Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get started #1

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Get started #1

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0ee6df3
initial prototype of backend andd admin apnnel
nkkumawat Aug 14, 2017
e453857
login page admin page created , speaker and video details insertion …
nkkumawat Aug 14, 2017
b450342
fix some issues which are from ansul sir , sanitizition before sql i…
nkkumawat Aug 15, 2017
4d5bffb
Added delete speaker and video features
nkkumawat Aug 18, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
112 changes: 55 additions & 57 deletions app.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ app.use(session({
resave: true,
saveUninitialized: true
}));
var Storage = multer.diskStorage({
var storage = multer.diskStorage({
destination: function(req, file, callback) {
callback(null, "./www/images");
},
Expand All @@ -38,113 +38,111 @@ var Storage = multer.diskStorage({
}
});
var upload = multer({
storage: Storage
storage: storage
}).array("images", 3);
app.get('/login' , function (req , res) {
if(req.session.user) {
if(req.session.username) {
res.redirect('/admin');
}else {
res.sendFile(__dirname + '/www/login.html');
}
});
app.post('/login' , function (req , res) {
login(req , res);
const post = req.body;
const username = sanitizeHtml(post.user);
const password = sanitizeHtml(post.password);
var sql = "SELECT * FROM login WHERE username='"+username+"'";
con.query(sql, function (err, result, fields) {
if( result.length > 0 && result[0].password === password ) {
console.log("Auth set");
req.session.username = post.user;
res.send({"result" : "Found"});
}else {
res.send({"result": "NotFound"});
}
});
});
app.get('/admin' , function (req , res) {
console.log(req.session.user);
if(!req.session.user) {
console.log("Admin");
if(!req.session.username) {
res.redirect('/login');
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can put all routes in single file, since they'll be reused everywhere.

}else {
res.sendFile(__dirname + '/www/admin.html');
}
});
app.get('/speaker' , function (req , res) {
app.get('/speakers' , function (req , res) {
res.sendFile(__dirname + '/www/speaker.html');
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about we use Express's static feature to serve static files? It'll be much cleaner.

https://expressjs.com/en/starter/static-files.html

});
app.post('/speaker' , function (req , res) {
app.post('/speakers' , function (req , res) {
Copy link
Collaborator Author

@AnshulMalik AnshulMalik Aug 18, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be get method, since we are getting list of speakers.

Let's not merge API and static pages, we can put all api requests under /api/* route.

var sql = "SELECT * FROM speaker ";
con.query(sql, function (err, result, fields) {
var jsonString = JSON.stringify(result);
var jsonData = JSON.parse(jsonString);
res.send(jsonData);
res.send(result);
});
});
app.post("/speakerinsert", function(req, res) {
app.post("/speaker-insert", function(req, res) {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be a POST request to /speakers.

upload(req ,res, function(err) {
if (err) {
return res.end("Something went wrong!");
}else {
const post = req.body;
const name = sanitizeHtml(post.speakername);
const topic = sanitizeHtml(post.topic);
const description = sanitizeHtml(post.description);
var sql = "INSERT INTO speaker(name, topic, description, pic_url) " +
"values('"+name+"','"+topic+"','"+description+"','/images/"+name+".jpg')";
con.query(sql, function (err, result, fields) {
res.redirect('/admin');
});
}
insertSpeaker(req , res);
});
});
app.get('/logout', function (req, res) {
req.session.destroy();
res.redirect("/login");
});
app.post('/getuser' , function (req , res) {
res.send({"username" : req.session.user});
res.send({
"username" : req.session.username
});
});
app.get('/blog' , function (req , res) {
Copy link
Collaborator Author

@AnshulMalik AnshulMalik Aug 18, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static pages should not be handled by api, if required, we can have a separate file for serving static files.

res.sendFile(__dirname + '/www/blog.html');
});
app.post('/blog' , function (req , res) {
var sql = "SELECT * FROM videos";
con.query(sql, function (err, result, fields) {
var jsonString = JSON.stringify(result);
var jsonData = JSON.parse(jsonString);
res.send(jsonData);
res.send(result);
});
});
app.post("/videoinsert", function(req, res) {
insertVideo(req , res);
});
function login(req,res){
var post = req.body;
var username = post.user;
var password = post.password;
username = sanitizeHtml(username);
password = sanitizeHtml(password);
var sql = "SELECT * FROM login WHERE username='"+username+"'";
app.post("/video-insert", function(req, res) {
const post = req.body;
const title = sanitizeHtml(post.title);
const description = sanitizeHtml(post.description);
const url = sanitizeHtml(post.url);
var sql = "INSERT INTO videos(title, description, video_url) " +
"values('"+title+"','"+description+"','"+url+"')";
con.query(sql, function (err, result, fields) {
var jsonString = JSON.stringify(result);
var jsonData = JSON.parse(jsonString);
if( jsonData.length > 0 && jsonData[0].password === password ) {
console.log(req.session.user + "Auth set");
req.session.user = post.user;
res.send({"result" : "Found"});
}else {
res.send({"result": "NotFound"});
}
res.redirect('/admin');
});
}
function insertSpeaker(req , res ) {
var post = req.body;
var name = post.speakername;
var topic = post.topic;
var description = post.description;
name = sanitizeHtml(name);
topic = sanitizeHtml(topic);
description = sanitizeHtml(description);
var sql = "INSERT INTO speaker(name, topic, description, pic_url) values('"+name+"','"+topic+"','"+description+"','/images/"+name+".jpg')";
});
app.post("/delete-speaker", function(req, res) {
const post = req.body;
const speakerName = sanitizeHtml(post.speakerName);
var sql = "Delete from speaker where name = '" + speakerName +"'" ;
con.query(sql, function (err, result, fields) {
res.redirect('/admin');
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Stick with one convention, either double or single quotes.

A linter will be really helpful.

});
}
function insertVideo(req , res ) {
var post = req.body;
var title = post.title;
var description = post.description;
var url = post.url;
title = sanitizeHtml(title);
description = sanitizeHtml(description);
var sql = "INSERT INTO videos(title, description, video_url) values('"+title+"','"+description+"','"+url+"')";
});
app.post("/delete-video", function(req, res) {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if we make this DELETE instead of POST and URL to be /video/<id>.

const post = req.body;
const videoTitle = sanitizeHtml(post.videoTitle);
var sql = "Delete from videos where title = '" + videoTitle +"'" ;
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We would probably want to add some auth here in future.

con.query(sql, function (err, result, fields) {
res.redirect('/admin');
});
}
});
// Starting Server
const port = process.env.PORT || 3000;
server.listen(port, function(){
console.log('listening on *:3000');
});

1 change: 1 addition & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,4 @@
"sanitize-html": "^1.14.1"
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add new lines at EOF, asap.


83 changes: 76 additions & 7 deletions www/admin.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,34 @@
<html lang="en">
<head>
<meta charset="UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="initial-scale=1,width=device-width">
<meta name="description" content="TEDx National Institute of Technology, Kurukshetra ."/>
<link rel="author" href="http://gawds.in"/>
<meta name="author" content="gawds"/>
<meta name="robots" content="index, follow"/>
<meta property="og:title" content="TEDx NIT Kurukshetra"/>
<meta property="og:type" content="website"/>
<meta property="og:image" itemprop="image" content="/jpg/Logo.jpg"/>
<meta property="og:url" content="http://tednitkkr.in"/>
<meta property="og:description" content="TEDx National Institute of Technology, Kurukshetra ."/>

<meta name="twitter:card" content="summary"/>
<meta name="twitter:url" content="http://tednitkkr.in"/>
<meta name="twitter:title" content="TEDx NIT Kurukshetra"/>
<meta name="twitter:description" content="TEDx National Institute of Technology, Kurukshetra ."/>
<meta name="twitter:image" content="jpg/Logo.jpg"/>

<meta itemprop="name" content="Techspardha 2017">
<meta itemprop="description" content="TEDx National Institute of Technology, Kurukshetra .">
<meta itemprop="image" content="jpg/Logo.jpg">
<title>Admin Panel</title>
<link rel="stylesheet" href="/css/bootstrap.min.css">
<link rel="stylesheet" href="/css/main.css">
</head>
<body>
<nav class="navbar navbar-default">
<nav class="navbar navbar-default header-admin">
<div class="container-fluid">
<div class="navbar-header">
<p class="navbar-brand user">username</p>
Expand All @@ -17,7 +39,7 @@
</div>
</div>
</nav>
<div class="container">
<div class="container admin-body">
<div class="jumbotron" >
<div class="row about-tedx">
<div class="container">
Expand All @@ -27,23 +49,29 @@
</ul>
<div class="tab-content">
<div id="menu1" class="tab-pane fade in active" >
<form class="form-inline" action="/speakerinsert" method="post" enctype="multipart/form-data" >
<form class="form-inline" action="/speaker-insert" method="post" enctype="multipart/form-data" >
<div class="form-group">
<input type="text" name="speakername" placeholder="Name" class="form-control fields" id="name">
</div><br><br>
</div>
<br>
<div class="form-group">
<input type="text" name="topic" placeholder="Topic" class="form-control fields" id="topic">
</div><br><br>
</div>
<br>
<div class="form-group">
<textarea type="text" name="description" placeholder="Description" class="form-control fields" id="description"></textarea>
</div><br><br>
</div>
<br>
<input type="file" placeholder="File" name="images" multiple id="file">
<br>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<hr/>
<ul class="list-group" id="speakers">
</ul>
</div>
<div id="menu2" class="tab-pane fade">
<form class="form-inline" action="/videoinsert" method="post" >
<form class="form-inline" action="/video-insert" method="post" >
<div class="form-group">
<input type="text" name="title" placeholder="Title"class="form-control fields"id="title">
</div><br><br>
Expand All @@ -55,6 +83,8 @@
</div><br><br>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<hr>
<ul class="list-group" id="videos"></ul>
</div>
</div>
</div>
Expand All @@ -65,11 +95,50 @@
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript">
var username = $(".user");
var speakers = $("#speakers");
var videos = $("#videos");
$(document).ready(function(){
$.post("/getuser",{}, function(response){
username.text(response.username);
});
$.post("/speakers",{}, function(response){
for(var i = 0 ; i < response.length ; i++) {
speakers.append('<ul class="list-group " >' +
' <li class="list-group-item"> ' +
'' +response[i].name+ '(' +response[i].topic+ ')' +
'<button class=" btn delete deleteSpeaker " name="'+response[i].name+'" > Delete </button>' +
'</li>' +
'</ul>');
$(".deleteSpeaker" ).click(function() {
var data = {
"speakerName" : this.name
};
$.post("/delete-speaker" , data ,function(response){
location.reload();
});
});
}
});
$.post("/blog",{}, function(response){
for(var i = 0 ; i < response.length ; i++) {
videos.append('<ul class="list-group " > ' +
'<li class="list-group-item">' +
' '+response[i].title+
'<button class="btn deleteVideos delete btn-group" name="'+response[i].title+'" > Delete </button>' +
'</li>' +
'</ul>');
$(".deleteVideos" ).click(function() {
var data = {
"videoTitle" : this.name
};
$.post("/delete-video" , data ,function(response){
location.reload();
});
});
}
});
});
</script>
</body>
</html>

1 change: 1 addition & 0 deletions www/blog.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,4 @@
</script>
</body>
</html>

19 changes: 11 additions & 8 deletions www/css/main.css
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,14 @@

@font-face {
font-family: hBold;
src: url(HelveticaBold.ttf);
}

body {
background: #eee !important;
}

.wrapper {
margin-top: 80px;
margin-bottom: 80px;
}

.form-signin {
background: #ff2b06;
max-width: 420px;
Expand All @@ -30,19 +26,16 @@ body {
font-size: 16px;
height: auto;
padding: 10px;

}
.btn {
background-color: #fff;
color: #ff2b06;
}

input[type="text"] {
margin-bottom: -1px;
border-bottom-left-radius: 0;
border-bottom-right-radius: 0;
}

input[type="password"] {
margin-bottom: 20px;
border-top-left-radius: 0;
Expand All @@ -58,6 +51,16 @@ input[type="password"] {
padding: 20px;
border: 4px solid white;
}
#name , #topic , #title, #url , #file,#description , #desc {
#name, #topic, #title, #url , #file, #description , #desc {
width: 600px;
}
.delete {
position: relative;
float: right;
}
.navbar-header {
float: right;
}
.form-group {
margin-top: 10px;
}
Loading