3 * FusionForge form management
5 * Copyright 2005, GForge, LLC
6 * Copyright 2009, Roland Mas
8 * This file is part of FusionForge. FusionForge is free software;
9 * you can redistribute it and/or modify it under the terms of the
10 * GNU General Public License as published by the Free Software
11 * Foundation; either version 2 of the Licence, or (at your option)
14 * FusionForge is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 * form_generate_key() - Returns a new key, and registers it in the db.
27 * @return int A new identifier.
30 function form_generate_key() {
33 // there's about 99.999999999% probability this loop will run only once :)
35 $key = md5(microtime() + util_randbytes() + $_SERVER["REMOTE_ADDR"]);
36 $res = db_query_params ('SELECT * FROM form_keys WHERE key=$1', array ($key));
37 if (!db_numrows($res)) {
41 $res = db_query_params('INSERT INTO form_keys (key,is_used,creation_date) VALUES ($1, 0, $2)', array ($key,time()));
51 * form_key_is_valid() - Checks the db to see if the given key is already used. In case it's not already used
55 * @return boolean True if the given key is already used. False if not.
58 function form_key_is_valid($key) {
59 // Fail back mode if key is empty. This can happen when there is
60 // a problem with the generation. In this case, it may be better
61 // to disable this check instead of blocking all the application.
66 $res = db_query_params ('SELECT * FROM form_keys WHERE key=$1 and is_used=0 FOR UPDATE', array ($key));
67 if (!$res || !db_numrows($res)) {
71 $res = db_query_params ('UPDATE form_keys SET is_used=1 WHERE key=$1', array ($key));
81 * form_release_key() - Releases the given key if it is already used. If the given key it's not in the db, it returns false.
84 * @return boolean True if the given key is successfully released. False if not.
87 function form_release_key($key) {
89 $res = db_query_params ('SELECT * FROM form_keys WHERE key=$1 FOR UPDATE', array ($key));
90 if (!$res || !db_numrows($res)) {
94 $res = db_query_params ('UPDATE form_keys SET is_used=0 WHERE key=$1', array ($key));
105 // c-file-style: "bsd"