- if (!!obj.fen)
- query += "fen = '" + obj.fen + "',";
- if (!!obj.score)
- query += "score = '" + obj.score + "',";
- query = query.slice(0,-1); //remove last comma
- query += " WHERE id = " + id;
- db.run(query);
- if (!!obj.move)
+ let modifs = "";
+ // NOTE: if drawOffer is set, we should check that it's player's turn
+ // A bit overcomplicated. Let's trust the client on that for now...
+ if (obj.drawOffer)
+ {
+ if (obj.drawOffer == "n") //Special "None" update
+ obj.drawOffer = "";
+ modifs += "drawOffer = '" + obj.drawOffer + "',";
+ }
+ if (obj.fen)
+ modifs += "fen = '" + obj.fen + "',";
+ if (obj.score)
+ modifs += "score = '" + obj.score + "',";
+ if (obj.scoreMsg)
+ modifs += "scoreMsg = '" + obj.scoreMsg + "',";
+ modifs = modifs.slice(0,-1); //remove last comma
+ if (modifs.length > 0)
+ {
+ query += modifs + " WHERE id = " + id;
+ db.run(query);
+ }
+ // NOTE: move, chat and delchat are mutually exclusive
+ if (obj.move)
+ {
+ // Security: only update moves if index is right
+ query =
+ "SELECT MAX(idx) AS maxIdx " +
+ "FROM Moves " +
+ "WHERE gid = " + id;
+ db.get(query, (err,ret) => {
+ const m = obj.move;
+
+
+
+ if (!ret.maxIdx || ret.maxIdx + 1 == m.idx) {
+ query =
+ "INSERT INTO Moves (gid, squares, played, idx) VALUES " +
+ "(" + id + ",?," + m.played + "," + m.idx + ")";
+return cb({errmsg: (!ret.maxIdx || ret.maxIdx + 1 == m.idx) + " " + query});
+ db.run(query, JSON.stringify(m.squares));
+ cb(null);
+ }
+ else cb({errmsg:"Wrong move index"});
+ });
+ }
+ else cb(null);
+ if (obj.chat)
+ {
+ query =
+ "INSERT INTO Chats (gid, msg, name, added) VALUES ("
+ + id + ",?,'" + obj.chat.name + "'," + Date.now() + ")";
+ db.run(query, obj.chat.msg);
+ }
+ else if (obj.delchat)