diff --git a/back/src/controllers/scores.controller.js b/back/src/controllers/scores.controller.js
index 7f0de137c94a4f3a991db9b11c1adc0bdacdf080..cc6e1557fc26fa727924e723f8e90bbc59d71e79 100644
--- a/back/src/controllers/scores.controller.js
+++ b/back/src/controllers/scores.controller.js
@@ -13,117 +13,123 @@ const dbConfig = {
database: dbdatabase
};
-function getAdminScores(req, res){
+function getAdminScores(req, res) {
var con = mysql.createConnection(dbConfig);
var query = "SELECT Score.id, score, Part.name AS participant, Equi.name AS equipe, createdAt as date ,Part.id as partid ,Equi.id as equid FROM Score LEFT JOIN (SELECT * FROM Participant WHERE deleted = 0) AS Part ON Part.id=Score.ParticipantId LEFT JOIN (SELECT * FROM Equipe WHERE deleted = 0) AS Equi ON Score.equipeId=Equi.id WHERE Score.deleted = 0 ORDER BY date DESC;"
con.connect();
con.query(query, (err, result) => {
- if(err){
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function getDistanceTotale(req, res){
+function getDistanceTotale(req, res) {
var con = mysql.createConnection(dbConfig);
var query = "SELECT SUM(score) as distanceTotale FROM Score WHERE deleted = 0;"
con.connect();
con.query(query, (err, result) => {
- if(err){
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function addNewScore(req, res){
+function addNewScore(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "INSERT INTO `Score` (`participantId`, `equipeId`, `score`) VALUES ('"+req.body.participant+"', '"+req.body.equipe+"', '"+req.body.score+"');"
+ var query = "INSERT INTO `Score` (`participantId`, `equipeId`, `score`) VALUES (?, ?, ?);"
+ var inserts = [req.body.participant, req.body.equipe, req.body.score];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function updateScore(req, res){
+function updateScore(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "UPDATE Score SET participantId = "+req.body.participant+", equipeId = "+req.body.equipe+", score = "+req.body.score+" WHERE id="+req.body.id+";"
+ var query = "UPDATE Score SET participantId = ?, equipeId = ?, score = ? WHERE id=?;"
+ var inserts = [req.body.participant, req.body.equipe, req.body.score, req.body.id];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function updateScoreScore(req, res){
+function updateScoreScore(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "UPDATE Score SET score = "+req.body.score+" WHERE id="+req.body.id+";"
+ var query = "UPDATE Score SET score = ? WHERE id=?;"
+ var inserts = [req.body.score, req.body.id];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function updateScoreEquipe(req, res){
+function updateScoreEquipe(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "UPDATE Score SET equipeId = "+req.body.equipe+" WHERE id="+req.body.id+";"
+ var query = "UPDATE Score SET equipeId = ? WHERE id=?;"
+ var inserts = [req.body.equipe, req.body.id];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function updateScoreParticipant(req, res){
+function updateScoreParticipant(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "UPDATE Score SET participantId = "+req.body.participant+" WHERE id="+req.body.id+";"
+ var query = "UPDATE Score SET participantId = ? WHERE id=?;"
+ var inserts = [req.body.participant, req.body.id];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-function deleteScore(req, res){
+function deleteScore(req, res) {
var con = mysql.createConnection(dbConfig);
- var query = "UPDATE Score SET deleted = 1 WHERE id="+req.body.id+";"
+ var query = "UPDATE Score SET deleted = 1 WHERE id=?;"
+ var inserts = [req.body.id];
con.connect();
- con.query(query, (err, result) => {
- if(err){
+ con.query(query, inserts, (err, result) => {
+ if (err) {
console.log(err)
- return res.send({success: false})
- }
- return res.send(result)
+ return res.send({ success: false })
+ }
+ return res.send(result)
});
con.end();
}
-module.exports = {getAdminScores,addNewScore,updateScore,updateScoreScore,updateScoreEquipe,updateScoreParticipant,deleteScore,getDistanceTotale}
+module.exports = { getAdminScores, addNewScore, updateScore, updateScoreScore, updateScoreEquipe, updateScoreParticipant, deleteScore, getDistanceTotale }