fixing database connections and patching possible nosqli

2023-06-24 18:48:18 +03:00
parent ad6b29be01
commit d42990db29
36 changed files with 1125 additions and 1030 deletions
--- a/links/index.js
+++ b/links/index.js
@@ -1,37 +1,46 @@
-const express = require("express");
-const { MongoClient } = require("mongodb");
+const express = require("express")
+const { MongoClient } = require("mongodb")
 const { makeID } = require("../api/util.js")
 require("dotenv").config()

-const app = express();
-app.use(express.json());
-app.use(express.urlencoded({ extended: false }));
+const app = express()
+app.use(express.json())
+app.use(express.urlencoded({ extended: false }))

-const client = new MongoClient(process.env.DATABASE);
+const client = new MongoClient(process.env.DATABASE)

-app.get("/:id", async (req,res)=>{
+app.get("/:id", async (req, res) => {
  const id = req.params.id

+  if (typeof id !== "string") return res.redirect("/projects")
+
  await client.connect()
-  const db = await client.db("ngn13")
-  const col = await db.collection("projects")
+  const db = client.db("ngn13")
+  const col = db.collection("projects")
  const projects = await col.find().toArray()

-  console.log(projects)
-
-  for(let i=0; i<projects.length;i++){
-    if(makeID(projects[i]["name"])===id){
+  for (let i = 0; i < projects.length; i++) {
+    if (makeID(projects[i]["name"]) === id) {
      res.redirect(projects[i]["url"])
-      await col.updateOne({ name: projects[i]["name"] }, { "$set":
-        { "click": projects[i]["click"]+1 }})
-      return await client.close()
+      await col.updateOne(
+        { name: projects[i]["name"] },
+        { $set: { click: projects[i]["click"] + 1 } }
+      )
    }
  }
-  await client.close()
+
  return res.redirect("/projects")
 })

+async function pexit() {
+  await client.close()
+  process.exit()
+}
+
+process.on("SIGTERM", pexit)
+process.on("SIGINT", pexit)
+
 export default {
  path: "/l",
-  handler: app,
+  handler: app
 }