From dd2960b391d03779af9a37cfdf0b9ff50150e1ac Mon Sep 17 00:00:00 2001
From: BuildTools <unconfigured@null.spigotmc.org>
Date: Fri, 22 Apr 2022 16:45:42 +0200
Subject: [PATCH] added posts

---
 server.js        | 38 +++++++++++++++++++++++++++++++---
 views/posts.html | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 88 insertions(+), 3 deletions(-)
 create mode 100644 views/posts.html

diff --git a/server.js b/server.js
index 3b180a7..ecf7850 100644
--- a/server.js
+++ b/server.js
@@ -152,7 +152,24 @@ START /API/*
 */
 
 router.use("/api/*",async function(req,res,next) {
-  increaseAPICall(req,res,next)
+  if(!increaseAPICall(req,res))return;
+  let cookie = req.cookies.AUTH_COOKIE
+  if(!cookie){
+    res.status(400)
+    res.json({"error":"you are not logged in! (no cookie)"})
+    return
+  }
+  let unsigned = unsign(cookie,req,res)
+  let sql = `select * from zerotwohub.users where User_Name=? and User_PW=?;`
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    if(result[0] && result[0].User_Name && result[0].User_Name == username) {
+      res.locals.username = username;
+      next()
+    } else {
+      res.json({"error":"you are not logged in! (invalid cookie)"})
+    }
+  });
 })
 
 router.get("/api/getuser",async function(req,res) {
@@ -185,8 +202,23 @@ router.get("/api/getuser",async function(req,res) {
 })
 
 router.post("/api/post", async function(req,res) {
-  //already counted due to the /api/* handler
-  res.send("not implemented yet.")
+  let sql = `insert into zerotwohub.posts (post_user_name,post_text) values (?,?);`
+  let values = [res.locals.username,req.body.message]
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    res.json({"post_id":result[0].post_id})
+  });
+})
+
+router.get("/api/getPosts/*", async function(req,res) {
+  let sql = `select post_user_name,post_text from zerotwohub.posts where post_id > ? and post_id < ? order by post_id desc;`
+  let id = parseInt(req.originalUrl.replace("/api/getPosts/"))
+  if(isNaN(id))id=0
+  let values = [id,id+10]
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    res.json(result)
+  });
 })
 
 
diff --git a/views/posts.html b/views/posts.html
new file mode 100644
index 0000000..1a314cf
--- /dev/null
+++ b/views/posts.html
@@ -0,0 +1,53 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+  <head>
+    <meta charset="utf-8">
+    <title></title>
+    <script type="text/javascript">window.post = function(url, data) {return fetch(url, {method: "POST", headers: {'Content-Type': 'application/json'}, body: JSON.stringify(data)});}</script>
+  </head>
+  <body>
+    <div class="self">
+      Username: <span class="Username"></span> <br>
+      <textarea name="name" id="post-text" rows="8" cols="80"></textarea> <br>
+      <button type="button" name="button" id="post-btn">Post</button>
+    </div>
+    <div class="posts" id="posts">
+
+    </div>
+
+    <script type="text/javascript">
+      document.getElementById("post-btn").addEventListener("click",function() {
+        let r = post("/api/post",{"message":document.getElementById("post-text").value})
+        document.getElementById("post-text").value = ""
+        console.log(r);
+      })
+      function createPost(username,text) {
+        const newDiv = document.createElement("div");
+        const newP = document.createElement("p");
+        const newText = document.createTextNode(text);
+        const newUsername = document.createTextNode(username);
+
+        newP.appendChild(newUsername)
+
+        newDiv.appendChild(newP)
+        newDiv.appendChild(newText)
+
+        document.body.appendChild(newDiv)
+
+      }
+
+      async function buildPosts() {
+        let index = 0
+        let last_10_posts = await (await fetch(`/api/getPosts/${index}`)).json()
+        last_10_posts.forEach((item, i) => {
+          console.log(item,i);
+          createPost(item.post_user_name,item.post_text)
+        });
+
+
+      }
+
+
+    </script>
+  </body>
+</html>