diff options
Diffstat (limited to 'api/api.py')
| -rw-r--r-- | api/api.py | 25 |
1 files changed, 15 insertions, 10 deletions
@@ -45,8 +45,9 @@ def new_message(): message = str(request.form['message']) token = request.form['token'] res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") - (user_id,) = res.fetchone() - if user_id is not None: + res = res.fetchone() + if res is not None: + (user_id,) = res id = str(uuid4()) cur.execute("INSERT INTO message VALUES(?, ?, ?, ?)", (id, user_id, position, message)); db.commit() @@ -71,11 +72,13 @@ def remove_message(): token = request.form['token'] message_id = request.form['message_id'] res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") - (user_id,) = res.fetchone() - if user_id is not None: + res = res.fetchone() + if res is not None: + (user_id,) = res res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'") - (message_id, message_user_id) = res.fetchone() - if message_id is not None: + res = res.fetchone() + if res is not None: + (message_id, message_user_id) = res if message_user_id == user_id: cur.execute(f"DELETE FROM message WHERE message_id='{message_id}'") db.commit() @@ -95,11 +98,13 @@ def edit_message(): message_id = request.form['message_id'] new_message = request.form['message'] res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") - (user_id,) = res.fetchone() - if user_id is not None and new_message is not None: + res = res.fetchone() + if res is not None and new_message is not None: + (user_id,) = res res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'") - (message_id, message_user_id) = res.fetchone() - if message_id is not None: + res = res.fetchone() + if res is not None: + (message_id, message_user_id) = res if message_user_id == user_id: cur.execute(f"UPDATE message SET message = '{new_message}' WHERE message_id='{message_id}'"); db.commit() |