From: Benjamin Auder Date: Wed, 4 Mar 2020 22:18:37 +0000 (+0100) Subject: Fix targetted challenge deletion on server when refused X-Git-Url: https://git.auder.net/%7B%7B%20path%28%27fos_user_change_password%27%29%20%7D%7D?a=commitdiff_plain;h=51145f8c0e0595f195e26827e932306eb0083c10;p=vchess.git Fix targetted challenge deletion on server when refused --- diff --git a/server/models/Challenge.js b/server/models/Challenge.js index 40d125c9..2be700bd 100644 --- a/server/models/Challenge.js +++ b/server/models/Challenge.js @@ -31,10 +31,10 @@ const ChallengeModel = db.serialize(function() { const query = "INSERT INTO Challenges " + - "(added, uid, " + (!!c.to ? "target, " : "") + + "(added, uid, " + (c.to ? "target, " : "") + "vid, randomness, fen, cadence) " + "VALUES " + - "(" + Date.now() + "," + c.uid + "," + (!!c.to ? c.to + "," : "") + + "(" + Date.now() + "," + c.uid + "," + (c.to ? c.to + "," : "") + c.vid + "," + c.randomness + ",'" + c.fen + "','" + c.cadence + "')"; db.run(query, function(err) { cb(err, {cid: this.lastID}); @@ -76,7 +76,7 @@ const ChallengeModel = "FROM Challenges " + "WHERE id = " + id + " " + // Condition: I'm the sender or the target - "AND (uid = " + uid + " OR to = " + uid + ")"; + "AND (uid = " + uid + " OR target = " + uid + ")"; db.get(query, (err,chall) => { if (!err && chall) ChallengeModel.remove(id); diff --git a/server/routes/challenges.js b/server/routes/challenges.js index aee6fd2a..680a69fd 100644 --- a/server/routes/challenges.js +++ b/server/routes/challenges.js @@ -24,7 +24,7 @@ router.post("/challenges", access.logged, access.ajax, (req,res) => { if (req.body.chall.to) { UserModel.getOne("name", challenge.to, (err,user) => { - if (!!err || !user) + if (err || !user) res.json(err || {errmsg: "Typo in player name"}); else {