From 3465ed52c8a62de1082cc4235c198ed5e6639308 Mon Sep 17 00:00:00 2001 From: moepoi Date: Sun, 21 Nov 2021 14:05:15 +0700 Subject: [PATCH] Recover --- routes/api.js | 192 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 134 insertions(+), 58 deletions(-) diff --git a/routes/api.js b/routes/api.js index aaa31de..e767969 100644 --- a/routes/api.js +++ b/routes/api.js @@ -238,7 +238,7 @@ router.post("/login", async (req, res) => { } }); -router.get("/verify-mail", async (req, res) => { +router.post("/verify-mail", async (req, res) => { const conn = db.connect(); conn.query( 'SELECT * FROM users WHERE token ="' + req.query.token + '"', @@ -253,6 +253,7 @@ router.get("/verify-mail", async (req, res) => { if (result[0].verify == 0) { var data = { verify: 1, + token: randtoken.generate(64), }; db_connect.query( 'UPDATE users SET ? WHERE email ="' + result[0].email + '"', @@ -400,71 +401,145 @@ router.post("/reset-password", async (req, res) => { }); router.post("/checkout", async (req, res) => { - if ( - !req.body.firstName || - !req.body.lastName || - !req.body.phoneNumber || - !req.body.streetAddress1 || - !req.body.streetAddress2 || - !req.body.region || - !req.body.province || - !req.body.city || - !req.body.district || - !req.body.subDistrict || - !req.body.postalCode || - !req.body.logistic || - !req.body.data - ) { + if (!req.query.key) { + res.status(401); + res.json({ + message: "Unauthorized", + }); + } else { + auth.auth_checker(req.query.key).then((status) => { + if (status) { + if ( + !req.body.firstName || + !req.body.lastName || + !req.body.phoneNumber || + !req.body.streetAddress1 || + !req.body.streetAddress2 || + !req.body.region || + !req.body.province || + !req.body.city || + !req.body.district || + !req.body.subDistrict || + !req.body.postalCode || + !req.body.logistic || + !req.body.data + ) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + const conn = db.connect(); + conn.query( + "SELECT * FROM users WHERE token = ?", + [req.query.key], + async function (error, resp, fields) { + if (error) { + res.status(401); + res.json({ + message: "Unauthorized", + }); + } else { + var data = { + firstName: req.body.firstName, + lastName: req.body.lastName, + phoneNumber: req.body.phoneNumber, + streetAddress1: req.body.streetAddress1, + streetAddress2: req.body.streetAddress2, + region: req.body.region, + province: req.body.province, + city: req.body.city, + district: req.body.district, + subDistrict: req.body.subDistrict, + postalCode: req.body.postalCode, + logistic: req.body.logistic, + paymentMethod: '-', + data: req.body.data, + userId: resp[0].id, + paid: '0', + status: 'pending' + }; + conn.query( + "INSERT INTO transactions SET ?", + data, + function (error, response, fields) { + if (error) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + conn.query( + 'SELECT * FROM transactions WHERE id ="' + response.insertId + '"', + function (err, result) { + if (err) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + res.status(201); + res.json({ + 'order_id': result[0].id, + 'data': result[0].data + }); + } + }); + } + } + ); + } + } + ); + } + } else { + res.status(401); + res.json({ + message: "Unauthorized", + }); + } + }); + } +}); + +router.get("/subscribe", (req, res) => { + if (!req.query.email) { res.status(400); res.json({ message: "Bad Request", }); } else { const conn = db.connect(); - var data = { - firstName: req.body.firstName, - lastName: req.body.lastName, - phoneNumber: req.body.phoneNumber, - streetAddress1: req.body.streetAddress1, - streetAddress2: req.body.streetAddress2, - region: req.body.region, - province: req.body.province, - city: req.body.city, - district: req.body.district, - subDistrict: req.body.subDistrict, - postalCode: req.body.postalCode, - logistic: req.body.logistic, - paymentMethod: '-', - data: req.body.data, - userId: 14, - paid: '0', - status: 'pending' - }; - conn.query( - "INSERT INTO transactions SET ?", - data, - function (error, response, fields) { - if (error) { - res.status(400); - res.json({ - message: "Bad Request", - }); - } else { + conn.execute( + "SELECT * FROM `subscribe` WHERE `email` = ?", + [req.query.email], + function (err, results) { + if (!results[0]) { + let data = { + email: req.query.email, + type: "email" + }; conn.query( - 'SELECT * FROM transactions WHERE id ="' + response.insertId + '"', - function (err, result) { - if (err) { - res.status(400); - res.json({ - message: "Bad Request", - }); - } else { - res.status(201); - res.json({ - 'order_id': result[0].id, - 'data': result[0].data - }); + "INSERT INTO subscribe SET ?", + data, + function (err, resp) { + if (err) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + res.status(201); + res.json({ + message: "Success", + }); + } } + ); + } else { + res.status(200); + res.json({ + message: "Success", }); } } @@ -472,4 +547,5 @@ router.post("/checkout", async (req, res) => { } }); + module.exports = router; \ No newline at end of file