From 25e090f4d9d6b981ae667e89b0af816bec87708d Mon Sep 17 00:00:00 2001 From: Logan Cusano Date: Sun, 26 Feb 2023 16:05:06 -0500 Subject: [PATCH] Updated SQL strings to have double quotes --- libStorage.js | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/libStorage.js b/libStorage.js index f554e79..2b969f8 100644 --- a/libStorage.js +++ b/libStorage.js @@ -93,7 +93,7 @@ class Storage { getRecordBy(key, keyValue, callback) { if (!this.validKeys.includes(key)) return callback(new Error("Given key not valid", key), undefined); - const sqlQuery = `SELECT * FROM ${this.dbTable} WHERE ${key} = '${keyValue}'`; + const sqlQuery = `SELECT * FROM ${this.dbTable} WHERE ${key} = "${keyValue}"`; runSQL(sqlQuery, this.connection, (err, rows) => { if (err) return callback(err, undefined); @@ -166,7 +166,7 @@ exports.UserStorage = class UserStorage extends Storage { * @callback Error|Array|* */ saveAccount(_discordAccountId, callback){ - const sqlQuery = `INSERT INTO ${this.dbTable} (discord_account_id, balance) VALUES ('${_discordAccountId}', ${0});`; + const sqlQuery = `INSERT INTO ${this.dbTable} (discord_account_id, balance) VALUES ("${_discordAccountId}", ${0});`; log.DEBUG(`Adding new entry with SQL query: '${sqlQuery}'`) @@ -231,7 +231,7 @@ exports.TransactionStorage = class TransactionStorage extends Storage { } createTransaction(transaction, callback){ - var sqlQuery = `INSERT INTO ${this.dbTable} (transaction_id, account_id, discord_tokens_used, provider_tokens_used, provider_id, order_date) VALUES ('${transaction.transaction_id}', '${transaction.account_id}', '${transaction.discord_tokens_used}', '${transaction.provider_tokens_used}', '${transaction.provider_id}', '${returnMysqlTime()}');`; + var sqlQuery = `INSERT INTO ${this.dbTable} (transaction_id, account_id, discord_tokens_used, provider_tokens_used, provider_id, order_date) VALUES ("${transaction.transaction_id}", "${transaction.account_id}", "${transaction.discord_tokens_used}", "${transaction.provider_tokens_used}", "${transaction.provider_id}", "${returnMysqlTime()}");`; log.DEBUG(`Adding new entry with SQL query: '${sqlQuery}'`) @@ -298,7 +298,7 @@ exports.FeedStorage = class FeedStorage extends Storage { return callback(new Error("Entry object malformed, check the object before saving it"), undefined) } - const sqlQuery = `INSERT INTO ${this.dbTable} (title, link, category, guild_id, channel_id) VALUES ('${entryObject.title}', '${entryObject.link}', '${entryObject.category}', '${entryObject.guild_id}', '${entryObject.channel_id}');`; + const sqlQuery = `INSERT INTO ${this.dbTable} (title, link, category, guild_id, channel_id) VALUES ("${entryObject.title}", "${entryObject.link}", "${entryObject.category}", "${entryObject.guild_id}", "${entryObject.channel_id}");`; log.DEBUG(`Adding new entry with SQL query: '${sqlQuery}'`) @@ -316,12 +316,12 @@ exports.FeedStorage = class FeedStorage extends Storage { updateEntry(entryObject, callback) { let queryParams = []; if (!entryObject.title) return callback(new Error("No title given before updating"), undefined); - queryParams.push(`title = '${entryObject.title}'`); + queryParams.push(`title = "${entryObject.title}"`); if (!entryObject.link) return callback(new Error("No link given before updating"), undefined); - queryParams.push(`link = '${entryObject.link}'`); - if (entryObject.category) queryParams.push(`category = '${entryObject.category}'`); - if (entryObject.guild_id) queryParams.push(`guild_id = '${entryObject.guild_id}'`); - if (entryObject.channel_id) queryParams.push(`channel_id = '${entryObject.channel_id}'`); + queryParams.push(`link = "${entryObject.link}"`); + if (entryObject.category) queryParams.push(`category = "${entryObject.category}"`); + if (entryObject.guild_id) queryParams.push(`guild_id = "${entryObject.guild_id}"`); + if (entryObject.channel_id) queryParams.push(`channel_id = "${entryObject.channel_id}"`); let sqlQuery = `UPDATE ${this.dbTable} SET`; @@ -337,7 +337,7 @@ exports.FeedStorage = class FeedStorage extends Storage { } } - sqlQuery = `${sqlQuery} WHERE title = '${entryObject.title}';` + sqlQuery = `${sqlQuery} WHERE title = "${entryObject.title}";` log.DEBUG(`Updating entry with SQL query: '${sqlQuery}'`) @@ -357,7 +357,7 @@ exports.FeedStorage = class FeedStorage extends Storage { return callback(new Error("No entry id given before deleting"), undefined) } - const sqlQuery = `DELETE FROM ${this.dbTable} WHERE id = '${id}';`; + const sqlQuery = `DELETE FROM ${this.dbTable} WHERE id = "${id}";`; runSQL(sqlQuery, this.connection, (err, rows) => { if (err) return callback(err, undefined); @@ -432,11 +432,13 @@ exports.PostStorage = class PostStorage extends Storage { savePost(_postObject, callback){ const tempCreationDate = returnMysqlTime(); log.DEBUG("Saving Post Object:", _postObject); - if (!_postObject?.postId || !_postObject?.link) { - return callback(new Error("Post object malformed, check the object before saving it"), undefined) + if (!_postObject?.postId || !_postObject?.link) { + return callback(new Error("Post object malformed, check the object before saving it", _postObject), undefined) } + + if (_postObject.link.length > 250) _postObject.link = _postObject.link.substring(0, 250); - const sqlQuery = `INSERT INTO ${this.dbTable} (post_guid, post_link, post_sent_date) VALUES ('${_postObject.postId}','${_postObject.link}','${tempCreationDate}');`; + const sqlQuery = `INSERT INTO ${this.dbTable} (post_guid, post_link, post_sent_date) VALUES ("${_postObject.postId}","${_postObject.link}","${tempCreationDate}");`; log.DEBUG(`Adding new post with SQL query: '${sqlQuery}'`)