jhim/DoubleSnake
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #2 from kobolol/codex/fix-sql-syntax-error-in-ranking

Browse Source 
Fix rank query syntax and parameterize score SQL
This commit is contained in:
Jonas
2025-09-21 20:09:28 +02:00
committed by GitHub
parent 635dc68db5 359a930a91
commit 62875421b1
1 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/src/Database/ScoreManager/ScoreManager.js
View File

@@ -17,14 +17,15 @@ class ScoreManager{
}
async createScore(newScoreJson){
const sql = `INSERT INTO scores (user1, user2, score) VALUES (
${newScoreJson.user1}, ${newScoreJson.user2}, ${newScoreJson.score})`;
const sql = "INSERT INTO scores (user1, user2, score) VALUES (?, ?, ?)";
const insertResult = await this.connection.promise().query(sql);
const insertResult = await this.connection
.promise()
.query(sql, [newScoreJson.user1, newScoreJson.user2, newScoreJson.score]);
const insertId = insertResult[0].insertId;
const selectSql = `SELECT * FROM scores WHERE id = ${insertId}`;
const selectResult = await this.connection.promise().query(selectSql);
const selectSql = "SELECT * FROM scores WHERE id = ?";
const selectResult = await this.connection.promise().query(selectSql, [insertId]);
const rank = await this.getRankById(insertId);
@@ -32,7 +33,7 @@ class ScoreManager{
}
async getScoreById(id){
const response = await this.connection.promise().query(`SELECT * FROM scores WHERE id = ${id}`);
const response = await this.connection.promise().query("SELECT * FROM scores WHERE id = ?", [id]);
const rank = await this.getRankById(id);
@@ -63,9 +64,11 @@ class ScoreManager{
}
async getRankById(id){
const rankSql = `SELECT COUNT(*) + 1 AS rank FROM scores WHERE score > (SELECT score FROM scores WHERE id = ${id})`;
const rankResult = await this.connection.promise().query(rankSql);
const rank = rankResult[0][0].rank;
const rankSql =
"SELECT COUNT(*) + 1 AS rank_position FROM scores WHERE score > (SELECT score FROM scores WHERE id = ?)";
const rankResult = await this.connection.promise().query(rankSql, [id]);
const rank = rankResult[0][0]?.rank_position ?? null;
return rank;
}