dev-connect/server/UpdateRoute.cs

using System.Net;
using MySql.Data.MySqlClient;

namespace Server;

public class UpdateRoute : SecuredRoute
{
    //TODO create editied time on field in db for comments and posts
    //TODO all updates need validation and deletes
    protected static void UpdateDb(
        HttpListenerRequest request,
        string table,
        List<string> validParamNames,
        bool requireId
    )
    {
        string user_id = ExtractUserId(request);
        var bodyParamValues = ExtractBody(request, validParamNames);

        if (requireId && bodyParamValues["id"] is null)
            throw new Exception("missing id");

        string temp = "";
        foreach (var item in bodyParamValues)
        {
            temp += item.Key + "=\"" + item.Value + "\",";
        }
        // remove last chat from str
        temp = temp[..^1];

        validParamNames.Add("user_id");
        bodyParamValues["user_id"] = user_id;

        temp += requireId ? " WHERE user_id=@user_id AND id=@id;" : " WHERE user_id=@user_id;";

        MySqlCommand cmd = new("UPDATE " + table + " SET " + temp);
        cmd = AddValuesToCmd(bodyParamValues, cmd);

        using MySqlConnection conn = new(connectionString);
        conn.Open();
        cmd.Connection = conn;
        cmd.ExecuteNonQuery();
    }

    protected static void UpdateLikes(
        HttpListenerRequest request,
        string table,
        List<string> validParamNames,
        bool requireId
    )
    {
        var bodyParamValues = ExtractBody(request, validParamNames);
        if (requireId && bodyParamValues["id"] is null)
            throw new Exception("missing id");

        string query = "SELECT likes from post Where id=@id;";
        MySqlCommand cmd2 = new(query);
        using MySqlConnection conn = new(connectionString);
        cmd2.Connection = conn;
        conn.Open();
        cmd2.Parameters.AddWithValue("@id", bodyParamValues["id"]);
        MySqlDataReader reader = cmd2.ExecuteReader();
        string? id = "";
        string? likes = "";
        while (reader.Read())
        {
            id = Convert.ToString(reader["id"]);
            likes = Convert.ToString(reader["likes"]);
        }
        Console.WriteLine(id);

        query = "Update post SET likes=2 where id=1;";
        MySqlCommand cmd = new(query);
        cmd = AddValuesToCmd(bodyParamValues, cmd);

        cmd.Connection = conn;
        cmd.ExecuteNonQuery();
    }
}