1 let express
= require('express');
2 let router
= express
.Router();
3 const createError
= require('http-errors');
4 const sqlite3
= require('sqlite3');//.verbose();
5 const db
= new sqlite3
.Database('db/vchess.sqlite');
6 const sanitizeHtml
= require('sanitize-html');
8 const supportedLang
= ["fr","en"];
9 function selectLanguage(req
, res
)
11 // If preferred language already set:
12 if (!!req
.cookies
["lang"])
13 return req
.cookies
["lang"];
15 // Else: search and set it
16 const langString
= req
.headers
["accept-language"];
17 let langArray
= langString
18 .replace(/;q=[0-9.]+/g, "") //priority
19 .replace(/-[A-Z]+/g, "") //region (skipped for now...)
20 .split(",") //may have some duplicates, but removal is too costly
21 let bestLang
= "en"; //default: English
22 for (let lang
of langArray
)
24 if (supportedLang
.includes(lang
))
30 // Cookie expires in 183 days (expressed in milliseconds)
31 res
.cookie('lang', bestLang
, { maxAge: 183*24*3600*1000 });
36 router
.get('/', function(req
, res
, next
) {
37 db
.serialize(function() {
38 db
.all("SELECT * FROM Variants", (err
,variants
) => {
43 variantArray: variants
,
44 lang: selectLanguage(req
, res
),
45 languages: supportedLang
,
52 router
.get("/:vname([a-zA-Z0-9]+)", (req
,res
,next
) => {
53 const vname
= req
.params
["vname"];
54 db
.serialize(function() {
55 db
.all("SELECT * FROM Variants WHERE name='" + vname
+ "'", (err
,variant
) => {
58 if (!variant
|| variant
.length
==0)
59 return next(createError(404));
60 // TODO (later...) get only n=100(?) most recent problems
61 db
.all("SELECT * FROM Problems WHERE variant='" + vname
+ "'",
65 res
.render('variant', {
66 title: vname
+ ' Variant',
68 problemArray: problems
,
69 lang: selectLanguage(req
, res
),
70 languages: supportedLang
,
78 // Load a rules page (AJAX)
79 router
.get("/rules/:variant([a-zA-Z0-9]+)", (req
,res
) => {
81 return res
.json({errmsg: "Unauthorized access"});
82 const lang
= selectLanguage(req
, res
);
83 res
.render("rules/" + req
.params
["variant"] + "/" + lang
);
86 // Fetch 10 previous or next problems (AJAX)
87 router
.get("/problems/:variant([a-zA-Z0-9]+)", (req
,res
) => {
89 return res
.json({errmsg: "Unauthorized access"});
90 // TODO: next or previous: in params + timedate (of current oldest or newest)
91 db
.serialize(function() {
96 // Upload a problem (AJAX)
97 router
.post("/problems/:variant([a-zA-Z0-9]+)", (req
,res
) => {
99 return res
.json({errmsg: "Unauthorized access"});
100 const vname
= req
.params
["variant"];
101 const timestamp
= Date
.now();
103 const fen
= req
.body
["fen"];
104 if (!fen
.match(/^[a-zA-Z0-9, /-]*$/))
105 return res
.json({errmsg: "Bad characters in FEN string"});
106 const instructions
= sanitizeHtml(req
.body
["instructions"]);
107 const solution
= sanitizeHtml(req
.body
["solution"]);
108 db
.serialize(function() {
109 let stmt
= db
.prepare("INSERT INTO Problems " +
110 "(added,variant,fen,instructions,solution) VALUES (?,?,?,?,?)");
111 stmt
.run(timestamp
, vname
, fen
, instructions
, solution
);
117 module
.exports
= router
;