-
Notifications
You must be signed in to change notification settings - Fork 0
/
controller.js
177 lines (163 loc) · 5.75 KB
/
controller.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
const cloudinary = require("cloudinary").v2;
const pool = require(__dirname + "/config/db.config.js");
exports.logIn = (req, res) => {
const loginData = req.body;
const queryString = `SELECT id, email, password FROM users WHERE email = '${loginData.email}' AND password = '${loginData.password}';`
pool.query(queryString, (error, selection) => {
if (error) {
throw error
}
if (selection.rows.length == 1) {
res.status(200).send({token: "userAuthenticated", id: selection.rows[0].id})
} else if (selection.rows.length > 1) {
res.status(500).send("This email-password pair references more than one user in our database...")
} else {
res.status(500).send("This email-password pair doesn't exist in our database.")
}
})
}
exports.getOffers = (req, res) => {
pool.query('SELECT * FROM offers;', (error, selection) => {
if (error) {
throw error
}
res.status(200).send(selection.rows)
})
}
exports.getUserOffers = (req, res) => {
const userId = req.params.id
const queryString = `SELECT * FROM offers WHERE user_id = ${userId};`
pool.query(queryString, (error, selection) => {
if (error) {
throw error
}
res.status(200).send(selection.rows)
})
}
exports.getOffersWithUserIds = (req, res) => {
const queryString = `SELECT id, user_id FROM offers;`
pool.query(queryString, (error, selection) => {
if (error) {
throw error
}
res.send(selection.rows)
})
}
exports.createOffer = (req, res) => {
const offerData = req.body;
const processedTitle = offerData.title.replaceAll("''", "'").replaceAll("'", "''");
const processedDescription = offerData.description.replaceAll("''", "'").replaceAll("'", "''");
console.log(processedDescription);
const queryString = `INSERT INTO offers (title, category, price, description, user_id) VALUES ('${processedTitle}', '${offerData.category}', ${offerData.price}, '${processedDescription}', '${offerData.user_id}');`
console.log(queryString);
pool.query(queryString, (error, newOffer) => {
if (error) {
throw error
}
res.send(newOffer)
}
)
}
exports.deleteOffer = (req, res) => {
const offerId = req.params.id;
const queryString = `DELETE FROM offers WHERE id = ${offerId};`
pool.query(queryString, (error, deletedOffer) => {
if (error) {
throw error
}
res.send(deletedOffer)
})
}
exports.getUsers = (req, res) => {
pool.query('SELECT * FROM users;', (error, selection) => {
if (error) {
throw error
}
res.status(200).json(selection.rows)
})
}
exports.getUser = (req, res) => {
const userId = req.params.id;
const queryString = `SELECT * FROM users WHERE id = ${userId};`
pool.query(queryString, (error, selection) => {
if (error) {
throw error
}
const user = selection.rows[0];
res.send(user)
})
}
exports.updateUser = (req, res, next) => {
const userId = req.params.id;
const userData = req.body;
// Check to see which data need to be updated
const incomingFields = ["name", "pronouns", "bio"]
const incomingData = [userData.name, userData.pronouns, userData.bio]
let dataString = ""
for (let i = 0; i < 3; i++) {
// Concatenate all the incoming data into a SQL-friendly string:
// Replace accidental double apostrophes with single ones
// Then, escape all the single apostrophes by replacing them with double ones
// This ensures the string is SQL-friendly
if (dataString == "" && incomingData[i] != "") {
dataString = dataString + incomingFields[i] + " = '" + incomingData[i].replaceAll("''", "'").replaceAll("'", "''") + "'"
} else if (dataString != "" && incomingData[i] != "") {
dataString = dataString + ", " + incomingFields[i] + " = '" + incomingData[i].replaceAll("''", "'").replaceAll("'", "''") + "'"
}
}
const queryString = `UPDATE users SET ${dataString} WHERE id = ${userId};`
// console.log(queryString)
pool.query(queryString, (error, updatedUser) => {
if (error) {
throw error
}
res.status(200).send(updatedUser)
})
}
exports.createUser = (req, res) => {
const userData = req.body;
const queryString = `INSERT INTO users (email, password, name) VALUES ('${userData.email}', '${userData.password}', '${userData.name}');`
pool.query(queryString, (error, newUser) => {
if (error) {
throw error
}
res.send(newUser)
})
}
// Cloudinary upload code
cloudinary.config({
cloud_name: process.env.CLOUD_NAME,
api_key: process.env.API_KEY,
api_secret: process.env.API_SECRET,
});
async function handleUpload(file) {
const res = await cloudinary.uploader.upload(file, {
resource_type: "auto",
});
return res;
}
exports.uploadImage = async (req, res) => {
try {
const b64 = Buffer.from(req.file.buffer).toString("base64");
let dataURI = "data:" + req.file.mimetype + ";base64," + b64;
const cldRes = await handleUpload(dataURI);
res.json(cldRes);
} catch (error) {
console.log(error);
res.send({
message: error.message,
});
}
};
exports.setUserImage = (req, res) => {
const userId = req.params.id
const ppUrl = req.body.url
const queryString = `UPDATE users SET photo_url = '${ppUrl}' WHERE id = ${userId}`
// console.log(queryString)
pool.query(queryString, (error, updatedUser) => {
if (error) {
throw error
}
res.status(200).send(updatedUser)
})
}