const mysql = require('mysql');
|
|
|
|
const sanitizer = require('sanitizer');
|
|
|
|
const Promise = require('promise');
|
|
|
|
const crypto = require('crypto');
|
|
|
|
const qs = require('querystring');
|
|
|
|
const utils = require('../utils/utils.js');
|
|
|
|
var con = mysql.createConnection({
|
|
host: "localhost",
|
|
user: "blog_user",
|
|
password: utils.getFileLine('../sql_secret'),
|
|
database: "jrtechs_blog"
|
|
});
|
|
|
|
|
|
con.connect(function(err) {
|
|
if (err) throw err;
|
|
});
|
|
|
|
/**
|
|
* Function used to query the database for records
|
|
*
|
|
* @param sqlStatement
|
|
* @returns {Array}
|
|
*/
|
|
var fetch = function(sqlStatement)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
con.query(sqlStatement, function (err, result)
|
|
{
|
|
if(err)
|
|
{
|
|
reject();
|
|
}
|
|
resolve(result);
|
|
});
|
|
});
|
|
};
|
|
|
|
module.exports=
|
|
{
|
|
/**
|
|
* Function used to use insert statements into the database
|
|
*
|
|
* Don't worry, the input gets sanitized
|
|
*
|
|
* @param sqlStatement
|
|
* @return the id of the new record - if there is one
|
|
*/
|
|
insert : function(sqlStatement)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
con.query(sanitizer.sanitize(sqlStatement), function (err, result)
|
|
{
|
|
if (err)
|
|
{
|
|
console.log(err);
|
|
resolve(0);
|
|
}
|
|
resolve(result.insertId);
|
|
});
|
|
})
|
|
},
|
|
|
|
/**
|
|
* Not to be mistaken for getPostData() in @file utils/utils.js,
|
|
* this function extracts a post entry from the sql server
|
|
*
|
|
* @param requestURL url user used to request blog post
|
|
* @return {*} the entry found in the data base -- if any
|
|
*/
|
|
getPost : function(requestURL)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
var splitURL = requestURL.split("/")
|
|
var q = "select * from categories where url='" + splitURL[1] + "'";
|
|
|
|
fetch(q).then(function (result_category)
|
|
{
|
|
if(result_category.length != 0)
|
|
{
|
|
|
|
var q2 = "select * from posts where category_id='" + result_category[0].category_id +
|
|
"' and url='" + splitURL[2] + "'";
|
|
|
|
fetch(q2).then(function (result_posts)
|
|
{
|
|
if(result_posts != 0)
|
|
{
|
|
resolve(result_posts[0]);
|
|
}
|
|
else
|
|
{
|
|
resolve(0);
|
|
}
|
|
});
|
|
}
|
|
else
|
|
{
|
|
resolve(0);
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
},
|
|
/**
|
|
* Function used to retrieve all categories when making the sidebar
|
|
*
|
|
* @return {Promise<Response> | * | Array}
|
|
*/
|
|
getCategories : function()
|
|
{
|
|
var q = "select * from categories";
|
|
return fetch(q);
|
|
},
|
|
|
|
/**
|
|
* Function which currently returns all posts of a particular category from the database
|
|
* @param requestURL
|
|
* @return {*|Promise}
|
|
*/
|
|
getPostsFromCategory: function(requestURL)
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
var q = "select * from categories where name ='" + requestURL + "' limit 1";
|
|
fetch(q).then(function(categories)
|
|
{
|
|
if(categories.length != 0)
|
|
{
|
|
var qPosts = "select * from posts where category_id='" + categories[0].category_id + "'";
|
|
resolve(fetch(qPosts));
|
|
}
|
|
else
|
|
{
|
|
resolve([]);
|
|
}
|
|
});
|
|
});
|
|
},
|
|
|
|
/**
|
|
* Helper method which returns a list of objects which contains the url and name of thee ten most recent posts
|
|
*
|
|
* {[name: , url: ],[name: , url: ],[name: , url: ],...}
|
|
*
|
|
* @return {*|Promise}
|
|
*/
|
|
getRecentPosts: function()
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
var q = "select name,url, category_id from posts order by post_id desc limit 10";
|
|
fetch(q).then(function(sqlPosts)
|
|
{
|
|
var promises = [];
|
|
sqlPosts.forEach(function(post)
|
|
{
|
|
promises.push(new Promise(function(res, rej)
|
|
{
|
|
var getCategory = "select url from categories where category_id='" + post.category_id + "'";
|
|
fetch(getCategory).then(function(urls)
|
|
{
|
|
var obj = new Object();
|
|
obj.name = post.name;
|
|
obj.url = post.url;
|
|
obj.category = urls[0].url;
|
|
res(obj);
|
|
});
|
|
}));
|
|
});
|
|
Promise.all(promises).then(function(goodies)
|
|
{
|
|
resolve(goodies);
|
|
});
|
|
});
|
|
});
|
|
},
|
|
getPopularPosts: function()
|
|
{
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
var q = "select * from popular_posts";
|
|
fetch(q).then(function(sqlPosts)
|
|
{
|
|
|
|
});
|
|
});
|
|
},
|
|
/**
|
|
* Function which checks to see if a user successfully logged in based on
|
|
* the post data which they sent
|
|
*
|
|
* @param postData the post data
|
|
* @return {*|Promise} a json object with {pass: , user: }
|
|
* the pass is whether or not they logged in successfully and the user is
|
|
* the username they successfully logged in with
|
|
*/
|
|
checkLogin: function(postData)
|
|
{
|
|
var post = qs.parse(postData);
|
|
return new Promise(function(resolve, reject)
|
|
{
|
|
var result = Object();
|
|
result.pass = false;
|
|
|
|
if(post.username && post.password)
|
|
{
|
|
var cleanName = sanitizer.sanitize(post.username);
|
|
var cleanPassword = sanitizer.sanitize(post.password);
|
|
|
|
var getSalt = "select * from users where user_name='" + cleanName + "'";
|
|
fetch(getSalt).then(function(saltResult)
|
|
{
|
|
if(saltResult.length == 1)
|
|
{
|
|
var hashedPassword = crypto.createHash('sha256')
|
|
.update(cleanPassword + saltResult[0].salt)
|
|
.digest('hex');
|
|
if(saltResult[0].password === hashedPassword)
|
|
{
|
|
//yay!
|
|
result.pass = true;
|
|
result.user = cleanName;
|
|
resolve(result);
|
|
}
|
|
else
|
|
{
|
|
//wrong password
|
|
resolve(result)
|
|
}
|
|
}
|
|
else
|
|
{
|
|
//incorrect username
|
|
resolve(result);
|
|
}
|
|
})
|
|
}
|
|
else
|
|
{
|
|
//no login attempts were made
|
|
resolve(result);
|
|
}
|
|
});
|
|
},
|
|
|
|
getCategory: function(categoryId)
|
|
{
|
|
return fetch("select * from categories where category_id='" + categoryId + "'");
|
|
}
|
|
};
|