Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Global Variables
- var express = require("express"),
- bodyParser = require("body-parser"),
- mysql = require("mysql"),
- app = express();
- // Setting up the static includes, the body parser, and the viewengine
- app.use(express.static("public"));
- app.use(bodyParser.urlencoded({extended: true}));
- app.set("view engine", "ejs");
- // Establishes a connection to the mysql db
- var conn = mysql.createConnection({
- host: "127.0.0.1",
- user: "root",
- password: "2a69sj4hJos",
- database: "c9"
- });
- // START ROUTES
- app.get("/", function(req, res) {
- // Connect to db
- conn.connect();
- var posts;
- conn.query("SELECT * FROM posts", function(err, result) {
- if(err) {
- console.log(err);
- } else {
- posts = result;
- }
- });
- res.render("home", {posts: posts});
- });
- app.get("/addPost/:password", function(req, res) {
- res.render("addPost", {password: req.params.password});
- });
- // Possible security risk (no verification when manually sending post request)
- app.post("/post/:password", function(req, res) {
- if(req.params.password === "2a69sj4hJos") {
- conn.connect();
- var post = {
- title: req.body.title,
- body: req.body.body,
- link: req.body.link,
- time: req.body.time
- };
- // Inserts a row in the table and sets all the values from the "post" object
- // Returns with a callback function to verify the post
- conn.query("INSERT INTO posts SET ?", post, function(err, result) {
- if(err) {
- console.error(err);
- } else {
- console.log("Inserted post to db successfully!");
- }
- });
- res.redirect("/addPost/2a69sj4hJos");
- } else {
- res.send("INCORRECT PASSWORD!");
- }
- });
- app.get("*", function(req, res) {
- res.send("404 Error (Page Not Found)");
- });
- // END ROUTES
- app.listen(process.env.PORT, process.env.IP);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
