History (add/ remove) favorites add remove done

backend/controllers/history.js

@@ -1,6 +1,5 @@
 const db = require("../utils/database");
 
-// TODO: Get the recommondaed product given the userID
 exports.HistoryByUserId = async (req, res) => {
   const { id } = req.body;
   try {
@@ -21,7 +20,7 @@ exports.HistoryByUserId = async (req, res) => {
           JOIN User U ON P.UserID = U.UserID
           JOIN Category C ON P.CategoryID = C.CategoryID
           JOIN History H ON H.ProductID = P.ProductID
-          WHERE U.UserID = ?
+          WHERE H.UserID = ?
       )
       SELECT
           ProductID,
@@ -50,3 +49,42 @@ exports.HistoryByUserId = async (req, res) => {
     });
   }
 };
+
+exports.AddHistory = async (req, res) => {
+  const { userID, productID } = req.body;
+  console.log(userID);
+  try {
+    // Use parameterized query to prevent SQL injection
+    const [result] = await db.execute(
+      `INSERT INTO History (UserID, ProductID) VALUES (?, ?)`,
+      [userID, productID],
+    );
+
+    res.json({
+      success: true,
+      message: "Product added to history successfully",
+    });
+  } catch (error) {
+    console.error("Error adding favorite product:", error);
+    return res.json({ error: "Could not add favorite product" });
+  }
+};
+
+exports.DelHistory = async (req, res) => {
+  const { userID, productID } = req.body;
+  console.log(userID);
+  try {
+    // Use parameterized query to prevent SQL injection
+    const [result] = await db.execute(`DELETE FROM History WHERE UserID=?`, [
+      userID,
+    ]);
+
+    res.json({
+      success: true,
+      message: "Product deleted from History successfully",
+    });
+  } catch (error) {
+    console.error("Error adding favorite product:", error);
+    return res.json({ error: "Could not add favorite product" });
+  }
+};

backend/controllers/product.js

@@ -20,6 +20,26 @@ exports.addFavorite = async (req, res) => {
   }
 };
 
+exports.removeFavorite = async (req, res) => {
+  const { userID, productID } = req.body;
+  console.log(userID);
+  try {
+    // Use parameterized query to prevent SQL injection
+    const [result] = await db.execute(
+      `DELETE FROM Favorites WHERE UserID = ? AND ProductID = ?`,
+      [userID, productID],
+    );
+
+    res.json({
+      success: true,
+      message: "Product removed from favorites successfully",
+    });
+  } catch (error) {
+    console.error("Error removing favorite product:", error);
+    return res.json({ error: "Could not remove favorite product" });
+  }
+};
+
 exports.getFavorites = async (req, res) => {
   const { userID } = req.body;
 

backend/routes/history.js

@@ -1,8 +1,14 @@
 // routes/product.js
 const express = require("express");
-const { HistoryByUserId } = require("../controllers/history");
+const {
+  HistoryByUserId,
+  DelHistory,
+  AddHistory,
+} = require("../controllers/history");
 const router = express.Router();
 
 router.post("/getHistory", HistoryByUserId);
+router.post("/delHistory", DelHistory);
+router.post("/addHistory", AddHistory);
 
 module.exports = router;

backend/routes/product.js

@@ -3,6 +3,7 @@ const express = require("express");
 const {
   addFavorite,
   getFavorites,
+  removeFavorite,
   getAllProducts,
   getProductById,
 } = require("../controllers/product");
@@ -16,6 +17,7 @@ router.use((req, res, next) => {
 
 router.post("/addFavorite", addFavorite);
 router.post("/getFavorites", getFavorites);
+router.post("/delFavorite", removeFavorite);
 
 router.get("/getProduct", getAllProducts);
 router.get("/:id", getProductById); // Simplified route