aboutsummaryrefslogtreecommitdiff
path: root/profile/index.js
diff options
context:
space:
mode:
Diffstat (limited to 'profile/index.js')
-rw-r--r--profile/index.js112
1 files changed, 45 insertions, 67 deletions
diff --git a/profile/index.js b/profile/index.js
index ee81632..cc0972a 100644
--- a/profile/index.js
+++ b/profile/index.js
@@ -38,87 +38,57 @@ app.get("/api/questions", async (req, res) => {
res.json(questions);
});
-app.post("/api/add", async (req, res) => {
- try {
- for (let qid in req.body) {
- if (!req.body.hasOwnProperty(qid) || req.body[qid] === "dbg-image") continue;
- let answer = req.body[qid].replace(/</g, "&lt;").replace(/>/g, "&gt;");
- try {
- await db.query("INSERT INTO profile_answers (question_id, user_id, answer) VALUES (?, ?, ?)", [
- qid,
- req.session.uid,
- answer.replace(/</g, "&lt;").replace(/>/g, "&gt;"),
- ]);
- } catch (e) {
- console.error(e);
- }
- }
- for (let fid in req.files) {
- if (!req.files.hasOwnProperty(fid)) return;
-
- let image, imageType, imageName;
+app.post("/api/answer", async (req, res) => {
+ return await answer(req, res, "INSERT INTO profile_answers (answer, question_id, user_id) VALUE (?,?,?)");
+});
+app.put("/api/answer", async (req, res) => {
+ return await answer(req, res, "UPDATE profile_answers SET answer = ? WHERE question_id = ? AND user_id = ?");
+});
- image = req.files[fid];
- imageType = image.name.split(".").reverse()[0];
- imageName = `${req.session.uid}_${new Date().getTime()}.${imageType}`;
- image.mv(__dirname + "/public/uploads/" + imageName);
+async function answer(req, res, qs) {
+ try {
+ for (const qid in req.body) {
+ if (!req.body.hasOwnProperty(qid)) continue;
+ const answer = req.body[qid];
try {
- await db.query("INSERT INTO profile_answers (question_id, user_id, answer) VALUES (?, ?, ?)", [
- fid,
- req.session.uid,
- imageName,
- ]);
+ await db.query(qs, [answer, qid, req.session.uid]);
} catch (e) {
console.error(e);
}
}
- res.send("ok");
+ res.json({ success: true });
} catch (e) {
console.error(e);
- res.send("error");
+ res.json({ success: false });
}
+}
+
+app.post("/api/answerImage", async (req, res) => {
+ return await answerImage(req, res, "INSERT INTO profile_answers (answer, question_id, user_id) VALUE (?,?,?)");
+});
+app.put("/api/answerImage", async (req, res) => {
+ return await answerImage(req, res, "UPDATE profile_answers SET answer = ? WHERE question_id = ? AND user_id = ?");
});
-app.put("/api/update", async (req, res) => {
+async function answerImage(req, res, qs) {
try {
- for (let qid in req.body) {
- if (!req.body.hasOwnProperty(qid) || req.body[qid] === "dbg-image") continue;
- let answer = req.body[qid].replace(/</g, "&lt;").replace(/>/g, "&gt;");
+ for (const fid in req.files) {
+ if (!req.files.hasOwnProperty(fid)) continue;
+ const image = req.files[fid];
+ const name = `child_${req.session.uid}.jpg`;
try {
- await db.query("UPDATE profile_answers SET answer = ? WHERE question_id = ? AND user_id = ?", [
- answer,
- qid,
- req.session.uid,
- ]);
+ await image.mv(`${__dirname}/public/uploads/${name}`);
+ await db.query(qs, [name, fid, req.session.uid]);
} catch (e) {
console.error(e);
}
}
- for (let fid in req.files) {
- if (!req.files.hasOwnProperty(fid)) return;
-
- let image, imageType, imageName;
-
- image = req.files[fid];
- imageType = image.name.split(".").reverse()[0];
- imageName = `${req.session.uid}_${new Date().getTime()}.${imageType}`;
- image.mv(__dirname + "/public/uploads/" + imageName);
- try {
- await db.query("UPDATE profile_answers SET answer = ? WHERE question_id = ? AND user_id = ?", [
- imageName,
- fid,
- req.session.uid,
- ]);
- } catch (e) {
- console.error(e);
- }
- }
- res.send("ok");
+ res.json({ success: true });
} catch (e) {
console.error(e);
- res.send("error");
+ res.json({ success: false });
}
-});
+}
// Comments API
app.get("/api/comments/:uid", async (req, res) => {
@@ -182,10 +152,10 @@ app.delete("/api/comment", async (req, res) => {
// Char API
app.get("/api/char/:uid", async (req, res) => {
const uid = req.params.uid;
- const char = await db.query(
- "SELECT txt FROM profile_char WHERE profile_id = ? AND user_id = ?",
- [uid, req.session.uid],
- );
+ const char = await db.query("SELECT txt FROM profile_char WHERE profile_id = ? AND user_id = ?", [
+ uid,
+ req.session.uid,
+ ]);
res.json(char.length > 0 ? char[0] : {});
});
@@ -194,7 +164,11 @@ app.post("/api/char/:uid", async (req, res) => {
const { char } = req.body;
if (!char || char.length > 255) return res.json({ success: false });
try {
- await db.query("INSERT INTO profile_char (profile_id, user_id, txt) VALUE (?,?,?)", [uid, req.session.uid, char]);
+ await db.query("INSERT INTO profile_char (profile_id, user_id, txt) VALUE (?,?,?)", [
+ uid,
+ req.session.uid,
+ char,
+ ]);
res.json({ success: true });
} catch (e) {
console.error(e);
@@ -207,7 +181,11 @@ app.put("/api/char/:uid", async (req, res) => {
const { char } = req.body;
if (!char || char.length > 255) return res.json({ success: false });
try {
- await db.query("UPDATE profile_char SET txt = ? WHERE profile_id = ? AND user_id = ?", [char, uid, req.session.uid]);
+ await db.query("UPDATE profile_char SET txt = ? WHERE profile_id = ? AND user_id = ?", [
+ char,
+ uid,
+ req.session.uid,
+ ]);
res.json({ success: true });
} catch (e) {
console.error(e);