Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const mysql = require('mysql');
- const http = require('http');
- const express = require('express');
- const path = require('path');
- const app = express();
- const port = 3000;
- const sql = mysql.createConnection({
- host: "localhost",
- user: "root",
- password: "root",
- database: "test"
- });
- const exphbs = require("express-handlebars");
- const session = require('express-session');
- const bodyParser = require('body-parser');
- const crypto = require("crypto");
- const request = require("request");
- sql.connect(function(err) {
- if (err) throw err;
- });
- app.use((req, res, next) => {
- res.append('Access-Control-Allow-Origin', ['*']);
- res.append('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
- res.append('Access-Control-Allow-Headers', 'Content-Type');
- next();
- });
- app.use(express.static("css"));
- app.use(express.static("js"));
- app.use(express.static("views"));
- app.use(express.static("fonts"));
- app.use(bodyParser.urlencoded({
- extended: true
- }));
- app.use(bodyParser.json());
- app.use(session({
- secret: '_SLgw+8o~sM6a*we`/y5Ag_9q0UgZV=;mW:`Zl)7K]ouxkub1z5?E:<|pQUmjy*',
- resave: true,
- saveUninitialized: false,
- cookie:
- {
- expires: 600000
- }
- }));
- app.engine("handlebars", exphbs({ defaultLayout: "main", layoutsDir: __dirname + "/views/layouts/" }));
- app.set("view engine", "handlebars");
- app.set("views", path.join(__dirname, "views"));
- app.get("/mysql", (req, res) =>
- {
- let query = req.query.query;
- if(!req.session.userid) return res.render("mysql", {deny: "You are not logged in."});
- if(req.session.admin == 0) return res.render("mysql", {deny: "You are not an administrator."});
- if(query === null || query === undefined) return res.render("mysql");
- if(query.length == 0) return res.render("mysql", {error: "The query cannot be empty."});
- sql.query("SELECT * FROM `users` WHERE `Name` LIKE ?", "%" + query + "%", (err, result, fields) =>
- {
- if(err) throw err;
- if(result.length == 0)
- {
- return res.render("mysql", {error: "The query returned nothing.", Query: query});
- }
- let arr = [];
- Object.keys(result).forEach(function(key)
- {
- let row = result[key];
- arr.push({ID: row.ID, Name: row.Name, Email: row.Email, Created: row.Created});
- });
- let data =
- {
- items: arr,
- Query: query
- }
- res.render("mysql", data);
- });
- });
- app.get("/", (req, res) =>
- {
- res.render("home");
- });
- app.get("/login", (req, res) =>
- {
- /*console.log(res.statusCode);
- console.log(req.statusCode);
- if(res.statusCode == 401) return res.render("login", {error: "You have to login first."});*/
- if(req.session.userid) return res.render("login", {deny: "You are already logged in."});
- if(req.query.name === undefined || req.query.name === null) return res.render("login");
- const hash = crypto.createHash("sha256");
- hash.update(req.query.password);
- let password = hash.digest("hex");
- if(req.query.name.length == 0 || req.query.password.length == 0) return res.render("login", {error: "The name or password cannot be empty.", name: req.query.name, password: req.query.password});
- sql.query('SELECT * FROM `users` WHERE `Name` = ? AND BINARY `Password` = ?', [req.query.name, password], (error, result, fields) =>
- {
- if(error) throw error;
- if(result.length == 0)
- {
- return res.render("login", {error: "The account does not exist or the wrong password was specified.", name: req.query.name, password: req.query.password});
- }
- let ses = req.session;
- ses.userid = result[0].ID;
- ses.admin = result[0].Admin;
- ses.email = result[0].Email;
- ses.name = result[0].Name;
- res.render("login", {success: 1, email: result[0].Email, created: result[0].Created, name: req.query.name, password: req.query.password});
- });
- });
- app.get("/register", (req, res) =>
- {
- if(req.session.userid) return res.render("register", {deny: "You are already logged in."});
- if(req.query.name === undefined || req.query.name === null) return res.render("register");
- if(req.query.name.length == 0 || req.query.password.length == 0 || req.query.email.length == 0) return res.render("register", {error: "The name, password or email cannot be empty.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.password.length < 4) return res.render("register", {error: "The password has to be atleast 4 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.name.length < 4) return res.render("register", {error: "The name has to be atleast 4 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.email.length < 6) return res.render("register", {error: "The email has to be atleast 6 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.password.length > 64) return res.render("register", {error: "The password has to be max 64 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.name.length > 32) return res.render("register", {error: "The name has to be max 32 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- if(req.query.email.length > 64) return res.render("register", {error: "The email has to be max 64 characters long.", name: req.query.name, password: req.query.password, email: req.query.email});
- sql.query("SELECT * FROM `users` WHERE `Name` = ?", req.query.name, (error, result, fields) =>
- {
- if(result.length != 0)
- {
- return res.render("register", {error: "An account with this name already exists.",name: req.query.name, password: req.query.password, email: req.query.email});
- }
- let today = new Date();
- const hash = crypto.createHash("sha256");
- hash.update(req.query.password);
- let password = hash.digest("hex");
- sql.query('INSERT INTO `users` (Name, Password, Email, Created) VALUES (?, ?, ?, ?)', [req.query.name, password, req.query.email, today], (error, result, fields) =>
- {
- if(error) throw error;
- res.render("register", {success: 1, name: req.query.name});
- });
- });
- });
- app.get("/account", (req, res) =>
- {
- console.log(req.url);
- console.log("Test");
- if(req.query.logout)
- {
- if(req.session.userid)
- {
- req.session.destroy();
- return res.render("account", {msg: "You are now logged out."});
- }
- else
- {
- return res.status(401).location('/login');
- }
- }
- if(!req.session.userid)
- {
- return res.status(401).location('/login');
- }
- res.render("account");
- });
- app.use((req, res, next) =>
- {
- res.status(404);
- res.render("404", {url: req.url});
- });
- app.listen(port);
- console.log("Der Hauptserver wurde erfolgreich gestartet!");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement