4

I've just converted the following PHP code to a MySQL stored procedure. There is no obvious syntax error as I could execute it with PHPMyAdmin. I can see it with

SELECT routine_definition
FROM information_schema.routines
WHERE routine_schema = 'chess';

As this is the first time I've written a stored procedure, I would like to know

  • Does the stored procedure do what I think it does? (See flowchart in "What it should do")
  • Is the stored procedure plain SQL (to some standard) or will I only be able to use this with MySQL databases? What is MySQL specific? Could I get rid of that?
  • Is there any way I can improve this stored procedure? Are there best practices that I broke?
  • Do I have to sanitize input data when I use stored procedures?

Here is a short overview over the database and all code. But I hope this is not necessary to answer my questions.

What it should do

enter image description here

New stored procedure

DELIMITER //
CREATE PROCEDURE ChallengeUser(
   IN challengedUserID INT,
   IN currentUserID INT,
   OUT startedGamePlayerUsername varchar(255),
   OUT startedGameID INT,
   OUT incorrectID BIT,
   OUT alreadyChallengedPlayer BIT,
   OUT alreadyChallengedGameID INT
  )
    BEGIN
        SELECT `username` AS startedGamePlayerUsername FROM chess_users
          WHERE `user_id` = challengedUserID 
               AND `user_id` != currentUserID LIMIT 1;

        IF startedGamePlayerUsername IS NOT NULL THEN
            SELECT `id` FROM `chess_games` 
              WHERE `whiteUserID` = currentUserID 
                AND `blackUserID` = challengedUserID 
                AND `outcome` = -1 LIMIT 1;
            IF id IS NULL THEN
                SELECT `softwareID` AS `whitePlayerSoftwareID` 
                  FROM chess_users 
                WHERE `user_id`=currentUserID LIMIT 1;
                SELECT `softwareID` AS `blackPlayerSoftwareID` 
                  FROM chess_users 
                  WHERE `user_id`=challengedUserID LIMIT 1;
                INSERT INTO `chess_games` (`tournamentID`, `whiteUserID`, 
                                  `blackUserID`, `whitePlayerSoftwareID`, 
                                     `blackPlayerSoftwareID`, `moveList`) 
                    VALUES (NULL, currentUserID, challengedUserID, 
                            whitePlayerSoftwareID, 
                            blackPlayerSoftwareID, "");

                /* Get the id of the just inserted tuple */
                SELECT `id` AS startedGameID FROM chess_games 
                  WHERE `whiteUserID` = whitePlayerSoftwareID 
                    AND `blackUserID` = blackPlayerSoftwareID 
                    AND `whitePlayerSoftwareID` = whitePlayerSoftwareID 
                    AND `blackPlayerSoftwareID` = blackPlayerSoftwareID 
                    AND `moveList` = "" LIMIT 1;
            ELSE
                SET alreadyChallengedPlayer = 1;
                SET alreadyChallengedGameID = id;
            END IF;
        ELSE
            SET incorrectID = 1;
        END IF;
    END //
DELIMITER ;

New PHP code

function challengeUser2($user_id, $t) {
    global $conn;
    $stmt = $conn->prepare("CALL ChallengeUser(?,?,@startedGamePlayerUsername,".
                       ."@startedGameID,@incorrectID,"
                       ."@alreadyChallengedPlayer,@alreadyChallengedGameID)");
    $test = USER_ID;
    $stmt->bindParam(1, $user_id);
    $stmt->bindParam(2, $test);
    $returnValue = $stmt->execute();

    echo "Return Value\n";
    print_r($returnValue);
    echo "################\n\nstmt\n";
    print_r($stmt);

    echo "################\n\nrow\n";
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
    print_r($row);
}

What it prints out

Return Value
1################

stmt
PDOStatement Object
(
    [queryString] => CALL ChallengeUser(?,?,@startedGamePlayerUsername,
       @startedGameID,@incorrectID,
       @alreadyChallengedPlayer,@alreadyChallengedGameID)
)
################

row
Array
(
    [startedGamePlayerUsername] => test
)

What it should do

It should have created a new entry in the table chess_games. But there is no new entry and there is no value for incorrectID or alreadyChallengedPlayer. So I think I made a mistake.

4

1 回答 1

0

抱歉这么乱的代码-我在工作=没有太多时间,但应该可以帮助您。您必须将数据添加到表中:USERS 和 SOFTWARE。NULL 处理存在问题,并将查询结果传递给变量。

编辑:修复查询“获取刚刚插入的元组的 id”

DELIMITER $$

DROP PROCEDURE IF EXISTS `ChallengeUser`$$

CREATE DEFINER=`root`@`localhost` PROCEDURE `ChallengeUser`(
challengedUserID INT,
currentUserID INT,
startedGamePlayerUsername  VARCHAR(255),
startedGameID INT,
incorrectID INT,
alreadyChallengedPlayer INT,
alreadyChallengedGameID INT
)
BEGIN

DECLARE TMP_ID INT DEFAULT 0;
DECLARE TMP_W_PLAYER INT DEFAULT 0;    
DECLARE TMP_B_PLAYER INT DEFAULT 0;


    SELECT `username` INTO startedGamePlayerUsername 
      FROM chess_users
    WHERE `user_id` = challengedUserID 
      AND `user_id` != currentUserID LIMIT 1;

    IF startedGamePlayerUsername IS NOT NULL THEN

        SELECT `id` INTO TMP_ID 
          FROM `chess_games` 
        WHERE `whiteUserID` = currentUserID 
            AND `blackUserID` = challengedUserID 
            AND `outcome` = -1 
        LIMIT 1;

        -- here was bad NULL handling    
        IF TMP_ID IS NULL OR TMP_ID='' THEN

            SELECT `softwareID` INTO TMP_W_PLAYER
              FROM chess_users 
            WHERE `user_id`=currentUserID 
            LIMIT 1;

            SELECT `softwareID` INTO TMP_B_PLAYER 
              FROM chess_users 
            WHERE `user_id`=challengedUserID 
            LIMIT 1;

            INSERT INTO `chess_games` 
        (`tournamentID`, `whiteUserID`,`blackUserID`, `whitePlayerSoftwareID`,`blackPlayerSoftwareID`, `moveList`)
                     SELECT NULL, currentUserID, challengedUserID, TMP_W_PLAYER, TMP_B_PLAYER, "";           


            /* Get the id of the just inserted tuple */
            SELECT max(`id`) INTO startedGameID FROM chess_games 
              WHERE `whiteUserID` = currentUserID 
                AND `blackUserID` = challengedUserID 
                AND `whitePlayerSoftwareID` = TMP_W_PLAYER 
                AND `blackPlayerSoftwareID` = TMP_B_PLAYER
                AND `moveList` = "";
        ELSE
            SET alreadyChallengedPlayer = 1;
            SET alreadyChallengedGameID = TMP_ID;
        END IF;
    ELSE
        SET incorrectID = 1;
    END IF;

    SELECT startedGamePlayerUsername,startedGameID,   incorrectID ,   alreadyChallengedPlayer ,   alreadyChallengedGameID;

END$$

DELIMITER ;
于 2013-07-17T14:51:45.730 回答