|
5 | 5 | * |
6 | 6 | * Copyright (c) 1994, Regents of the University of California |
7 | 7 | * |
8 | | - * $Id: user.c,v 1.26 1999/03/16 04:25:45 momjian Exp $ |
| 8 | + * $Id: user.c,v 1.27 1999/04/02 06:16:36 tgl Exp $ |
9 | 9 | * |
10 | 10 | *------------------------------------------------------------------------- |
11 | 11 | */ |
@@ -94,20 +94,24 @@ UpdatePgPwdFile(char *sql, CommandDest dest) |
94 | 94 | void |
95 | 95 | DefineUser(CreateUserStmt*stmt,CommandDestdest) |
96 | 96 | { |
97 | | - |
98 | | -char*pg_shadow, |
99 | | -sql[SQL_LENGTH]; |
| 97 | +char*pg_shadow, |
| 98 | +sql[SQL_LENGTH]; |
100 | 99 | Relationpg_shadow_rel; |
101 | 100 | TupleDescpg_shadow_dsc; |
102 | | -HeapScanDescscan; |
| 101 | +HeapScanDescscan; |
103 | 102 | HeapTupletuple; |
104 | | -Datumdatum; |
105 | | -boolexists= false, |
106 | | -n, |
107 | | -inblock; |
108 | | -intmax_id=-1; |
109 | | - |
110 | | -if (stmt->password) |
| 103 | +Datumdatum; |
| 104 | +boolexists= false, |
| 105 | +n, |
| 106 | +inblock, |
| 107 | +havepassword, |
| 108 | +havevaluntil; |
| 109 | +intmax_id=-1; |
| 110 | + |
| 111 | +havepassword=stmt->password&&stmt->password[0]; |
| 112 | +havevaluntil=stmt->validUntil&&stmt->validUntil[0]; |
| 113 | + |
| 114 | +if (havepassword) |
111 | 115 | CheckPgUserAclNotNull(); |
112 | 116 | if (!(inblock=IsTransactionBlock())) |
113 | 117 | BeginTransactionBlock(); |
@@ -163,18 +167,31 @@ DefineUser(CreateUserStmt *stmt, CommandDest dest) |
163 | 167 | } |
164 | 168 |
|
165 | 169 | /* |
166 | | - * Build the insert statment to be executed. |
| 170 | + * Build the insert statement to be executed. |
| 171 | + * |
| 172 | + * XXX Ugly as this code is, it still fails to cope with ' or \ |
| 173 | + * in any of the provided strings. |
167 | 174 | */ |
168 | 175 | snprintf(sql,SQL_LENGTH, |
169 | | -"insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper," |
170 | | -"usecatupd,passwd,valuntil) values('%s',%d%s%s,'%s','%s')", |
171 | | -ShadowRelationName, |
172 | | -stmt->user,max_id+1, |
173 | | -(stmt->createdb&&*stmt->createdb) ?",'t','t'" :",'f','t'", |
174 | | -(stmt->createuser&&*stmt->createuser) ?",'t','t'" :",'f','t'", |
175 | | -stmt->password ?stmt->password :"''", |
176 | | -stmt->validUntil ?stmt->validUntil :""); |
| 176 | +"insert into %s (usename,usesysid,usecreatedb,usetrace," |
| 177 | +"usesuper,usecatupd,passwd,valuntil) " |
| 178 | +"values('%s',%d,'%c','t','%c','t',%s%s%s,%s%s%s)", |
| 179 | +ShadowRelationName, |
| 180 | +stmt->user, |
| 181 | +max_id+1, |
| 182 | + (stmt->createdb&&*stmt->createdb) ?'t' :'f', |
| 183 | + (stmt->createuser&&*stmt->createuser) ?'t' :'f', |
| 184 | +havepassword ?"'" :"", |
| 185 | +havepassword ?stmt->password :"NULL", |
| 186 | +havepassword ?"'" :"", |
| 187 | +havevaluntil ?"'" :"", |
| 188 | +havevaluntil ?stmt->validUntil :"NULL", |
| 189 | +havevaluntil ?"'" :""); |
177 | 190 |
|
| 191 | +/* |
| 192 | + * XXX If insert fails, say because a bogus valuntil date is given, |
| 193 | + * need to catch the resulting error and undo our transaction. |
| 194 | + */ |
178 | 195 | pg_exec_query_dest(sql,dest, false); |
179 | 196 |
|
180 | 197 | /* |
|