From 73063beda0d86dd5bc774701941a8653fa0c823e Mon Sep 17 00:00:00 2001 From: niekt0 Date: Sun, 27 Mar 2011 22:28:44 +0200 Subject: [PATCH] set_synapse_weight update --- wwwroot/backend/mysql/backend.inc | 25 +++++++++++++++++++++---- wwwroot/inc/eventz.inc | 4 +--- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/wwwroot/backend/mysql/backend.inc b/wwwroot/backend/mysql/backend.inc index dd0c4f7..ac554ed 100644 --- a/wwwroot/backend/mysql/backend.inc +++ b/wwwroot/backend/mysql/backend.inc @@ -343,16 +343,33 @@ function getKNeurons($user_id,$interval) { // Set synapse weight, +// Secure +// Returns true on sucess, otherwise false + // XXX TODO function setSynapse($src,$dst,$weight) { global $db,$node,$error,$error_messages; - // XXX security fix -// $q="update neurons set synapse_weight='$synapse_weight' where dst = '$dst' and src = '$src'"; -// $q="insert into neurons values('$synapse_weight','$dst','$src',NULL,'synapse',XXX,now(),XXX,$src)"; + if ((!is_numeric($src)) or (!is_numeric($dst)) or (!is_numeric($weight))) { + return false; + } + + // if already exists + $q="select src from neurons where dst ='$dst' and src = '$src'"; + $set=$db->query($q); -// $set=$db->query($q); + $set->next(); + $isrc=$set->getString('src'); + if ( $set ) { + $q="update neurons set synapse_weight='$synapse_weight' + where dst = '$dst' and src = '$src'"; + } else { + // FIXME no vector set + $q="insert into neurons values('$synapse_weight','$dst','$src',0,'synapse', + CURRENT_TIMESTAMP(),now(),NULL,$src)"; + } + $set=$db->query($q); return true; } diff --git a/wwwroot/inc/eventz.inc b/wwwroot/inc/eventz.inc index 16b706c..418ab07 100644 --- a/wwwroot/inc/eventz.inc +++ b/wwwroot/inc/eventz.inc @@ -33,9 +33,7 @@ elseif (is_file(INCLUDE_DIR."eventz/$event.inc")) { $status=$event(); $_SESSION['eventz'][$event]=true; - } - - else { + } else { $error=$error_messages['EVENT_NOT_PERMITTED']; } -- 2.30.2