X-Git-Url: https://git.auder.net/?p=vchess.git;a=blobdiff_plain;f=models%2FUser.js;h=6e91458eb310e3e798e6cb5483d005d5c1382ac8;hp=777eeaa2c3213e2211722f3f8794d6c93d3160ea;hb=8a477a7e1b781babc74d7935b80ac0b18ec04f86;hpb=0bd5933d97a90473233d0f90f465a43aba430ffa

diff --git a/models/User.js b/models/User.js
index 777eeaa2..6e91458e 100644
--- a/models/User.js
+++ b/models/User.js
@@ -16,13 +16,12 @@ var TokenGen = require("../utils/tokenGenerator");
 // User creation
 exports.create = function(name, email, notify, callback)
 {
-	if (!notify)
-		notify = false; //default
 	db.serialize(function() {
-		db.run(
+		const query =
 			"INSERT INTO Users " +
 			"(name, email, notify) VALUES " +
-			"(" + name + "," + email + "," + notify + ")");
+			"('" + name + "', '" + email + "', " + notify + ")";
+		db.run(query, callback); //TODO: need to get the inserted user (how ?)
 	});
 }
 
@@ -31,10 +30,10 @@ exports.getOne = function(by, value, cb)
 {
 	const delimiter = (typeof value === "string" ? "'" : "");
 	db.serialize(function() {
-		db.get(
+		const query =
 			"SELECT * FROM Users " +
-			"WHERE " + by + " = " + delimiter + value + delimiter,
-			callback);
+			"WHERE " + by + " = " + delimiter + value + delimiter;
+		db.get(query, cb);
 	});
 }
 
@@ -44,10 +43,11 @@ exports.getOne = function(by, value, cb)
 exports.setLoginToken = function(token, uid, cb)
 {
 	db.serialize(function() {
-		db.run(
+		const query =
 			"UPDATE Users " +
 			"SET loginToken = " + token + " AND loginTime = " + Date.now() + " " +
-			"WHERE id = " + uid);
+			"WHERE id = " + uid;
+		db.run(query, cb);
 	});
 }
 
@@ -57,18 +57,20 @@ exports.trySetSessionToken = function(uid, cb)
 {
 	// Also empty the login token to invalidate future attempts
 	db.serialize(function() {
-		db.get(
+		const querySessionTOken =
 			"SELECT sessionToken " +
 			"FROM Users " +
-			"WHERE id = " + uid, (err,token) => {
-				if (!!err)
-					return cb(err);
-				const newToken = token || TokenGen.generate(params.token.length);
-				db.run(
-					"UPDATE Users " +
-					"SET loginToken = NULL " +
-					(!token ? "AND sessionToken = " + newToken + " " : "") +
-					"WHERE id = " + uid);
+			"WHERE id = " + uid;
+		db.get(querySessionToken, (err,token) => {
+			if (!!err)
+				return cb(err);
+			const newToken = token || TokenGen.generate(params.token.length);
+			const queryUpdate =
+				"UPDATE Users " +
+				"SET loginToken = NULL " +
+				(!token ? "AND sessionToken = " + newToken + " " : "") +
+				"WHERE id = " + uid;
+			db.run(queryUpdate);
 				cb(null, newToken);
 		});
 	});
@@ -77,11 +79,12 @@ exports.trySetSessionToken = function(uid, cb)
 exports.updateSettings = function(user, cb)
 {
 	db.serialize(function() {
-		db.run(
+		const query =
 			"UPDATE Users " +
 			"SET name = " + user.name +
 			" AND email = " + user.email +
 			" AND notify = " + user.notify + " " +
-			"WHERE id = " + user._id);
+			"WHERE id = " + user._id;
+		db.run(query, cb);
 	});
 }