71 lines
1.8 KiB
JavaScript
71 lines
1.8 KiB
JavaScript
const db = require("../utils/database");
|
|
|
|
exports.addToFavorite = (req, res) => {
|
|
const { userID, productsID } = req.body;
|
|
|
|
// Use parameterized query to prevent SQL injection
|
|
db.execute(
|
|
"INSERT INTO Favorites (UserID, ProductID) VALUES (?, ?)",
|
|
[userID, productsID],
|
|
(err, result) => {
|
|
if (err) {
|
|
console.error("Error adding favorite product:", err);
|
|
return res.json({ error: "Could not add favorite product" });
|
|
}
|
|
res.json({
|
|
success: true,
|
|
message: "Product added to favorites successfully",
|
|
});
|
|
}
|
|
);
|
|
};
|
|
|
|
//Get all products
|
|
exports.getAllProducts = (req, res) => {
|
|
const query = "SELECT * FROM Product";
|
|
db.execute(query, (err, data) => {
|
|
if (err) {
|
|
console.error("Error finding user:", err);
|
|
return res.status(500).json({
|
|
found: false,
|
|
error: "Database error occurred",
|
|
});
|
|
}
|
|
res.json({
|
|
success: true,
|
|
message: "Product added to favorites successfully",
|
|
data,
|
|
});
|
|
});
|
|
};
|
|
|
|
// db_con.query(
|
|
// "SELECT ProductID FROM product WHERE ProductID = ?",
|
|
// [productID],
|
|
// (err, results) => {
|
|
// if (err) {
|
|
// console.error("Error checking product:", err);
|
|
// return res.json({ error: "Database error" });
|
|
// }
|
|
|
|
// if (results.length === 0) {
|
|
// return res.json({ error: "Product does not exist" });
|
|
// }
|
|
// },
|
|
// );
|
|
|
|
// db_con.query(
|
|
// "INSERT INTO Favorites (UserID, ProductID) VALUES (?, ?)",
|
|
// [userID, productID],
|
|
// (err, result) => {
|
|
// if (err) {
|
|
// console.error("Error adding favorite product:", err);
|
|
// return res.json({ error: "Could not add favorite product" });
|
|
// }
|
|
// res.json({
|
|
// success: true,
|
|
// message: "Product added to favorites successfully",
|
|
// });
|
|
// },
|
|
// );
|