fixed api errors when queries miss

2025-02-12 01:56:19 -05:00 · 2025-02-12 01:56:19 -05:00 · 280f1b7338
commit 280f1b7338
parent 8bdc2a3197
3 changed files with 16 additions and 11 deletions
--- a/api/api.py
+++ b/api/api.py
@ -45,8 +45,9 @@ def new_message():
    message = str(request.form['message'])
    token = request.form['token']
    res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
-    (user_id,) = res.fetchone()
-    if user_id is not None:
+    res = res.fetchone()
+    if res is not None:
+        (user_id,) = res
        id = str(uuid4())
        cur.execute("INSERT INTO message VALUES(?, ?, ?, ?)", (id, user_id, position, message));
        db.commit()
@ -71,11 +72,13 @@ def remove_message():
    token = request.form['token']
    message_id = request.form['message_id']
    res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
-    (user_id,) = res.fetchone()
-    if user_id is not None:
+    res = res.fetchone()
+    if res is not None:
+        (user_id,) = res
        res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'")
-        (message_id, message_user_id) = res.fetchone()
-        if message_id is not None:
+        res = res.fetchone()
+        if res is not None:
+            (message_id, message_user_id) = res
            if message_user_id == user_id:
                cur.execute(f"DELETE FROM message WHERE message_id='{message_id}'")
                db.commit()
@ -95,11 +98,13 @@ def edit_message():
    message_id = request.form['message_id']
    new_message = request.form['message']
    res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
-    (user_id,) = res.fetchone()
-    if user_id is not None and new_message is not None:
+    res = res.fetchone()
+    if res is not None and new_message is not None:
+        (user_id,) = res
        res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'")
-        (message_id, message_user_id) = res.fetchone()
-        if message_id is not None:
+        res = res.fetchone()
+        if res is not None:
+            (message_id, message_user_id) = res
            if message_user_id == user_id:
                cur.execute(f"UPDATE message SET message = '{new_message}' WHERE message_id='{message_id}'");
                db.commit()
--- a/api/forum.db
+++ b/api/forum.db
--- a/src/components/chatbubble.jsx
+++ b/src/components/chatbubble.jsx
@ -69,7 +69,7 @@ export default function ChatBubble({ id, position, text }) {
                            setMessages(data);
                        });
                    } else if (res.status == 401) {
-                        alert('you are not allowed to delete this')
+                        alert('you are not allowed to edit this')
                    }
                });
            }