soaos/forum
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed api errors when queries miss

Browse Source
This commit is contained in:
Silas Bartha 2025-02-12 01:56:19 -05:00
parent 8bdc2a3197
commit 280f1b7338
3 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
api/api.py
View File

@ -45,8 +45,9 @@ def new_message():
message = str(request.form['message']) message = str(request.form['message'])
token = request.form['token'] token = request.form['token']
res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
(user_id,) = res.fetchone() res = res.fetchone()
if user_id is not None: if res is not None:
(user_id,) = res
id = str(uuid4()) id = str(uuid4())
cur.execute("INSERT INTO message VALUES(?, ?, ?, ?)", (id, user_id, position, message)); cur.execute("INSERT INTO message VALUES(?, ?, ?, ?)", (id, user_id, position, message));
db.commit() db.commit()
@ -71,11 +72,13 @@ def remove_message():
token = request.form['token'] token = request.form['token']
message_id = request.form['message_id'] message_id = request.form['message_id']
res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
(user_id,) = res.fetchone() res = res.fetchone()
if user_id is not None: if res is not None:
(user_id,) = res
res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'") res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'")
(message_id, message_user_id) = res.fetchone() res = res.fetchone()
if message_id is not None: if res is not None:
(message_id, message_user_id) = res
if message_user_id == user_id: if message_user_id == user_id:
cur.execute(f"DELETE FROM message WHERE message_id='{message_id}'") cur.execute(f"DELETE FROM message WHERE message_id='{message_id}'")
db.commit() db.commit()
@ -95,11 +98,13 @@ def edit_message():
message_id = request.form['message_id'] message_id = request.form['message_id']
new_message = request.form['message'] new_message = request.form['message']
res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'") res = cur.execute(f"SELECT user_id FROM user WHERE token='{token}'")
(user_id,) = res.fetchone() res = res.fetchone()
if user_id is not None and new_message is not None: if res is not None and new_message is not None:
(user_id,) = res
res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'") res = cur.execute(f"SELECT message_id, user_id FROM message WHERE message_id='{message_id}'")
(message_id, message_user_id) = res.fetchone() res = res.fetchone()
if message_id is not None: if res is not None:
(message_id, message_user_id) = res
if message_user_id == user_id: if message_user_id == user_id:
cur.execute(f"UPDATE message SET message = '{new_message}' WHERE message_id='{message_id}'"); cur.execute(f"UPDATE message SET message = '{new_message}' WHERE message_id='{message_id}'");
db.commit() db.commit()

BIN
api/forum.db
View File

Binary file not shown.

2
src/components/chatbubble.jsx
View File

@ -69,7 +69,7 @@ export default function ChatBubble({ id, position, text }) {
setMessages(data); setMessages(data);
}); });
} else if (res.status == 401) { } else if (res.status == 401) {
alert('you are not allowed to delete this') alert('you are not allowed to edit this')
} }
}); });
} }