summaryrefslogtreecommitdiff
path: root/sql/modules/Session.sql
blob: 4adf20d8874a322084e68f13f558d99459472107 (plain) 
    

  1. CREATE OR REPLACE FUNCTION form_check(in_session_id int, in_form_id int)
    2. 

  2. RETURNS BOOL AS
    3. 

  3. $$
    4. 

  4. BEGIN
    5. 

  5.     SELECT * FROM open_forms 
    6. 

  6.     WHERE session_id = in_session_id AND id = in_form_id;
    7. 

  7. 

  8.     IF FOUND THEN 
    9. 

  9.         DELETE FROM open_forms 
    10. 

  10.         WHERE session_id = in_session_id AND id = in_form_id;
    11. 

  11. 

  12.         RETURN TRUE;
    13. 

  13. 

  14.     ELSE RETURN FALSE;
    15. 

  15. END;
    16. 

  16. $$ language plpgsql;
    17. 

  17. 

  18. CREATE OR REPLACE FUNCTION form_open(in_session_id int)
    19. 

  19. RETURNS INT AS
    20. 

  20. $$
    21. 

  21. BEGIN
    22. 

  22.     INSERT INTO open_forms (session_id) VALUES (in_session_id);
    23. 

  23.     RETURN currval('form_id_seq');
    24. 

  24. END;
    25. 

  25. $$ LANGUAGE PLPGSQL
    26. 

  26. 

  27. CREATE OR REPLACE FUNCTION session_check(in_session_id int, in_token text) 
    28. 

  28. RETURNS session AS
    29. 

  29. $$
    30. 

  30. DECLARE out_row session%ROWTYPE;
    31. 

  31. BEGIN
    32. 

  32.         UPDATE session 
    33. 

  33.            SET last_used = now()
    34. 

  34.          WHERE session_id = in_session_id
    35. 

  35.                AND token = in_token
    36. 

  36.                AND last_used > now() - (SELECT value FROM defaults
    37. 

  37.                 WHERE setting_key = 'timeout')::interval
    38. 

  38.            AND users_id = (select id from users 
    39. 

  39.             where username = SESSION_USER);
    40. 

  40.     IF FOUND THEN
    41. 

  41.         SELECT * INTO out_row WHERE session_id = in_session_id;
    42. 

  42.     ELSE
    43. 

  43.         DELETE FROM SESSION 
    44. 

  44.         WHERE users_id IN (select id from users
    45. 

  45.                         where username = SESSION_USER); 
    46. 

  46.         -- the above query also releases all discretionary locks by the
    47. 

  47.                 -- session
    48. 

  48. 

  49.         IF NOT FOUND THEN
    50. 

  50.             PERFORM id FROM users WHERE username = SESSION_USER;
    51. 

  51.             IF NOT FOUND THEN
    52. 

  52.                 RAISE EXCEPTION 'User Not Known';
    53. 

  53.             END IF;
    54. 

  54.             
    55. 

  55.         END IF;
    56. 

  56.         INSERT INTO session(users_id, token, last_used, transaction_id)
    57. 

  57.         SELECT id, md5(random()::text), now(), 0 
    58. 

  58.           FROM users WHERE username = SESSION_USER;
    59. 

  59.         -- TODO-- remove transaction_id field from session table
    60. 

  60. 

  61.         SELECT * INTO out_row FROM session 
    62. 

  62.          WHERE session_id = currval('session_session_id_seq');
    63. 

  63.     END IF;
    64. 

  64.     RETURN out_row;
    65. 

  65. END;
    66. 

  66. $$ LANGUAGE PLPGSQL;
    67. 

  67. 

  68. COMMENT ON FUNCTION session_check(int, text) IS 
    69. 

  69. $$ Return code is 0 for failure, 1 for success. $$;
    70.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 02:56:00 +0000