Skip to content

Commit

Permalink
perform extra checks to ensure user/resource exists before trying to …
Browse files Browse the repository at this point in the history 
…pull up resources by user/updates by resource; also check if listResources has any results and if the array is empty (i.e. no more results) then send a 4

04 instead of a plain empty array off to infinity; closes #48.
  • Loading branch information
@jacobsandersen
jacobsandersen committed Jun 19, 2021
1 parent 87cb9b0 commit a4e1bb8
Showing 1 changed file with 77 additions and 25 deletions.
102 changes: 77 additions & 25 deletions src/support/Database.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,17 @@ public static function initializeViaConfig() {
}

public function listResources($category, $page) {
$page = $page == 1 ? 0 : 10 * ($page - 1);
if ($page <= 0) {
return NULL;
}

$offset = $page == 1 ? 0 : 10 * ($page - 1);

if (!is_null($this->conn)) {
$categoryClause = is_null($category) ? '' : 'AND r.resource_category_id = :resource_category_id';

$resStmt = $this->conn->prepare($this->_resource(sprintf('%s LIMIT 10 OFFSET :offset', $categoryClause)));
$resStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
$resStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);

if (!empty($categoryClause)) {
$resStmt->bindParam(':resource_category_id', $category);
Expand All @@ -54,6 +58,10 @@ public function listResources($category, $page) {
if ($resStmt->execute()) {
$resources = $resStmt->fetchAll();

if (is_null($resources) || $resources == false || empty($resources)) {
return NULL;
}

for ($i = 0; $i < count($resources); $i++) {
$resource = $resources[$i];
$resource['fields'] = $this->_resource_fields($resource['resource_id']);
Expand All @@ -74,7 +82,11 @@ public function getResource($resource_id) {

if ($resStmt->execute()) {
$resource = $resStmt->fetch();
$resource['fields'] = $this->_resource_fields($resource['resource_id']);

if (!is_null($resource) && $resource !== false) {
$resource['fields'] = $this->_resource_fields($resource['resource_id']);
}

return $resource;
}
}
Expand All @@ -83,12 +95,16 @@ public function getResource($resource_id) {
}

public function getResourcesByUser($user_id, $page) {
$page = $page == 1 ? 0 : 10 * ($page - 1);
if ($page <= 0 || !$this->_user_exists($user_id)) {
return NULL;
}

$offset = $page == 1 ? 0 : 10 * ($page - 1);

if (!is_null($this->conn)) {
$resStmt = $this->conn->prepare($this->_resource('AND r.user_id = :user_id LIMIT 10 OFFSET :offset'));
$resStmt->bindParam(':user_id', $user_id);
$resStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
$resStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);

if ($resStmt->execute()) {
$resources = $resStmt->fetchAll();
Expand Down Expand Up @@ -132,12 +148,16 @@ public function getResourceUpdate($update_id) {
}

public function getResourceUpdates($resource_id, $page) {
$page = $page == 1 ? 0 : 10 * ($page - 1);
if ($page <= 0 || !$this->_resource_exists($resource_id)) {
return NULL;
}

$offset = $page == 1 ? 0 : 10 * ($page - 1);

if (!is_null($this->conn)) {
$updatesStmt = $this->conn->prepare($this->_resource_update('AND r.resource_id = :resource_id LIMIT 10 OFFSET :offset'));
$updatesStmt->bindParam(':resource_id', $resource_id);
$updatesStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
$updatesStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);

if ($updatesStmt->execute()) {
return $updatesStmt->fetchAll();
Expand All @@ -157,26 +177,32 @@ public function getUser($user_id) {
WHERE u.user_id = :user_id
GROUP BY u.user_id"
);

$userStmt->bindParam(':user_id', $user_id);

$identStmt = $this->conn->prepare(
"SELECT ufv.field_id, ufv.field_value
FROM xf_user_field_value ufv
INNER JOIN xf_user u
ON u.user_id = ufv.user_id
INNER JOIN xf_user_field uf
ON uf.field_id = ufv.field_id AND uf.display_group = 'contact'
WHERE ufv.user_id = :user_id AND ufv.field_value IS NOT NULL AND ufv.field_value != ''"
);

$identStmt->bindParam(':user_id', $user_id);

if ($userStmt->execute() && $identStmt->execute()) {
$out = new \stdClass();
$out->user = $userStmt->fetch();
$out->ident = $identStmt->fetchAll();
return $out;
if ($userStmt->execute()) {
$user = $userStmt->fetch();
if (!is_null($user) && $user != false) {
$identStmt = $this->conn->prepare(
"SELECT ufv.field_id, ufv.field_value
FROM xf_user_field_value ufv
INNER JOIN xf_user u
ON u.user_id = ufv.user_id
INNER JOIN xf_user_field uf
ON uf.field_id = ufv.field_id AND uf.display_group = 'contact'
WHERE ufv.user_id = :user_id AND ufv.field_value IS NOT NULL AND ufv.field_value != ''"
);
$identStmt->bindParam(':user_id', $user_id);

$identities = new \stdClass();
if ($identStmt->execute()) {
$identities = $identStmt->fetchAll();
}

$out = new \stdClass();
$out->user = $userStmt->fetch();
$out->ident = $identities;
return $out;
}
}
}

Expand Down Expand Up @@ -243,4 +269,30 @@ private function _resource_update($suffix) {
$suffix
);
}

private function _resource_exists($resource_id) {
if (!is_null($this->conn)) {
$stmt = $this->conn->prepare("SELECT EXISTS(SELECT 1 FROM xf_resource WHERE resource_id = :resource_id) AS 'exists'");
$stmt->bindParam(":resource_id", $resource_id);

if ($stmt->execute()) {
return (bool) $stmt->fetch()['exists'];
}
}

return FALSE;
}

private function _user_exists($user_id) {
if (!is_null($this->conn)) {
$stmt = $this->conn->prepare("SELECT EXISTS(SELECT 1 FROM xf_user WHERE user_id = :user_id) AS 'exists'");
$stmt->bindParam(":user_id", $user_id);

if ($stmt->execute()) {
return (bool) $stmt->fetch()['exists'];
}
}

return FALSE;
}
}

0 comments on commit a4e1bb8

Please sign in to comment.