Personal blog written from scratch using Node.js, Bootstrap, and MySQL. https://jrtechs.net
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

257 lines
7.4 KiB

  1. const mysql = require('mysql');
  2. const sanitizer = require('sanitizer');
  3. const Promise = require('promise');
  4. const crypto = require('crypto');
  5. const qs = require('querystring');
  6. const con = mysql.createConnection({
  7. host: "localhost",
  8. user: "blog_user",
  9. password: "password", //definitely not the password on production
  10. database: "blog_name"
  11. });
  12. con.connect(function(err) {
  13. if (err) throw err;
  14. });
  15. /**
  16. * Function used to query the database for records
  17. *
  18. * @param sqlStatement
  19. * @returns {Array}
  20. */
  21. var fetch = function(sqlStatement)
  22. {
  23. return new Promise(function(resolve, reject)
  24. {
  25. con.query(sqlStatement, function (err, result)
  26. {
  27. if(err)
  28. {
  29. reject();
  30. }
  31. resolve(result);
  32. });
  33. });
  34. };
  35. module.exports=
  36. {
  37. /**
  38. * Function used to use insert statements into the database
  39. *
  40. * Don't worry, the input gets sanitized
  41. *
  42. * @param sqlStatement
  43. * @return the id of the new record - if there is one
  44. */
  45. insert : function(sqlStatement)
  46. {
  47. return new Promise(function(resolve, reject)
  48. {
  49. con.query(sanitizer.sanitize(sqlStatement), function (err, result)
  50. {
  51. if (err)
  52. {
  53. console.log(err);
  54. resolve(0);
  55. }
  56. resolve(result.insertId);
  57. });
  58. })
  59. },
  60. /**
  61. * Not to be mistaken for getPostData() in @file utils/utils.js,
  62. * this function extracts a post entry from the sql server
  63. *
  64. * @param requestURL url user used to request blog post
  65. * @return {*} the entry found in the data base -- if any
  66. */
  67. getPost : function(requestURL)
  68. {
  69. return new Promise(function(resolve, reject)
  70. {
  71. var splitURL = requestURL.split("/")
  72. var q = "select * from categories where url='" + splitURL[1] + "'";
  73. fetch(q).then(function (result_category)
  74. {
  75. if(result_category.length != 0)
  76. {
  77. var q2 = "select * from posts where category_id='" + result_category[0].category_id +
  78. "' and url='" + splitURL[2] + "'";
  79. fetch(q2).then(function (result_posts)
  80. {
  81. if(result_posts != 0)
  82. {
  83. resolve(result_posts[0]);
  84. }
  85. else
  86. {
  87. resolve(0);
  88. }
  89. });
  90. }
  91. else
  92. {
  93. resolve(0);
  94. }
  95. });
  96. });
  97. },
  98. /**
  99. * Function used to retrieve all categories when making the sidebar
  100. *
  101. * @return {Promise<Response> | * | Array}
  102. */
  103. getCategories : function()
  104. {
  105. var q = "select * from categories";
  106. return fetch(q);
  107. },
  108. /**
  109. * Function which currently returns all posts of a particular category from the database
  110. * @param requestURL
  111. * @return {*|Promise}
  112. */
  113. getPostsFromCategory: function(requestURL)
  114. {
  115. return new Promise(function(resolve, reject)
  116. {
  117. var q = "select * from categories where name ='" + requestURL + "' limit 1";
  118. fetch(q).then(function(categories)
  119. {
  120. if(categories.length != 0)
  121. {
  122. var qPosts = "select * from posts where category_id='" + categories[0].category_id + "'";
  123. resolve(fetch(qPosts));
  124. }
  125. else
  126. {
  127. resolve([]);
  128. }
  129. });
  130. });
  131. },
  132. /**
  133. * Helper method which returns a list of objects which contains the url and name of thee ten most recent posts
  134. *
  135. * {[name: , url: ],[name: , url: ],[name: , url: ],...}
  136. *
  137. * @return {*|Promise}
  138. */
  139. getRecentPosts: function()
  140. {
  141. return new Promise(function(resolve, reject)
  142. {
  143. var q = "select name,url, category_id from posts order by post_id desc limit 10";
  144. fetch(q).then(function(sqlPosts)
  145. {
  146. var promises = [];
  147. sqlPosts.forEach(function(post)
  148. {
  149. promises.push(new Promise(function(res, rej)
  150. {
  151. var getCategory = "select url from categories where category_id='" + post.category_id + "'";
  152. fetch(getCategory).then(function(urls)
  153. {
  154. var obj = new Object();
  155. obj.name = post.name;
  156. obj.url = post.url;
  157. obj.category = urls[0].url;
  158. res(obj);
  159. });
  160. }));
  161. });
  162. Promise.all(promises).then(function(goodies)
  163. {
  164. resolve(goodies);
  165. });
  166. });
  167. });
  168. },
  169. getPopularPosts: function()
  170. {
  171. return new Promise(function(resolve, reject)
  172. {
  173. var q = "select * from popular_posts";
  174. fetch(q).then(function(sqlPosts)
  175. {
  176. });
  177. });
  178. },
  179. /**
  180. * Function which checks to see if a user successfully logged in based on
  181. * the post data which they sent
  182. *
  183. * @param postData the post data
  184. * @return {*|Promise} a json object with {pass: , user: }
  185. * the pass is whether or not they logged in successfully and the user is
  186. * the username they successfully logged in with
  187. */
  188. checkLogin: function(postData)
  189. {
  190. var post = qs.parse(postData);
  191. return new Promise(function(resolve, reject)
  192. {
  193. var result = Object();
  194. result.pass = false;
  195. if(post.username && post.password)
  196. {
  197. var cleanName = sanitizer.sanitize(post.username);
  198. var cleanPassword = sanitizer.sanitize(post.password);
  199. var getSalt = "select * from users where user_name='" + cleanName + "'";
  200. fetch(getSalt).then(function(saltResult)
  201. {
  202. if(saltResult.length == 1)
  203. {
  204. var hashedPassword = crypto.createHash('sha256')
  205. .update(cleanPassword + saltResult[0].salt)
  206. .digest('hex');
  207. if(saltResult[0].password === hashedPassword)
  208. {
  209. //yay!
  210. result.pass = true;
  211. result.user = cleanName;
  212. resolve(result);
  213. }
  214. else
  215. {
  216. //wrong password
  217. resolve(result)
  218. }
  219. }
  220. else
  221. {
  222. //incorrect username
  223. resolve(result);
  224. }
  225. })
  226. }
  227. else
  228. {
  229. //no login attempts were made
  230. resolve(result);
  231. }
  232. });
  233. },
  234. getCategory: function(categoryId)
  235. {
  236. return fetch("select * from categories where category_id='" + categoryId + "'");
  237. }
  238. };