--- loncom/lonsql 2007/08/25 13:45:56 1.85
+++ loncom/lonsql 2018/10/29 02:57:30 1.97
@@ -3,7 +3,7 @@
# The LearningOnline Network
# lonsql - LON TCP-MySQL-Server Daemon for handling database requests.
#
-# $Id: lonsql,v 1.85 2007/08/25 13:45:56 raeburn Exp $
+# $Id: lonsql,v 1.97 2018/10/29 02:57:30 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -95,8 +95,6 @@ the database.
=head1 Internals
-=over 4
-
=cut
use strict;
@@ -121,6 +119,8 @@ use GDBM_File;
=pod
+=over 4
+
=item Global Variables
=over 4
@@ -231,15 +231,15 @@ unless ($dbh = DBI->connect("DBI:mysql:l
my $emailto="$perlvar{'lonAdmEMail'},$perlvar{'lonSysEMail'}";
my $subj="LON: $perlvar{'lonHostID'} Cannot connect to database!";
system("echo 'Cannot connect to MySQL database!' |".
- " mailto $emailto -s '$subj' > /dev/null");
+ " mail -s '$subj' $emailto > /dev/null");
- open(SMP,'>/home/httpd/html/lon-status/mysql.txt');
+ open(SMP,">$perlvar{'lonDocRoot'}/lon-status/mysql.txt");
print SMP 'time='.time.'&mysql=defunct'."\n";
close(SMP);
exit 1;
} else {
- unlink('/home/httpd/html/lon-status/mysql.txt');
+ unlink("$perlvar{'lonDocRoot'}/lon-status/mysql.txt");
$dbh->disconnect;
}
@@ -442,60 +442,24 @@ sub make_new_child {
$result .= &escape(join(':',map{$_.'='.$replies{$_}} keys %replies));
}
} elsif ($query eq 'usersearch') {
- my $srchdomain = &unescape($arg1);
- my @items = split(/%%/,$arg2);
- my ($srchby,$srchtype) = map {&unescape($_)} @items;
- my $srchterm = &unescape($arg3);
- my $quoted_dom = $dbh->quote( $srchdomain );
- my ($query,$quoted_srchterm,@fields);
- my ($table_columns,$table_indices) =
- &LONCAPA::lonmetadata::describe_metadata_storage('allusers');
- foreach my $coldata (@{$table_columns}) {
- push(@fields,$coldata->{'name'});
- }
- my $fieldlist = join(',',@fields);
- $query = "SELECT $fieldlist FROM allusers WHERE (domain = $quoted_dom AND ";
- if ($srchby eq 'lastfirst') {
- my ($fraglast,$fragfirst) = split(/,/,$srchterm);
- $fragfirst =~ s/^\s+//;
- $fraglast =~ s/\s+$//;
- if ($srchtype eq 'exact') {
- $query .= 'lastname = '.$dbh->quote($fraglast).
- ' AND firstname = '.$dbh->quote($fragfirst);
- } else {
- $query .= 'lastname LIKE '.$dbh->quote('%'.$fraglast.'%').' AND firstname LIKE '.$dbh->quote('%'.$fragfirst.'%');
- }
+ my ($srchby,$srchtype,$srchterm);
+ if ((&unescape($arg1) eq $searchdomain) &&
+ ($arg2 =~ /\%\%/)) {
+ ($srchby,$srchtype) =
+ map {&unescape($_);} (split(/\%\%/,$arg2));
+ $srchterm = &unescape($arg3);
} else {
- my %srchfield = (
- uname => 'username',
- lastname => 'lastname',
- );
- if ($srchtype eq 'exact') {
- $query .= $srchfield{$srchby}.' = '.$dbh->quote($srchterm);
- } else {
- $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote('%'.$srchterm.'%');
- }
+ ($srchby,$srchtype,$srchterm) =
+ map {&unescape($_);} ($arg1,$arg2,$arg3);
}
- $query .= ") ORDER BY username ";
- my $sth = $dbh->prepare($query);
- if ($sth->execute()) {
- my @results;
- while (my @row = $sth->fetchrow_array) {
- my @items;
- for (my $i=0; $i<@row; $i++) {
- push(@items,&escape($fields[$i]).'='.&escape($row[$i]));
- }
- push(@results,join(":", @items));
- }
- $sth->finish;
- $result = &escape(join("&",@results));
- } else {
- &logthis(''.
- 'WARNING: Could not retrieve from database:'.
- $sth->errstr().'');
- }
+ $result = &do_user_search($searchdomain,$srchby,
+ $srchtype,$srchterm);
} elsif ($query eq 'instdirsearch') {
$result = &do_inst_dir_search($searchdomain,$arg1,$arg2,$arg3);
+ } elsif ($query eq 'getinstuser') {
+ $result = &get_inst_user($searchdomain,$arg1,$arg2);
+ } elsif ($query eq 'getmultinstusers') {
+ $result = &get_multiple_instusers($searchdomain,$arg3);
} elsif ($query eq 'prepare activity log') {
my ($cid,$domain) = map {&unescape($_);} ($arg1,$arg2);
&logthis('preparing activity log tables for '.$cid);
@@ -526,8 +490,9 @@ sub make_new_child {
$userdata{'domain'} = $udom;
$result = &allusers_table_update($query,$uname,$udom,\%userdata);
} else {
+ # Sanity checking of $query needed.
# Do an sql query
- $result = &do_sql_query($query,$arg1,$arg2,$searchdomain);
+ $result = &do_sql_query($query,$arg1,$arg2,$arg3,$searchdomain);
}
# result does not need to be escaped because it has already been
# escaped.
@@ -547,6 +512,74 @@ sub make_new_child {
}
}
+sub do_user_search {
+ my ($domain,$srchby,$srchtype,$srchterm) = @_;
+ my $result;
+ my $quoted_dom = $dbh->quote( $domain );
+ my ($query,$quoted_srchterm,@fields);
+ my ($table_columns,$table_indices) =
+ &LONCAPA::lonmetadata::describe_metadata_storage('allusers');
+ foreach my $coldata (@{$table_columns}) {
+ push(@fields,$coldata->{'name'});
+ }
+ my $fieldlist = join(',',@fields);
+ $query = "SELECT $fieldlist FROM allusers WHERE (domain = $quoted_dom AND ";
+ if ($srchby eq 'lastfirst') {
+ my ($fraglast,$fragfirst) = split(/,/,$srchterm);
+ $fragfirst =~ s/^\s+//;
+ $fraglast =~ s/\s+$//;
+ if ($srchtype eq 'exact') {
+ $query .= 'lastname = '.$dbh->quote($fraglast).
+ ' AND firstname = '.$dbh->quote($fragfirst);
+ } elsif ($srchtype eq 'begins') {
+ $query .= 'lastname LIKE '.$dbh->quote($fraglast.'%').
+ ' AND firstname LIKE '.$dbh->quote($fragfirst.'%');
+ } else {
+ $query .= 'lastname LIKE '.$dbh->quote('%'.$fraglast.'%').
+ ' AND firstname LIKE '.$dbh->quote('%'.$fragfirst.'%');
+ }
+ } else {
+ my %srchfield = (
+ uname => 'username',
+ lastname => 'lastname',
+ email => 'permanentemail',
+ );
+ if (exists($srchfield{$srchby})) {
+ if ($srchtype eq 'exact') {
+ $query .= $srchfield{$srchby}.' = '.$dbh->quote($srchterm);
+ } elsif ($srchtype eq 'begins') {
+ $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote($srchterm.'%');
+ } else {
+ $query .= $srchfield{$srchby}.' LIKE '.$dbh->quote('%'.$srchterm.'%');
+ }
+ } else {
+ &logthis(''.
+ 'WARNING: Invalid srchby: '.$srchby.'');
+ return $result;
+ }
+ }
+ $query .= ") ORDER BY username ";
+ my $sth = $dbh->prepare($query);
+ if ($sth->execute()) {
+ my @results;
+ while (my @row = $sth->fetchrow_array) {
+ my @items;
+ for (my $i=0; $i<@row; $i++) {
+ push(@items,&escape($fields[$i]).'='.&escape($row[$i]));
+ }
+ my $userstr = join(':', @items);
+ push(@results,&escape($userstr));
+ }
+ $sth->finish;
+ $result = join('&',@results);
+ } else {
+ &logthis(''.
+ 'WARNING: Could not retrieve from database:'.
+ $sth->errstr().'');
+ }
+ return $result;
+}
+
sub do_inst_dir_search {
my ($domain,$srchby,$srchterm,$srchtype) = @_;
$srchby = &unescape($srchby);
@@ -567,6 +600,60 @@ sub do_inst_dir_search {
}
}
$response=~s/\&$//;
+ } else {
+ $response = 'unavailable';
+ }
+ return $response;
+}
+
+sub get_inst_user {
+ my ($domain,$uname,$id) = @_;
+ $uname = &unescape($uname);
+ $id = &unescape($id);
+ my (%instusers,%instids,$result,$response);
+ eval {
+ local($SIG{__DIE__})='DEFAULT';
+ $result=&localenroll::get_userinfo($domain,$uname,$id,\%instusers,
+ \%instids);
+ };
+ if ($result eq 'ok') {
+ if (keys(%instusers) > 0) {
+ foreach my $key (keys(%instusers)) {
+ my $usrstr = &Apache::lonnet::freeze_escape($instusers{$key});
+ $response .= &escape(&escape($key).'='.$usrstr).'&';
+ }
+ }
+ $response=~s/\&$//;
+ } else {
+ $response = 'unavailable';
+ }
+ return $response;
+}
+
+sub get_multiple_instusers {
+ my ($domain,$data) = @_;
+ my ($type,$users) = split(/=/,$data,2);
+ my $requested = &Apache::lonnet::thaw_unescape($users);
+ my $response;
+ if (ref($requested) eq 'HASH') {
+ my (%instusers,%instids,$result);
+ eval {
+ local($SIG{__DIE__})='DEFAULT';
+ $result=&localenroll::get_multusersinfo($domain,$type,$requested,\%instusers,
+ \%instids);
+ };
+ if ($@) {
+ $response = 'error';
+ } elsif ($result eq 'ok') {
+ $response = $result;
+ if (keys(%instusers)) {
+ $response .= '='.&Apache::lonnet::freeze_escape(\%instusers);
+ }
+ } elsif ($result eq 'unavailable') {
+ $response = $result;
+ }
+ } else {
+ $response = 'invalid';
}
return $response;
}
@@ -602,12 +689,30 @@ sub process_file {
}
sub do_sql_query {
- my ($query,$custom,$customshow,$searchdomain) = @_;
+ my ($query,$custom,$customshow,$domainstr,$searchdomain) = @_;
#
# limit to searchdomain if given and table is metadata
#
- if (($searchdomain) && ($query=~/FROM metadata/)) {
+ if ($domainstr && ($query=~/FROM metadata/)) {
+ my $havingstr;
+ $domainstr = &unescape($domainstr);
+ if ($domainstr =~ /,/) {
+ foreach my $dom (split(/,/,$domainstr)) {
+ if ($dom =~ /^$LONCAPA::domain_re$/) {
+ $havingstr .= 'domain="'.$dom.'" OR ';
+ }
+ }
+ $havingstr =~ s/ OR $//;
+ } else {
+ if ($domainstr =~ /^$LONCAPA::domain_re$/) {
+ $havingstr = 'domain="'.$domainstr.'"';
+ }
+ }
+ if ($havingstr) {
+ $query.=' HAVING ('.$havingstr.')';
+ }
+ } elsif (($searchdomain) && ($query=~/FROM metadata/)) {
$query.=' HAVING (domain="'.$searchdomain.'")';
}
# &logthis('doing query ('.$searchdomain.')'.$query);