X-Git-Url: https://git.auder.net/?p=vchess.git;a=blobdiff_plain;f=routes%2Fall.js;h=f3e184e608133d267c374f6b4c0360c1c8531690;hp=3e6dd001df9b2771d2c78633f4fed2b3faec058b;hb=da06a6eb0237123ce43fdb01cb06246b8b57f5e5;hpb=4ecf423bce243e8e10b5b777a95f67ecc9f8d8d3

diff --git a/routes/all.js b/routes/all.js
index 3e6dd001..f3e184e6 100644
--- a/routes/all.js
+++ b/routes/all.js
@@ -1,31 +1,78 @@
-var express = require('express');
-var router = express.Router();
-var createError = require('http-errors');
-
-const Variants = require("../variants");
+let express = require('express');
+let router = express.Router();
+const createError = require('http-errors');
+const sqlite3 = require('sqlite3');//.verbose();
+const db = new sqlite3.Database('db/vchess.sqlite');
+const sanitizeHtml = require('sanitize-html');
 
 // Home
 router.get('/', function(req, res, next) {
-  res.render('index', {
-		title: 'club',
-		variantArray: Variants, //JSON.stringify(Variants)
+	db.serialize(function() {
+		db.all("SELECT * FROM Variants", (err,variants) => {
+			if (!!err)
+				return next(err);
+			res.render('index', {
+				title: 'club',
+				variantArray: variants, //JSON.stringify(variants)
+			});
+		});
 	});
 });
 
 // Variant
 router.get("/:vname([a-zA-Z0-9]+)", (req,res,next) => {
 	const vname = req.params["vname"];
-	if (!Variants.some(v => { return (v.name == vname); }))
-		return next(createError(404));
-	res.render('variant', {
-		title: vname + ' Variant',
-		variant: vname,
+	db.serialize(function() {
+		db.all("SELECT * FROM Variants WHERE name='" + vname + "'", (err,variant) => {
+			if (!!err)
+				return next(err);
+			if (!variant || variant.length==0)
+				return next(createError(404));
+			db.all("SELECT * FROM Problems WHERE variant='" + vname + "'",
+				(err2,problems) => {
+					if (!!err2)
+						return next(err2);
+					res.render('variant', {
+						title: vname + ' Variant',
+						variant: vname,
+						problemArray: problems,
+					});
+				}
+			);
+		});
 	});
 });
 
 // Load a rules page (AJAX)
 router.get("/rules/:variant([a-zA-Z0-9]+)", (req,res) => {
-  res.render("rules/" + req.params["variant"]);
+	if (!req.xhr)
+		return res.json({errmsg: "Unauthorized access"});
+	res.render("rules/" + req.params["variant"]);
+});
+
+// Fetch 10 previous or next problems (AJAX)
+router.get("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
+	if (!req.xhr)
+		return res.json({errmsg: "Unauthorized access"});
+	// TODO: next or previous: in params + timedate (of current oldest or newest)
 });
 
+// Upload a problem (AJAX)
+router.post("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
+	if (!req.xhr)
+		return res.json({errmsg: "Unauthorized access"});
+	const vname = req.params["variant"];
+	
+	// TODO: get parameters and sanitize them
+	sanitizeHtml(req.body["fen"]); // [/a-z0-9 ]*
+	sanitizeHtml(req.body["instructions"]);
+	db.serialize(function() {
+		let stmt = db.prepare("INSERT INTO Problems VALUES (?,?,?,?,?)");
+		stmt.run(timestamp, vname, fen, instructions, solution);
+		stmt.finalize();
+	});
+  res.json({});
+});
+
+
 module.exports = router;