From: John R. <nuc...@us...> - 2007-09-18 13:07:50
|
Update of /cvsroot/mantisbt/mantisbt/core In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv20018/core Modified Files: constant_inc.php current_user_api.php last_visited_api.php tokens_api.php Log Message: Fixed #8344: Tokens API Clean-up and Changes Index: last_visited_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/last_visited_api.php,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- last_visited_api.php 9 Jul 2007 22:41:22 -0000 1.2 +++ last_visited_api.php 18 Sep 2007 13:06:24 -0000 1.3 @@ -28,7 +28,7 @@ $c_issue_id = db_prepare_int( $p_issue_id ); - $t_value = token_get_value_by_type( TOKEN_LAST_VISITED, $p_user_id ); + $t_value = token_get_value( TOKEN_LAST_VISITED, $p_user_id ); if ( is_null( $t_value ) ) { $t_value = $c_issue_id; } else { @@ -38,14 +38,14 @@ $t_value = implode( ',', $t_ids ); } - token_set_value_by_type( $t_value, TOKEN_LAST_VISITED, $p_user_id ); + token_set( TOKEN_LAST_VISITED, $t_value, $p_user_id ); } #--------------------------------- # Get an array of the last visited bug ids. We intentionally don't check if the ids still exists to avoid performance # degradation. function last_visited_get_array( $p_user_id = null ) { - $t_value = token_get_value_by_type( TOKEN_LAST_VISITED, $p_user_id ); + $t_value = token_get_value( TOKEN_LAST_VISITED, $p_user_id ); if ( is_null( $t_value ) ) { return array(); Index: constant_inc.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/constant_inc.php,v retrieving revision 1.71 retrieving revision 1.72 diff -u -d -r1.71 -r1.72 --- constant_inc.php 27 Aug 2007 20:42:50 -0000 1.71 +++ constant_inc.php 18 Sep 2007 13:06:23 -0000 1.72 @@ -307,6 +307,9 @@ define( 'ERROR_TAG_NOT_ATTACHED', 2203 ); define( 'ERROR_TAG_ALREADY_ATTACHED', 2204 ); + # ERROR_TOKEN_* + define( 'ERROR_TOKEN_NOT_FOUND', 2300 ); + # Status Legend Position define( 'STATUS_LEGEND_POSITION_TOP', 1); define( 'STATUS_LEGEND_POSITION_BOTTOM', 2); @@ -358,6 +361,9 @@ define( 'TOKEN_FILTER', 1 ); define( 'TOKEN_GRAPH', 2 ); define( 'TOKEN_LAST_VISITED', 3 ); + define( 'TOKEN_USER', 1000 ); + + define( 'TOKEN_EXPIRY', 60*60 ); # Default expiration of 60 minutes ( 3600 seconds ) # config types define( 'CONFIG_TYPE_INT', 1 ); Index: current_user_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/current_user_api.php,v retrieving revision 1.29 retrieving revision 1.30 diff -u -d -r1.29 -r1.30 --- current_user_api.php 21 Mar 2006 12:50:24 -0000 1.29 +++ current_user_api.php 18 Sep 2007 13:06:24 -0000 1.30 @@ -113,7 +113,7 @@ if ( !is_blank( $f_filter_string ) ) { if( is_numeric( $f_filter_string ) ) { - $t_filter = unserialize( token_get_value( $f_filter_string ) ); + $t_filter = unserialize( token_get_value( TOKEN_FILTER ) ); } else { $t_filter = unserialize( $f_filter_string ); } Index: tokens_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/tokens_api.php,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- tokens_api.php 12 Aug 2006 08:04:13 -0000 1.5 +++ tokens_api.php 18 Sep 2007 13:06:25 -0000 1.6 @@ -1,7 +1,7 @@ <?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - ke...@30... - # Copyright (C) 2002 - 2004 Mantis Team - man...@li... + # Copyright (C) 2002 - 2007 Mantis Team - man...@li... # This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details @@ -9,87 +9,132 @@ # $Id$ # -------------------------------------------------------- - ### TOKENS API ### - # This implements temporary storage of strings. # DB schema: id, type, owner, timestamp, value - # TODO - # 1. add constant for user token types TOKEN_USER. users can define token_my_type = token_user, token_other = token_user + 1 etc - # TOKEN_USER = 1000 - # 2. Implement Token_touch - # 3. Test token_ensure_owner - # 4. Add index on type + owner to DB - # 5. remove 'timestamp' from dbschema? - # 6. Replace generic errors - # 7. add an 'expiry' param to token_add - # 8. rework ts_purge_expired not to be called on every get. Maybe call it if token is found to be expired. - # 9. return 'default param' from token_add is token not found - - # -------------------- - function token_ensure_owner( $p_token_id, $p_user_id = null ) { - $c_token_id = db_prepare_int( $p_token_id ); + /** + * Check if a token exists. + * @param integer Token ID + * @return boolean True if token exists + */ + function token_exists( $p_token_id ) { + $c_token_id = db_prepare_int( $p_token_id ); $t_tokens_table = config_get( 'mantis_tokens_table' ); - if( $p_user_id == null ) { - $c_user_id = auth_get_current_user_id(); - } else { - $c_user_id = db_prepare_int( $p_user_id ); - } + $query = "SELECT id + FROM $t_tokens_table + WHERE id='$c_token_id'"; + $result = db_query( $query, 1 ); - $query = "SELECT owner - FROM $t_tokens_table - WHERE id='$c_token_id'"; - $result = db_query( $query ); + return( 1 == db_num_rows( $result ) ); + } - if( db_result( $result ) != $c_user_id ) { - trigger_error( ERROR_GENERIC, ERROR ); + /** + * Make sure a token exists. + * @param integer Token ID + * @return boolean True if token exists + */ + function token_ensure_exists( $p_token_id ) { + if ( !token_exists( $p_token_id ) ) { + trigger_error( ERROR_TOKEN_NOT_FOUND, ERROR ); } return true; } - # -------------------- - function token_touch( $p_token_id, $p_expiry_delay ) { - } + # High-level CRUD Usage - # -------------------- - function token_delete_by_owner( $p_user_id = null ) { - if( $p_user_id == null ) { - $c_user_id = auth_get_current_user_id(); + /** + * Get a token's information + * @param integer Token type + * @param integer User ID + * @return array Token row + */ + function token_get( $p_type, $p_user_id = null ) { + token_purge_expired_once(); + + $c_type = db_prepare_int( $p_type ); + $c_user_id = db_prepare_int( $p_user_id == null ? auth_get_current_user_id() : $p_user_id ); + + $t_tokens_table = config_get( 'mantis_tokens_table' ); + + $query = "SELECT * FROM $t_tokens_table + WHERE type='$c_type' AND owner='$c_user_id'"; + $result = db_query( $query ); + + if ( db_num_rows( $result ) > 0 ) { + return db_fetch_array( $result ); } else { - $c_user_id = db_prepare_int( $p_user_id ); + return null; } + } - $t_tokens_table = config_get( 'mantis_tokens_table' ); + function token_get_value( $p_type, $p_user_id = null ) { + $t_token = token_get( $p_type, $p_user_id ); + return $t_token['value']; + } - # Remove - $query = "DELETE FROM $t_tokens_table - WHERE owner='$c_user_id'"; + /** + * Create or update a token's value and expiration + * @param integer Token type + * @param string Token value + * @param integer Token expiration in seconds + * @param integer User ID + * @return integer Token ID + */ + function token_set( $p_type, $p_value, $p_expiry = TOKEN_EXPIRY, $p_user_id = null ) { + $t_token = token_get( $p_type, $p_user_id ); + if ( $t_token == null ) { + return token_create( $p_type, $p_value, $p_expiry, $p_user_id ); + } else { + token_update( $t_token['id'], $p_value, $p_expiry ); + return $t_token['id']; + } + } + + /** + * Touch a token to update its expiration time. + * @param integer Token ID + * @param integer Token expiration in seconds + */ + function token_touch( $p_token_id, $p_expiry = TOKEN_EXPIRY ) { + token_ensure_exists( $p_token_id ); + + $c_token_id = db_prepare_int( $p_token_id ); + $c_token_expiry = db_timestamp( db_date(time() + $p_expiry) ); + $t_tokens_table = config_get( 'mantis_tokens_table' ); + + $query = "UPDATE $t_tokens_table SET expiry=$c_token_expiry + WHERE id='$c_token_id'"; db_query( $query ); return true; } - # -------------------- - function token_delete_by_type( $p_token_type ) { - $c_token_type = db_prepare_int( $p_token_type ); + /** + * Delete a token. + * @param integer Token type + * @param integer User ID + */ + function token_delete( $p_type, $p_user_id = null ) { + $c_type = db_prepare_int( $p_type ); + $c_user_id = db_prepare_int( $p_user_id == null ? auth_get_current_user_id() : $p_user_id ); - $t_tokens_table = config_get( 'mantis_tokens_table' ); + $t_tokens_table = config_get( 'mantis_tokens_table' ); - # Remove - $query = "DELETE FROM $t_tokens_table - WHERE type='$c_token_type'"; - db_query( $query ); + $query = "DELETE FROM $t_tokens_table + WHERE type='$c_type' AND owner='$c_user_id'"; + db_query( $result ); return true; } - # -------------------- - function token_delete_by_type_owner( $p_token_type, $p_user_id ) { - $c_token_type = db_prepare_int( $p_token_type ); - - if ( $p_user_id == null ) { + /** + * Delete all tokens owned by a specified user. + * @param integer User ID + */ + function token_delete_by_owner( $p_user_id = null ) { + if( $p_user_id == null ) { $c_user_id = auth_get_current_user_id(); } else { $c_user_id = db_prepare_int( $p_user_id ); @@ -99,123 +144,81 @@ # Remove $query = "DELETE FROM $t_tokens_table - WHERE type='$c_token_type' and owner='$c_user_id'"; + WHERE owner='$c_user_id'"; db_query( $query ); return true; } - # -------------------- - function token_exists( $p_token_id ) { - $c_token_id = db_prepare_int( $p_token_id ); - $t_tokens_table = config_get( 'mantis_tokens_table' ); - - $query = "SELECT id - FROM $t_tokens_table - WHERE id='$c_token_id'"; - $result = db_query( $query, 1 ); - - return( 1 == db_num_rows( $result ) ); - } - - # -------------------- - function token_ensure_exists( $p_token_id ) { - if ( !token_exists( $p_token_id ) ) { - trigger_error( ERROR_GENERIC, ERROR ); - } - - return true; - } + # Low-level CRUD, not for general use - # -------------------- - function token_add( $p_token_value, $p_token_type = TOKEN_UNKNOWN, $p_user_id = null ) { - $c_token_type = db_prepare_int( $p_token_type ); - $c_token_value = db_prepare_string ( $p_token_value ); + /** + * Create a token. + * @param integer Token type + * @param string Token value + * @param integer Token expiration in seconds + * @param integer User ID + * @return integer Token ID + */ + function token_create( $p_type, $p_value, $p_expiry = TOKEN_EXPIRY, $p_user_id = null ) { + $c_type = db_prepare_int( $p_type ); + $c_value = db_prepare_string( $p_value ); + $c_timestamp = db_now(); + $c_expiry = db_timestamp( db_date(time() + $p_expiry) ); + $c_user_id = db_prepare_int( $p_user_id == null ? auth_get_current_user_id() : $p_user_id ); - if ( $p_user_id == null ) { - $c_user_id = auth_get_current_user_id(); - } else { - $c_user_id = db_prepare_int( $p_user_id ); - } + $t_tokens_table = config_get( 'mantis_tokens_table' ); - $t_tokens_table = config_get( 'mantis_tokens_table' ); - # insert $query = "INSERT INTO $t_tokens_table - ( type, owner, timestamp, value ) - VALUES - ( $c_token_type, $c_user_id, " . db_now(). ",'$c_token_value' )"; + ( type, value, timestamp, expiry, owner ) + VALUES ( '$c_type', '$c_value', $c_timestamp, $c_expiry, '$c_user_id' )"; db_query( $query ); return db_insert_id( $t_tokens_table ); } - # -------------------- - function token_set_value_by_type( $p_token_value, $p_token_type, $p_user_id = null ) { - token_delete_by_type_owner( $p_token_type, $p_user_id ); - token_add( $p_token_value, $p_token_type, $p_user_id ); - } - # -------------------- - # This method does not generate an error if the token does not exist, - # e.g. if we try to delete an expired token - function token_delete( $p_token_id ) { - $c_token_id = db_prepare_int( $p_token_id ); - $t_tokens_table = config_get( 'mantis_tokens_table' ); - # Remove - $query = "DELETE FROM $t_tokens_table - WHERE id='$c_token_id'"; - db_query( $query, 1 ); - return true; - } - # -------------------- - function token_get_value( $p_token_id, $p_user_id = null ) { + /** + * Update a token + * @param integer Token ID + * @param string Token value + * @param integer Token expiration in seconds + */ + function token_update( $p_token_id, $p_value, $p_expiry = TOKEN_EXPIRY ) { + token_ensure_exists( $p_token_id ); $c_token_id = db_prepare_int( $p_token_id ); - - if ( $p_user_id == null ) { - $c_user_id = auth_get_current_user_id(); - } else { - $c_user_id = db_prepare_int( $p_user_id ); - } - - $t_tokens_table = config_get( 'mantis_tokens_table' ); - - token_purge_expired(); - - $query = "SELECT value - FROM $t_tokens_table - WHERE id='$c_token_id' AND owner='$c_user_id'"; - $result = db_query( $query ); + $c_value = db_prepare_string( $p_value ); + $c_expiry = db_timestamp( db_date(time() + $p_expiry) ); - if ( 0 == db_num_rows( $result ) ) { - return null; - } + $t_tokens_table = config_get( 'mantis_tokens_table' ); - return db_result( $result ); + $query = "UPDATE $t_tokens_table + SET value='$c_value', expiry=$c_expiry"; + db_query( $query ); + + return true; } - # -------------------- - function token_get_value_by_type( $p_token_type, $p_user_id = null ) { - $c_token_type = db_prepare_int( $p_token_type ); - if ( $p_user_id == null ) { - $c_user_id = auth_get_current_user_id(); - } else { - $c_user_id = db_prepare_int( $p_user_id ); - } + /** + * Delete all tokens of a specified type. + * @param integer Token Type + */ + function token_delete_by_type( $p_token_type ) { + $c_token_type = db_prepare_int( $p_token_type ); $t_tokens_table = config_get( 'mantis_tokens_table' ); - $query = "SELECT value - FROM $t_tokens_table - WHERE owner='$c_user_id' AND type='$c_token_type'"; - - $result = db_query( $query, 1 ); - - if ( 0 == db_num_rows( $result ) ) { - return null; - } + # Remove + $query = "DELETE FROM $t_tokens_table + WHERE type='$c_token_type'"; + db_query( $query ); - return db_result( $result ); + return true; } - # -------------------- - function token_purge_expired( $p_token_type = NULL ) { + + /** + * Purge all expired tokens. + * @param integer Token type + */ + function token_purge_expired( $p_token_type = null ) { $t_tokens_table = config_get( 'mantis_tokens_table' ); # Remove $query = "DELETE FROM $t_tokens_table WHERE "; @@ -223,8 +226,25 @@ $c_token_type = db_prepare_int( $p_token_type ); $query .= " type='$c_token_type' AND "; } - $query .= db_helper_compare_days( db_now(), 'timestamp', ">= '1'" ); + $query .= db_now() . " > expiry "; db_query( $query ); + + global $t_tokens_purged; + $t_tokens_purged = true; return true; } -?> + + /** + * Purge all expired tokens only once per session. + * @param integer Token type + */ + function token_purge_expired_once( $p_token_type = null ) { + global $t_tokens_purged; + if ( ! $t_tokens_purged ) { + token_purge_expired(); + } + } + + # Set up global for token_purge_expired_once() + global $t_tokens_purged; + $t_tokens_purged = false; |