#include "Database.h" // if (!_db.CheckSyntax(req)) // { // wxString s = req; // std::cout << s.mb_str() << " is invalid !\n" ; // code_if_syntax_fail; // return return_value; // } #define EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, code_if_fail, code_if_syntax_fail) \ do{\ try\ {\ _db.ExecuteUpdate(req);\ }\ catch (wxSQLite3Exception e)\ {\ std::cerr << req.mb_str() << "\n" ;\ std::cerr << e.GetMessage().mb_str() << "\n" ;\ code_if_fail; \ return return_value;\ }\ } while(0); #define EXECUTE_SQL_QUERY_WITH_CODE(req, res, return_value, code_if_fail, code_if_syntax_fail) \ do{\ try\ {\ res = _db.ExecuteQuery(req);\ }\ catch (wxSQLite3Exception e)\ {\ std::cerr << req.mb_str() << "\n" ;\ std::cerr << e.GetMessage().mb_str() << "\n" ;\ code_if_fail; \ return return_value;\ }\ } while(0); #define EXECUTE_SQL_QUERY(req, res, return_value) EXECUTE_SQL_QUERY_WITH_CODE(req, res, return_value, {}, {}) #define EXECUTE_SQL_UPDATE(req, return_value) EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, {}, {}) static inline wxString DoubleToString(double d) { wxString res; res = wxString::Format(_("%.2lf"), d); res.Replace(_(","), _(".")); return res; } Database::Database() { std::ifstream bdd_file; bdd_file.open(BDD_FILE); if (!bdd_file) { CreateDatabase(); } else _db.Open(_(BDD_FILE)); bdd_file.close(); } void Database::CreateDatabase() { std::ifstream init_script; std::string line; wxString wxline; wxMessageBox(_("No database found, creating a new one"), _("KissCount"), wxICON_EXCLAMATION | wxOK ); init_script.open(INIT_SCRIPT); if (!init_script) { wxMessageBox(_(INIT_SCRIPT " not found, aborting"), _("Error"), wxICON_ERROR | wxOK ); throw "init.sql not found, aborting"; } _db.Open(_(BDD_FILE)); do { getline(init_script, line); wxline = wxString(line.c_str(), wxConvUTF8); wxline.Trim(false); if (!wxline.Length() || wxline.StartsWith(_("--"))) continue; if (!_db.CheckSyntax(wxline)) { std::cout << line << " is invalid !\n" ; continue; } try { _db.ExecuteUpdate(wxline); } catch (...) { wxMessageBox(_("Error creating original database"), _("Error"), wxICON_ERROR | wxOK ); remove(BDD_FILE); throw line; } } while (init_script); init_script.close(); } wxString Database::HashPassword(wxString password) { blk_SHA_CTX sha_ctx; unsigned char sha[20]; wxString wxSHA; blk_SHA1_Init(&sha_ctx); blk_SHA1_Update(&sha_ctx, password.c_str(), password.Length()); blk_SHA1_Final(sha, &sha_ctx); for(int i=0; i<20; i++) wxSHA += wxString::Format(wxT("%02x"), (int)sha[i]); return wxSHA; } std::list Database::GetUsers() { std::list res; wxString req; // Check whether value exists in table wxSQLite3ResultSet set ; req = _("SELECT name FROM user ORDER BY name"); EXECUTE_SQL_QUERY(req, set, res); while (set.NextRow()) { res.push_front(set.GetAsString(0)); } set.Finalize(); return res; } bool Database::IsValidUser(wxString user, wxString password) { bool res; wxString req; wxSQLite3ResultSet set; req = _("SELECT name FROM user WHERE name='") + user + _("' AND password='") + HashPassword(password) + _("'"); EXECUTE_SQL_QUERY(req, set, false); res = set.NextRow() ; set.Finalize(); return res; } User* Database::LoadUser(wxString name) { wxSQLite3ResultSet set; wxString req; User* user; struct Account account; struct category category; std::vector::iterator it; req = _("SELECT * FROM user WHERE name='") + name + _("'"); EXECUTE_SQL_QUERY(req, set, NULL); if (!set.NextRow()) return NULL; user = new User(); user->_id = set.GetAsString(_("id")); user->_name = set.GetAsString(_("name")); user->_password = _("") ; // Security reasons set.GetAsString("password"); set.Finalize(); req = _("SELECT * FROM account WHERE user='") + user->_id + _("' ORDER BY default_account DESC, name ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { account.id = set.GetAsString(_("id")); account.name = set.GetAsString(_("name")); account.number = set.GetAsString(_("number")); account.shared = set.GetBool(_("shared")); account._default = set.GetBool(_("default_account")); user->_accounts.push_back(account); } set.Finalize(); if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = _("SELECT DISTINCT year FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("') ORDER BY year ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { user->_operations[set.GetInt(_("year"))] = NULL; } set.Finalize(); } req = _("SELECT id, value FROM preference WHERE type='category' AND name='name' AND user='") + user->_id + _("' ORDER BY value ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { category.id = set.GetAsString(_("id")); category.name = set.GetAsString(_("value")); if (category.name != _("Fixe")) user->_preferences._categories.push_back(category); else user->_preferences._categories.insert(user->_preferences._categories.begin(), category); } set.Finalize(); req = _("SELECT name, value FROM preference WHERE type='category_color' AND user='") + user->_id + _("' ORDER BY value ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { std::vector::iterator it; for (it=user->_preferences._categories.begin(); it !=user->_preferences._categories.end(); it++) if (it->name == set.GetAsString(_("name"))) { it->color = wxColour(set.GetAsString(_("value"))); break; } } set.Finalize(); return user; } void Database::LoadYear(User* user, int year) { wxSQLite3ResultSet set; wxString req; std::vector::iterator it; if (user->_operations[year] == NULL) user->_operations[year] = new std::map >(); it = user->_accounts.begin(); req = _("SELECT * FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); req += _(" AND year='") + wxString::Format(_("%d"), year) + _("'"); req += _(" ORDER BY fix_cost DESC, year,month,day ASC"); EXECUTE_SQL_QUERY(req, set, ); while (set.NextRow()) { operation op; op.id = set.GetAsString(_("id")); op.account = set.GetAsString(_("account")); op.day = set.GetInt(_("day")); op.month = set.GetInt(_("month")); op.year = set.GetInt(_("year")); op.amount = set.GetDouble(_("amount")); op.description = set.GetAsString(_("description")); op.category = set.GetAsString(_("category")); op.fix_cost = set.GetBool(_("fix_cost")); op.checked = set.GetBool(_("checked")); (*user->_operations[op.year])[op.month].push_back(op); } set.Finalize(); } double Database::GetAccountAmount(wxString id, int month, int year) { wxSQLite3ResultSet set; wxString req; double res; req = _("SELECT amount FROM account_amount WHERE account='") + id ; req += _("' AND month='") + wxString::Format(_("%d"), month); req += _("' AND year='") + wxString::Format(_("%d"), year); req += _("'"); EXECUTE_SQL_QUERY(req , set, 0.0); if (set.NextRow()) res = set.GetDouble(_("amount")); else { SetAccountAmount(month, year, id, 0.0); res = 0.0; } set.Finalize(); return res; } void Database::UpdateOperation(struct operation op) { wxString req; req = _("UPDATE operation SET ") ; req += _("account='") + op.account + _("'"); req += _(", year='") + wxString::Format(_("%d"), op.year) + _("'"); req += _(", month='") + wxString::Format(_("%d"), op.month) + _("'"); req += _(", day='") + wxString::Format(_("%d"), op.day) + _("'"); req += _(", amount='") + DoubleToString(op.amount) + _("'"); req += _(", description=\"") + op.description + _("\""); req += _(", category='") + op.category + _("'"); if (op.checked) req += _(", checked='1'"); else req += _(", checked='0'"); req += _(" WHERE id='") + op.id + _("'"); //std::cout << req.mb_str() << "\n"; EXECUTE_SQL_UPDATE(req, ); } wxString Database::AddOperation(User* user, struct operation op) { wxString req, res; wxSQLite3ResultSet set; req = _("INSERT INTO operation ('user', 'account', 'year', 'month', 'day', 'amount', 'description', 'category', 'fix_cost') VALUES ('") ; req += user->_id + _("'"); req += _(", '") + op.account + _("'"); req += _(", '") + wxString::Format(_("%d"), op.year) + _("'"); req += _(", '") + wxString::Format(_("%d"), op.month) + _("'"); req += _(", '") + wxString::Format(_("%d"), op.day) + _("'"); req += _(", '") + DoubleToString(op.amount) + _("'"); req += _(", \"") + op.description + _("\""); req += _(", '") + op.category + _("'"); if (op.fix_cost) req += _(", '1'") ; else req += _(", '0'") ; req += _(")"); EXECUTE_SQL_UPDATE(req, _("0")); req = _("SELECT id FROM operation WHERE "); req += _("user='") + user->_id + _("'"); req += _(" AND account='") + op.account + _("'"); req += _(" AND year='") + wxString::Format(_("%d"), op.year) + _("'"); req += _(" AND month='") + wxString::Format(_("%d"), op.month) + _("'"); req += _(" AND day='") + wxString::Format(_("%d"), op.day) + _("'"); req += _(" AND amount='") + DoubleToString(op.amount) + _("'"); req += _(" AND description=\"") + op.description + _("\""); req += _(" AND category='") + op.category + _("'"); if (op.fix_cost) req += _(" AND fix_cost='1'") ; else req += _(" AND fix_cost='0'") ; req += _("ORDER BY ID DESC") ; EXECUTE_SQL_QUERY(req , set, _("0")); if (set.NextRow()) res = set.GetAsString(_("id")); else res = _("0"); set.Finalize(); return res; } void Database::DeleteOperation(struct operation op) { wxString req; req = _("DELETE FROM operation WHERE id='") + op.id + _("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::DeleteOperations(User* user, int month, int year) { wxString req; std::vector::iterator it; it = user->_accounts.begin(); req = _("DELETE FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); req += _(" AND year='") + wxString::Format(_("%d"), year) + _("'"); if (month != -1) req += _(" AND month='") + wxString::Format(_("%d"), month) + _("'"); EXECUTE_SQL_UPDATE(req, ); it = user->_accounts.begin(); req = _("DELETE FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); req += _(" AND year='") + wxString::Format(_("%d"), year) + _("'"); if (month != -1) req += _(" AND month='") + wxString::Format(_("%d"), month) + _("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::SetAccountAmount(int month, int year, wxString accountId, double amount) { wxString req; req = _("UPDATE account_amount SET ") ; req += _("amount='") + DoubleToString(amount) + _("'"); req += _(" WHERE account='") + accountId + _("'"); req += _(" AND year='") + wxString::Format(_("%d"), year) + _("'"); req += _(" AND month='") + wxString::Format(_("%d"), month) + _("'"); try { if (!_db.ExecuteUpdate(req)) { req = _("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += accountId + _("'"); req += _(" ,'") + wxString::Format(_("%d"), year) + _("'"); req += _(" ,'") + wxString::Format(_("%d"), month) + _("'"); req += _(" ,'") + DoubleToString(amount) + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, ); } } catch (wxSQLite3Exception e) { std::cerr << req.mb_str() << "\n" ; std::cerr << e.GetMessage().mb_str() << "\n" ; return ; } } wxString Database::AddAccount(User* user, struct Account ac) { wxString req, res; wxSQLite3ResultSet set; req = _("INSERT INTO account ('user', 'name', 'number', 'shared', 'default_account') VALUES ('") ; req += user->_id + _("'"); req += _(", '") + ac.name + _("'"); req += _(", '") + ac.number + _("'"); if (ac.shared) req += _(", '1'") ; else req += _(", '0'") ; if (ac._default) req += _(", '1'") ; else req += _(", '0'") ; req += _(")"); EXECUTE_SQL_UPDATE(req, _("0")); req = _("SELECT id FROM account WHERE name='") + ac.name + _("'") ; req += _("AND user='") + user->_id + _("'"); EXECUTE_SQL_QUERY(req , set, _("0")); if (set.NextRow()) res = set.GetAsString(_("id")); else res = _("0"); set.Finalize(); return res; } void Database::UpdateAccount(struct Account ac) { wxString req; req = _("UPDATE account SET ") ; req += _("name='") + ac.name + _("'"); req += _(", number='") + ac.number + _("'"); if (ac.shared) req += _(", shared='1'"); else req += _(", shared='0'"); if (ac._default) req += _(", default_account='1'"); else req += _(", default_account='0'"); req += _(" WHERE id='") + ac.id + _("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::DeleteAccount(struct Account ac) { wxString req; req = _("DELETE FROM account WHERE id='") + ac.id + _("'"); EXECUTE_SQL_UPDATE(req, ); } wxString Database::AddCategory(User* user, struct category category) { wxString req, res; wxSQLite3ResultSet set; wxString color; color = _("#") ; color += wxString::Format(_("%02X"), category.color.Red()); color += wxString::Format(_("%02X"), category.color.Green()); color += wxString::Format(_("%02X"), category.color.Blue()); req = _("INSERT INTO preference ('user', 'type', 'name', 'value') VALUES ('") ; req += user->_id + _("'"); req += _(", 'category'"); req += _(", 'name'"); req += _(", '") + category.name + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, _("0")); req = _("INSERT INTO preference ('user', 'type', 'name', 'value') VALUES ('") ; req += user->_id + _("'"); req += _(", 'category_color'"); req += _(", '") + category.name + _("'"); req += _(", '") + color + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, _("0")); req = _("SELECT id FROM preference WHERE user='") + user->_id + _("'") ; req += _(" AND type='category'"); req += _(" AND name='name'"); req += _(" AND value='") + category.name + _("'"); EXECUTE_SQL_QUERY(req , set, _("0")); if (set.NextRow()) res = set.GetAsString(_("id")); else res = _("0"); set.Finalize(); return res; } void Database::UpdateCategory(User* user, wxString oldName, wxString name, wxString color) { wxString req; if (oldName != name) { req = _("UPDATE preference SET ") ; req += _("value='") + name + _("'"); req += _(" WHERE user='") + user->_id + _("'"); req += _(" AND type='category'"); req += _(" AND name='name'"); req += _(" AND value='") + oldName + _("'"); EXECUTE_SQL_UPDATE(req, ); } req = _("UPDATE preference SET ") ; req += _("value='") + color + _("'"); req += _(" WHERE user='") + user->_id + _("'"); req += _(" AND type='category_color'"); req += _(" AND name='") + oldName + _("'"); EXECUTE_SQL_UPDATE(req, ); if (oldName != name) { req = _("UPDATE preference SET ") ; req += _("name='") + name + _("'"); req += _(" WHERE user='") + user->_id + _("'"); req += _(" AND type='category_color'"); req += _(" AND name='") + oldName + _("'"); req += _(" AND value='") + color + _("'"); EXECUTE_SQL_UPDATE(req, ); } } void Database::DeleteCategory(User* user, struct category category) { wxString req; req = _("DELETE FROM preference WHERE user='") + user->_id + _("'"); req += _(" AND type='category'"); req += _(" AND name='name'"); req += _(" AND value='") + category.name + _("'"); EXECUTE_SQL_UPDATE(req, ); req = _("DELETE FROM preference WHERE user='") + user->_id + _("'"); req += _(" AND type='category_color'"); req += _(" AND name='") + category.name + _("'"); EXECUTE_SQL_UPDATE(req, ); } std::map > Database::GetAllOperations(User* user) { wxString req; wxSQLite3ResultSet set, set2; std::vector::iterator it; std::map > res; int year; if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = _("SELECT DISTINCT year FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("') ORDER BY year ASC"); EXECUTE_SQL_QUERY(req, set, res); while (set.NextRow()) { year = set.GetInt(_("year")); it = user->_accounts.begin(); req = _("SELECT DISTINCT month FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); req += _(" AND year='") + set.GetAsString(_("year")) + _("'"); req += _(" ORDER BY month ASC"); EXECUTE_SQL_QUERY(req, set2, res); while (set2.NextRow()) { res[year].push_back(set2.GetInt(_("month"))); } set2.Finalize(); } set.Finalize(); } return res; } void Database::GenerateMonth(User* user, int monthFrom, int yearFrom, int monthTo, int yearTo) { std::vector::iterator it; wxString req; wxSQLite3ResultSet set; double amount; if (monthFrom == -1 || yearFrom == -1) { for (it = user->_accounts.begin(); it != user->_accounts.end(); it++) { req = _("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += it->id + _("'"); req += _(" ,'") + wxString::Format(_("%d"), yearTo) + _("'"); req += _(" ,'") + wxString::Format(_("%d"), monthTo) + _("'"); req += _(" ,'0.0'"); req += _(")"); EXECUTE_SQL_UPDATE(req, ); } return; } for (it = user->_accounts.begin(); it != user->_accounts.end(); it++) { amount = 0.0; req = _("SELECT amount FROM operation WHERE") ; req += _(" account='") + it->id + _("'"); req += _(" AND year='") + wxString::Format(_("%d"), yearFrom) + _("'"); req += _(" AND month='") + wxString::Format(_("%d"), monthFrom) + _("'"); EXECUTE_SQL_QUERY(req, set, ); while (set.NextRow()) amount += set.GetDouble(_("amount")); req = _("SELECT amount FROM account_amount WHERE") ; req += _(" account='") + it->id + _("'"); req += _(" AND year='") + wxString::Format(_("%d"), yearFrom) + _("'"); req += _(" AND month='") + wxString::Format(_("%d"), monthFrom) + _("'"); EXECUTE_SQL_QUERY(req, set, ); if (set.NextRow()) amount += set.GetDouble(_("amount")); req = _("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += it->id + _("'"); req += _(" ,'") + wxString::Format(_("%d"), yearTo) + _("'"); req += _(" ,'") + wxString::Format(_("%d"), monthTo) + _("'"); req += _(" ,'") + DoubleToString(amount) + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, ); } } void Database::ChangePassword(User* user, wxString password) { wxString req; req = _("UPDATE user SET ") ; req += _("password='") + HashPassword(password) + _("'"); req += _(" WHERE name='") + user->_name + _("'"); EXECUTE_SQL_UPDATE(req, ); } bool Database::UserExists(wxString name) { wxSQLite3ResultSet set; wxString req; bool res=false; req = _("SELECT name FROM user WHERE name='") + name + _("'") ; EXECUTE_SQL_QUERY(req , set, false); if (set.NextRow()) res = true; else res = false; set.Finalize(); return res; } void Database::ChangeName(User* user, wxString name) { wxString req; req = _("UPDATE user SET ") ; req += _("name='") + name + _("'"); req += _(" WHERE name='") + user->_name + _("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::NewUser(wxString name) { wxString req, id; wxSQLite3ResultSet set; req = _("INSERT INTO user ('name', 'password') VALUES ('") ; req += name + _("'"); req += _(", '") + HashPassword(_("")) + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, ); req = _("SELECT id FROM user WHERE "); req += _("name='") + name + _("'"); EXECUTE_SQL_QUERY(req , set, ); set.NextRow(); id = set.GetAsString(_("id")); set.Finalize(); req = _("SELECT * FROM default_preference"); EXECUTE_SQL_QUERY(req, set,); while (set.NextRow()) { req = _("INSERT INTO preference ('user', 'type', 'name', 'value') VALUES ('") ; req += id + _("'"); req += _(", '") + set.GetAsString(_("type")) + _("'"); req += _(", '") + set.GetAsString(_("name")) + _("'"); req += _(", '") + set.GetAsString(_("value")) + _("'"); req += _(")"); EXECUTE_SQL_UPDATE(req, ); } set.Finalize(); return ; } void Database::KillMe(User* user) { wxString req; std::vector::iterator it; req = _("DELETE FROM preference WHERE user='") + user->_id + _("'"); EXECUTE_SQL_UPDATE(req, ); if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = _("DELETE FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); EXECUTE_SQL_UPDATE(req, ); it = user->_accounts.begin(); req = _("DELETE FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += _("', '") + it->id ; } req += _("')"); EXECUTE_SQL_UPDATE(req, ); } req = _("DELETE FROM account WHERE user='") + user->_id + _("'"); EXECUTE_SQL_UPDATE(req, ); req = _("DELETE FROM user WHERE id='") + user->_id + _("'"); EXECUTE_SQL_UPDATE(req, ); }