function Create($UserID, $Name) { # # create a new and empty watch list # global $Sequence_Watch_List_ID; $return = 0; $Name = pg_escape_string($Name); $query = "\nSELECT count(watch_list.id), users.max_number_watch_lists\n FROM users LEFT OUTER JOIN watch_list\n ON users.id = watch_list.user_id\n WHERE users.id = {$UserID}\nGROUP BY users.max_number_watch_lists"; $this->LocalResult = pg_query($this->dbh, $query); if ($this->LocalResult) { $numrows = pg_numrows($this->LocalResult); if ($numrows == 1) { $myrow = pg_fetch_array($this->LocalResult, 0); $Count = $myrow[0]; $Max = $myrow[1]; if ($Count < $Max) { $NextValue = freshports_GetNextValue($Sequence_Watch_List_ID, $this->dbh); $result = 0; $Attempts = 5; # # repeat the inserts until we get it in # we do this because the db inserts a random number into the # token column. We might get a collision. If we do, try # again. 5 Collisions should be very rare. # while ($Attempts > 0 and !$result) { $query = "insert into watch_list (id, user_id, name) values ({$NextValue}, {$UserID}, '{$Name}')"; $result = pg_query($this->dbh, $query); if (!result) { syslog(LOG_ERR, __FILE__ . '::' . __LINE__ . ' inserting into watch_list failed on attempt ' . $Attempts . '. collision on token column suspected.'); } $Attempts--; } # that worked and we updated exactly one row if ($result && pg_affected_rows($result) == 1) { $return = $NextValue; } if (!result) { syslog(LOG_ERR, __FILE__ . '::' . __LINE__ . ' failed to insert into watch_list. collision on token column suspected.') . die('Sorry, I was unable to create you a watch list. Please try again, and if failure persist, please contast the webmaster.'); } } else { syslog(LOG_NOTICE, "You already have {$Count} watch lists. If you want more than {$Max} watch lists, please contact the postmaster. UserID='{$UserID}'"); die("You already have {$Count} watch lists. If you want more than {$Max} watch lists, please contact the postmaster."); } } else { syslog(LOG_ERR, "Could not find watch list count for user {$UserID} - " . $_SERVER['PHP_SELF']); die("I couldn't find your watch list details... sorry"); } } else { syslog(LOG_ERR, "Error finding watch list count for user {$UserID} - " . $_SERVER['PHP_SELF'] . ' ' . pg_last_error()); die('Error finding watch list count for user'); } return $return; }
} # # make sure we have valid values in this variable. # by default, they don't get notified. # $UserCreated = 0; if ($OK) { $Cookie = UserToCookie($UserLogin); // echo "checking database\n"; // test for existance of user id $sql = "select * from users where cookie = '{$Cookie}'"; $result = pg_exec($db, $sql) or die('query failed'); // create user id if not found if (!pg_numrows($result)) { // echo "confirmed: user id is new\n"; $UserID = freshports_GetNextValue($Sequence_User_ID, $db); if (isset($UserID)) { $sql = "insert into users (id, name, cookie, email, " . "watch_notice_id, emailsitenotices_yn, type, ip_address, number_of_days, password_hash) values ("; $sql .= pg_escape_string($UserID) . ", '" . pg_escape_string($UserLogin) . "', '" . pg_escape_string($Cookie) . "', '" . pg_escape_string($email) . "', '1', 'N', 'U', '" . $_SERVER["REMOTE_ADDR"] . "', " . pg_escape_string($numberofdays) . ", crypt('" . pg_escape_string($Password1) . "' , gen_salt('md5')))"; syslog(LOG_ERR, "FreshPorts new user: '******', '{$UserLogin}', '{$email}', " . $_SERVER["REMOTE_ADDR"]); $errors .= "<BR>sql=" . $sql; $result = pg_exec($db, $sql); if ($result) { $UserCreated = 1; # if the mail out fails, we aren't handling it properly here. # we will. eventually. # freshports_UserSendToken($UserID, $db); } else { $errors .= "OUCH! I couldn't add you to the database\n"; $OK = 0;