From 4a05948a4da8efe5df737bfc915511b829057c02 Mon Sep 17 00:00:00 2001
From: Fabien Zucchet <fabien.zucchet@student-cs.fr>
Date: Tue, 2 Mar 2021 14:06:23 +0100
Subject: [PATCH] prepare requests for staffeurs.controller

---
 back/src/controllers/staffeurs.controller.js | 54 ++++++++++----------
 1 file changed, 28 insertions(+), 26 deletions(-)

diff --git a/back/src/controllers/staffeurs.controller.js b/back/src/controllers/staffeurs.controller.js
index 8740840b..fccddb8a 100644
--- a/back/src/controllers/staffeurs.controller.js
+++ b/back/src/controllers/staffeurs.controller.js
@@ -13,61 +13,63 @@ const dbConfig = {
   database: dbdatabase
 };
 
-function getStaffeurs(req, res){
+function getStaffeurs(req, res) {
   var con = mysql.createConnection(dbConfig);
   var query = "SELECT id,login FROM Staffeurs WHERE deleted = 0 ORDER BY login ASC;"
   con.connect();
   con.query(query, (err, result) => {
-  if(err){
+    if (err) {
       console.log(err)
-      return res.send({success: false})
-  }
-  return res.send(result)
+      return res.send({ success: false })
+    }
+    return res.send(result)
   });
   con.end();
 }
 
-function addNewStaffeur(req, res){
+function addNewStaffeur(req, res) {
   var con = mysql.createConnection(dbConfig);
-  var query = "INSERT INTO `Staffeurs` (`login`) VALUES ('"+req.body.login+"');"
+  var query = "INSERT INTO `Staffeurs` (`login`) VALUES (?);"
+  var inserts = [req.body.login];
   con.connect();
-  con.query(query, (err, result) => {
-  if(err){
+  con.query(query, inserts, (err, result) => {
+    if (err) {
       console.log(err)
-      return res.send({success: false})
-  }
-  return res.send(result)
+      return res.send({ success: false })
+    }
+    return res.send(result)
   });
   con.end();
 }
 
-function deleteStaffeur(req, res){
+function deleteStaffeur(req, res) {
   var con = mysql.createConnection(dbConfig);
-  var query = "UPDATE Staffeurs SET deleted = 1 WHERE id="+req.body.id+";"
+  var query = "UPDATE Staffeurs SET deleted = 1 WHERE id=?;"
+  var inserts = [req.body.id];
   con.connect();
-  con.query(query, (err, result) => {
-  if(err){
+  con.query(query, inserts, (err, result) => {
+    if (err) {
       console.log(err)
-      return res.send({success: false})
-  }
-  return res.send(result)
+      return res.send({ success: false })
+    }
+    return res.send(result)
   });
   con.end();
 }
 
-function getStaffeursLogins(req, res){
+function getStaffeursLogins(req, res) {
   var con = mysql.createConnection(dbConfig);
   var query = "SELECT login FROM Staffeurs WHERE deleted = 0;"
   con.connect();
   con.query(query, (err, result) => {
-  if(err){
+    if (err) {
       console.log(err)
-      return res.send({success: false})
-  }
-  var data = result.map((item) => { return item.login });
-  return res.send(data)
+      return res.send({ success: false })
+    }
+    var data = result.map((item) => { return item.login });
+    return res.send(data)
   });
   con.end();
 }
 
-module.exports = {getStaffeurs, addNewStaffeur, deleteStaffeur, getStaffeursLogins}
+module.exports = { getStaffeurs, addNewStaffeur, deleteStaffeur, getStaffeursLogins }
-- 
GitLab