function BeginTransaction($transType, $object = 0) { assert($this->Connected()); if (!is_null($this->mCurrentTransaction)) { return null; } else { if (!preg_match("/^[-\\w]+\$/", $transType)) { return null; } else { if (!preg_match("/-new\$/", $transType) && $object == 0) { return null; } else { if (!preg_match("/^\\d+\$/", $object)) { return null; } } } } if ($object == 0) { if ($this->DoOp("INSERT INTO or_objects (created) VALUES \n (NOW())") != 1) { return null; } $this->mObjectID = $this->LastInsertID(); } $transactionInfo = $this->SelectRow("SELECT type FROM \n or_transaction_types WHERE action='{$transType}'"); if (is_null($transactionInfo['type'])) { return null; } $this->mTransactionPackedIP = PackIPAddress(getenv('REMOTE_ADDR')); if ($this->DoOp("INSERT INTO or_transactions (type, starttime, \n objectid, ipaddr) VALUES ('" . $transactionInfo['type'] . "', NOW(), \n '{$this->mObjectID}', '{$this->mTransactionPackedIP}')") != 1) { return null; } $this->mCurrentTransaction = $this->LastInsertID(); // Record the hostname after the transactions has 'started', but last $this->RecordIPAddrHostname(); return $this->mCurrentTransaction; }
function RecordEvaluation($input) { assert(EVAL_WELLFORMED == VerifyEvaluationInput($input)); $dbh = GetCachedDBConnection(); $packedIP = PackIPAddress(getenv('REMOTE_ADDR')); $pid = $input['profid']; $blackout = EVALS_DUPLICATE_BLACKOUT * SECONDS_PER_MINUTE; $oldPosts = $dbh->SelectAll("SELECT t.eventid FROM or_transactions t,\n or_comment c WHERE c.profid='{$pid}' AND t.ipaddr='{$packedIP}' AND\n UNIX_TIMESTAMP(t.endtime) > (UNIX_TIMESTAMP(NOW()) - {$blackout}) AND\n c.objectid=t.objectid"); if (count($oldPosts) != 0) { return RECORDEVAL_BLOCKED_DUPBLACKOUT; } $transactionID = $dbh->BeginTransaction('evaluation-new'); assert(!is_null($transactionID)); $oid = $dbh->GetObjectID(); $rows = $dbh->DoOp("INSERT INTO or_comment (profid, courseid, \n studentclass, coursetype, grade, ques1, ques2, ques3, objectid) \n VALUES ('" . $input['profid'] . "', '" . $input['courseid'] . "', '" . $input['studentclass'] . "', '" . $input['studentcoursetype'] . "', '" . $input['grade'] . "', '" . $input['ques1'] . "', '" . $input['ques2'] . "', '" . $input['ques3'] . "', '{$oid}')"); assert($rows == 1); $commentid = $dbh->LastInsertID(); $quotedComment = $dbh->Quote($input['comments']); $rows = $dbh->DoOp("INSERT INTO or_comment_text (commentid, comment)\n VALUES ({$commentid}, '{$quotedComment}')"); assert($rows == 1); $rows = $dbh->DoOp("UPDATE or_comment SET status='pending' WHERE \n objectid={$oid}"); assert($rows == 1); $transactionStatus = $dbh->EndTransaction(); assert($transactionStatus); return RECORDEVAL_SUCCESS; }