perform extra checks to ensure user/resource exists before trying to pull up resources by user/updates by resource; also check if listResources has any results and if the array is empty (i.e. no more results) then send a 4

jacobsandersen · jacobsandersen · commit a4e1bb8c11ef · 2021-06-19T09:30:10.000-07:00
04 instead of a plain empty array off to infinity; closes #48.
diff --git a/src/support/Database.php b/src/support/Database.php
@@ -39,13 +39,17 @@ public static function initializeViaConfig() {
     }
 
     public function listResources($category, $page) {
-        $page = $page == 1 ? 0 : 10 * ($page - 1);
+        if ($page <= 0) {
+            return NULL;
+        }
+
+        $offset = $page == 1 ? 0 : 10 * ($page - 1);
 
         if (!is_null($this->conn)) {
             $categoryClause = is_null($category) ? '' : 'AND r.resource_category_id = :resource_category_id';
             
             $resStmt = $this->conn->prepare($this->_resource(sprintf('%s LIMIT 10 OFFSET :offset', $categoryClause)));
-            $resStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
+            $resStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);
             
             if (!empty($categoryClause)) {
                 $resStmt->bindParam(':resource_category_id', $category);   
@@ -54,6 +58,10 @@ public function listResources($category, $page) {
             if ($resStmt->execute()) {
                 $resources = $resStmt->fetchAll();
 
+                if (is_null($resources) || $resources == false || empty($resources)) {
+                    return NULL;
+                }
+
                 for ($i = 0; $i < count($resources); $i++) {
                     $resource = $resources[$i];
                     $resource['fields'] = $this->_resource_fields($resource['resource_id']);
@@ -74,7 +82,11 @@ public function getResource($resource_id) {
 
             if ($resStmt->execute()) {
                 $resource = $resStmt->fetch();
-                $resource['fields'] = $this->_resource_fields($resource['resource_id']);
+                
+                if (!is_null($resource) && $resource !== false) {
+                    $resource['fields'] = $this->_resource_fields($resource['resource_id']);
+                }
+
                 return $resource;
             }
         }
@@ -83,12 +95,16 @@ public function getResource($resource_id) {
     }
 
     public function getResourcesByUser($user_id, $page) {
-        $page = $page == 1 ? 0 : 10 * ($page - 1);
+        if ($page <= 0 || !$this->_user_exists($user_id)) {
+            return NULL;
+        }
 
+        $offset = $page == 1 ? 0 : 10 * ($page - 1);
+        
         if (!is_null($this->conn)) {
             $resStmt = $this->conn->prepare($this->_resource('AND r.user_id = :user_id LIMIT 10 OFFSET :offset'));
             $resStmt->bindParam(':user_id', $user_id);
-            $resStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
+            $resStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);
 
             if ($resStmt->execute()) {
                 $resources = $resStmt->fetchAll();
@@ -132,12 +148,16 @@ public function getResourceUpdate($update_id) {
     }
 
     public function getResourceUpdates($resource_id, $page) {
-        $page = $page == 1 ? 0 : 10 * ($page - 1);
+        if ($page <= 0 || !$this->_resource_exists($resource_id)) {
+            return NULL;
+        }
+
+        $offset = $page == 1 ? 0 : 10 * ($page - 1);
 
         if (!is_null($this->conn)) {
             $updatesStmt = $this->conn->prepare($this->_resource_update('AND r.resource_id = :resource_id LIMIT 10 OFFSET :offset'));
             $updatesStmt->bindParam(':resource_id', $resource_id);
-            $updatesStmt->bindParam(':offset', $page, \PDO::PARAM_INT);
+            $updatesStmt->bindParam(':offset', $offset, \PDO::PARAM_INT);
 
             if ($updatesStmt->execute()) {
                 return $updatesStmt->fetchAll();
@@ -157,26 +177,32 @@ public function getUser($user_id) {
                 WHERE u.user_id = :user_id
                 GROUP BY u.user_id"
             );
-
             $userStmt->bindParam(':user_id', $user_id);
 
-            $identStmt = $this->conn->prepare(
-                "SELECT ufv.field_id, ufv.field_value
-                FROM xf_user_field_value ufv
-                    INNER JOIN xf_user u
-                        ON u.user_id = ufv.user_id
-                    INNER JOIN xf_user_field uf
-                        ON uf.field_id = ufv.field_id AND uf.display_group = 'contact'
-                WHERE ufv.user_id = :user_id AND ufv.field_value IS NOT NULL AND ufv.field_value != ''"
-            );
-
-            $identStmt->bindParam(':user_id', $user_id);
-
-            if ($userStmt->execute() && $identStmt->execute()) {
-                $out = new \stdClass();
-                $out->user = $userStmt->fetch();
-                $out->ident = $identStmt->fetchAll();
-                return $out;
+            if ($userStmt->execute()) {
+                $user = $userStmt->fetch();
+                if (!is_null($user) && $user != false) {
+                    $identStmt = $this->conn->prepare(
+                        "SELECT ufv.field_id, ufv.field_value
+                        FROM xf_user_field_value ufv
+                            INNER JOIN xf_user u
+                                ON u.user_id = ufv.user_id
+                            INNER JOIN xf_user_field uf
+                                ON uf.field_id = ufv.field_id AND uf.display_group = 'contact'
+                        WHERE ufv.user_id = :user_id AND ufv.field_value IS NOT NULL AND ufv.field_value != ''"
+                    );
+                    $identStmt->bindParam(':user_id', $user_id);
+                    
+                    $identities = new \stdClass();
+                    if ($identStmt->execute()) {
+                        $identities = $identStmt->fetchAll();
+                    }
+
+                    $out = new \stdClass();
+                    $out->user = $userStmt->fetch();
+                    $out->ident = $identities;
+                    return $out;
+                }
             }
         }
 
@@ -243,4 +269,30 @@ private function _resource_update($suffix) {
             $suffix
         );
     }
+
+    private function _resource_exists($resource_id) {
+        if (!is_null($this->conn)) {
+            $stmt = $this->conn->prepare("SELECT EXISTS(SELECT 1 FROM xf_resource WHERE resource_id = :resource_id) AS 'exists'");
+            $stmt->bindParam(":resource_id", $resource_id);
+            
+            if ($stmt->execute()) {
+                return (bool) $stmt->fetch()['exists'];
+            }
+        }
+
+        return FALSE;
+    }
+
+    private function _user_exists($user_id) {
+        if (!is_null($this->conn)) {
+            $stmt = $this->conn->prepare("SELECT EXISTS(SELECT 1 FROM xf_user WHERE user_id = :user_id) AS 'exists'");
+            $stmt->bindParam(":user_id", $user_id);
+            
+            if ($stmt->execute()) {
+                return (bool) $stmt->fetch()['exists'];
+            }
+        }
+
+        return FALSE;
+    }
 }
