db.all(query, (err2,players) => {
if (light)
{
- const game = Object.assign({},
- gameInfo,
- {players: players}
- );
- cb(null, game);
+ query =
+ "SELECT COUNT(*) AS nbMoves " +
+ "FROM Moves " +
+ "WHERE gid = " + id;
+ db.get(query, (err,ret) => {
+ const game = Object.assign({},
+ gameInfo,
+ {players: players},
+ {movesCount: ret.nbMoves}
+ );
+ cb(null, game);
+ });
}
else
{
},
// obj can have fields move, chat, fen, drawOffer and/or score + message
- update: function(id, obj)
+ update: function(id, obj, cb)
{
db.parallelize(function() {
let query =
}
if (obj.move)
{
- const m = obj.move;
+ // Security: only update moves if index is right
query =
- "INSERT INTO Moves (gid, squares, played, idx) VALUES " +
- "(" + id + ",?," + m.played + "," + m.idx + ")";
- db.run(query, JSON.stringify(m.squares));
+ "SELECT MAX(idx) AS maxIdx " +
+ "FROM Moves " +
+ "WHERE gid = " + id;
+ db.get(query, (err,ret) => {
+ const m = obj.move;
+ if (!ret.maxIdx || ret.maxIdx + 1 == m.idx) {
+ query =
+ "INSERT INTO Moves (gid, squares, played, idx) VALUES " +
+ "(" + id + ",?," + m.played + "," + m.idx + ")";
+ db.run(query, JSON.stringify(m.squares));
+ cb(null);
+ }
+ else cb({errmsg:"Wrong move index"});
+ });
}
+ else cb(null);
if (obj.chat)
{
query =
+ id + ",?,'" + obj.chat.name + "'," + Date.now() + ")";
db.run(query, obj.chat.msg);
}
+ else if (obj.delchat)
+ {
+ query =
+ "DELETE " +
+ "FROM Chats " +
+ "WHERE gid = " + id;
+ db.run(query, cb);
+ }
});
},