create() @@ -117,19 +119,52 @@ class UserGroup $sql = "INSERT into ".MAIN_DB_PREFIX."usergroup (datec,nom)"; $sql .= " VALUES(now(),'$this->nom')"; - if ($this->db->query($sql)) - { - $this->id = $this->db->last_insert_id(); - return 0; - } + $result=$this->db->query($sql); + if ($result) + { + $table = "".MAIN_DB_PREFIX."usergroup"; + $this->id = $this->db->last_insert_id($table); + + if ($this->update() < 0) return -2; + + return $this->id; + } else - { - dolibarr_syslog("UserGroup::Create"); - return -1; - } + { + dolibarr_syslog("UserGroup::Create"); + return -1; + } } + /** + * \brief Mise à jour en base d'un utilisateur + * \return <0 si echec, >=0 si ok + */ + function update() + { + $sql = "UPDATE ".MAIN_DB_PREFIX."usergroup SET "; + $sql .= " note = '$this->note'"; + $sql .= " WHERE rowid = ".$this->id; + + $result = $this->db->query($sql); + + if ($result) + { + if ($this->db->affected_rows()) + { + return 1; + } + return 0; + } + else + { + dolibarr_print_error($this->db); + return -2; + } + + } + } ?>