-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
688 lines (568 loc) · 20.5 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
var express = require('express');
var bodyParser = require('body-parser');
var mysql = require('mysql2');
// var router = express.Router();
var path = require('path');
const { connect } = require('http2');
// Please provide correct database information here
var connection = mysql.createConnection({
host: '<HOST>',
user: '<USER>',
password: '<PASSWORD>',
database: '<DATABASE NAME>'
});
connection.connect;
var cur_rest_id;
var cur_location_id;
global.query_result;
var user_id = -1;
var username = "None";
var review_id;
var in_reviewer = 0;
var app = express();
// set up ejs view engine
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(express.static(__dirname + '../public'));
/* GET home page, respond by rendering index.ejs */
app.get('/', function (req, res) {
res.render('login', { title: 'Robust Restaurant System Login' });
});
app.get('/addcommentsuccess', function (req, res) {
res.send('comment added successfully!');
});
app.get('/addcommentfail', function (req, res) {
res.send('No such restaurant! Or you input an invalid rating!');
});
app.get('/delcommentsuccess', function (req, res) {
res.send('Comment deleted successfully!');
});
app.get('/addsuccess', function (req, res) {
res.send('Restaurant added successfully!');
});
app.get('/delsuccess', function (req, res) {
res.send('Restaurant deleted successfully!');
});
app.get('/updatesuccess', function (req, res) {
res.send('Restaurant updated successfully!');
});
app.get('/loginfail', function (req, res) {
res.send("Wrong password or wrong username!");
});
app.get('/notadmin', function (req, res) {
res.send("You are not an adminstrator!");
})
app.get('/mustlogin', function (req, res) {
res.send("You must login to do this!");
})
app.get('/invalidcompare', function (req, res) {
res.send("Please type in valid restaurant ID or one of restaurants may not offer any food and therefore can't be compared due to some incompleteness of this system so far. Please try another restaurant ID!");
})
app.get('/norestid', function (req, res) {
res.send("This Restaurant ID corresponds to no restaurant!");
})
app.get('/noreviewid', function (req, res) {
res.send("This Review ID corresponds to no review!");
})
app.get('/notyours', function (req, res) {
res.send("This comment isn't written by you, you can't delete it!")
})
app.post('/showcomment', function (req, res) {
var restid = req.body.comment_restid;
var sql = `SELECT * FROM Contain NATURAL JOIN Review NATURAL JOIN Restaurant NATURAL JOIN Writes NATURAL JOIN Reviewer WHERE RestaurantID = ${restid};`;
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
if (result.length == 0) {
res.redirect('/norestid');
return;
}
res.render('show_comment', { title: 'Review of restaurant', data: result });
})
})
// this code is executed when a user clicks the form submit button
// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
// add a comment
app.post('/addcomment', function (req, res) {
var ins_rating = req.body.Rating;
var ins_comment = req.body.comment;
var ins_RestaurantID = req.body.RestaurantID;
if (user_id == -1) {
res.redirect('/mustlogin');
}
var ins_reviewerid = user_id;
var ins_reviewername = username;
var date = new Date();
var ins_date = date.getFullYear() + "-" + ("0" + (date.getMonth() + 1)).slice(-2) + "-" + ("0" + date.getDate()).slice(-2) + " " + ("0" + date.getHours()).slice(-2) + ":" + ("0" + date.getMinutes()).slice(-2) + ":" + ("0" + date.getSeconds()).slice(-2);
var check_sql = `SELECT * FROM Restaurant r WHERE r.RestaurantID='${ins_RestaurantID}' `;
var review_sql = `INSERT INTO Review (ReviewID, Rating, Comment, ReviewDate)
VALUES ('${review_id}','${ins_rating}','${ins_comment}', '${ins_date}')`;
var contain_sql = `
INSERT INTO Contain (RestaurantID, ReviewID)
VALUES ('${ins_RestaurantID}','${review_id}')`;
var write_sql = `
INSERT INTO Writes (ReviewerID, ReviewID)
VALUES ('${ins_reviewerid}','${review_id}')`;
var reviewer_sql = `INSERT INTO Reviewer VALUES ('${ins_reviewerid}', '${ins_reviewername}');`;
connection.query(check_sql, function (err, result) {
if (err) {
res.send(err)
return;
}
if (result == 0 || ins_rating <> 5) {
console.log("no such Restaurant");
res.redirect('/addcommentfail');
return;
}
});
if (in_reviewer == 0) {
connection.query(reviewer_sql, function (err, result) {
if (err) {
res.send(err);
return;
}
})
}
connection.query(review_sql, function (err, result) {
if (err) {
res.send(err)
return;
}
});
connection.query(write_sql, function (err, result) {
if (err) {
res.send(err)
return;
}
});
connection.query(contain_sql, function (err, result) {
if (err) {
res.send(err)
return;
}
review_id = review_id + 1;
res.redirect('/addcommentsuccess');
});
});
// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
app.post('/addrest', function (req, res) {
var restname = req.body.RestaurantName;
var phonenumber = req.body.PhoneNumber;
var pricelevel = req.body.PriceLevel;
var averating = req.body.AverageRating;
var ratingnum = req.body.RatingNum;
var cuisine = req.body.Cuisine;
var delivery = req.body.Delivery;
var dinein = req.body.Dine_In;
var location = req.body.location;
var locsql1 = `INSERT INTO Location (LocationID, Address) VALUES (${cur_location_id},'${location}')`;
var locsql2 = `INSERT INTO Locate (RestaurantID,LocationID) VALUES (${cur_rest_id},${cur_location_id})`;
var sql = `INSERT INTO Restaurant (RestaurantID, RestaurantName, PhoneNumber, PriceLevel, AverageRating, Cuisine, Delivery, Dine_In, RatingNum) VALUES ('${cur_rest_id}','${restname}','${phonenumber}', '${pricelevel}', '${averating}', '${cuisine}', '${delivery}', '${dinein}', '${ratingnum}')`;
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
});
connection.query(locsql1, function(err, result) {
if(err){
res.send(err);
return;
}
})
connection.query(locsql2, function(err,result) {
if(err){
res.send(err);
return;
}
res.redirect('/addsuccess');
})
});
app.post('/delrest', function (req, res) {
var restname = req.body.RestaurantName;
var why_not_working = req.body.RestaurantID;
var locationid = req.body.dellocationID;
if (restname.length === 0 || why_not_working === null) {
console.log('please input a restaurant name and ID');
} else {
var sql = `DELETE FROM Restaurant WHERE RestaurantName='${restname}' AND RestaurantID=${why_not_working}`;
}
var del_loc_sql = `DELETE FROM Locate WHERE RestaurantID = ${why_not_working} AND LocationID = ${locationid}`;
connection.query(del_loc_sql, function (err, result) {
if (err) {
res.send(err)
return;
}
});
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
res.redirect('/delsuccess');
});
});
app.post('/updrest', function (req, res) {
var rest_id = req.body.idToUpdate;
var new_rest_name = req.body.restNameToUpdate;
var new_phone_num = req.body.phoneNumToUpdate;
var new_price_lvl = req.body.priceLevelToUpdate;
var new_avg_rating = req.body.avgRatingToUpdate;
var new_cuisine = req.body.cuisineToUpdate;
var new_delivery = req.body.deliveryUpdate;
var new_dinein = req.body.dineInUpdate;
var sql = `UPDATE Restaurant SET RestaurantName='${new_rest_name}', PhoneNumber='${new_phone_num}', PriceLevel=${new_price_lvl}, AverageRating=${new_avg_rating}, Cuisine='${new_cuisine}', Delivery=${new_delivery}, Dine_In=${new_dinein} WHERE RestaurantID=${rest_id}`;
console.log(sql);
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
res.redirect('/updatesuccess');
});
});
// Find best rated dish based on zipcode
app.post('/findbestfoodzip', function (req, res) {
var zipcode_num = req.body.zipcodeToFind;
var sql = `SELECT FoodName, ROUND(AVG(AverageRating), 2) as AVGRating FROM OfferFood NATURAL JOIN Restaurant NATURAL JOIN Locate NATURAL JOIN Location WHERE Zipcode = '${zipcode_num}' GROUP BY FoodName ORDER BY AVGRating DESC`;
console.log(sql);
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
res.render('search_zip', { title: 'Zipcode Search Result', data: result, keyword: zipcode_num })
});
});
// Search with time
app.post('/searchwithtime', function (req, res) {
var rest_word = req.body.keyword;
var rest_time = req.body.time;
var rest_day = req.body.day;
var sql = `
SELECT RestaurantID, RestaurantName, Cuisine, FoodName,OpenTime
FROM OfferFood o NATURAL JOIN Restaurant r NATURAL JOIN BusinessHours NATURAL JOIN
Schedules s1
WHERE (o.FoodName like "%${rest_word}%" or r.RestaurantName like "%${rest_word}%" )
AND DayOfWeek = "${rest_day}"
and RestaurantID in
(
SELECT RestaurantID
FROM Restaurant r NATURAL JOIN BusinessHours NATURAL JOIN Schedules
WHERE DayOfWeek = "${rest_day}" and Hour(OpenTime)>${rest_time}
)
order by OpenTime asc; `
console.log(sql);
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
res.render('search_time', { title: 'Time Search Result', data: result, word: rest_word, time: rest_time, day: rest_day })
});
});
// Search keyword
app.post('/searchkeyword', function (req, res) {
var rest_word = req.body.keyword;
var sql = `
SELECT *
FROM OfferFood o NATURAL JOIN Restaurant r
WHERE (o.FoodName like "%${rest_word}%" or r.RestaurantName like "%${rest_word}%" );`
connection.query(sql, function (err, result) {
if (err) {
res.send(err)
return;
}
res.render('search_key', { title: 'Keyword Search Result', data: result, keyword: rest_word })
});
});
// User Login
app.post('/restaurant-user-system', function (req, res) {
var usr_name = req.body.username;
var passwd = req.body.password;
var sql = `
SELECT *
FROM User
WHERE UserName = "${usr_name}" AND Password = "${passwd}";`;
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
user_id = -1;
username = "None";
if (result.length == 0) {
res.redirect('/loginfail');
return;
} else {
user_id = result[0].UserID;
username = result[0].UserName;
// Set review id
var get_reviewid_sql = `SELECT MAX(ReviewID) as max_id FROM Review `;
connection.query(get_reviewid_sql, function (err, result) {
if (err) {
res.send(err);
return;
}
review_id = result[0].max_id + 1;
console.log(review_id);
})
in_reviewer = 0;
// Whether this user is in reviewer list
var reviewer_sql = `SELECT * FROM Reviewer WHERE ReviewerID = ${user_id}`
connection.query(reviewer_sql, function (err, result) {
if (err) {
res.send(err);
return;
}
if (result.length != 0) {
in_reviewer = 1;
}
})
res.render('user_index', { title: 'Robust Restaurant System' });
}
})
})
// Admin Login
app.post('/restaurant-admin-system', function (req, res) {
var usr_name = req.body.username;
var passwd = req.body.password;
var sql = `
SELECT *
FROM User
WHERE UserName = "${usr_name}" AND Password = "${passwd}";`;
console.log(sql);
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
username = "None";
user_id = -1;
if (result.length == 0) {
res.redirect('/loginfail');
return;
}
else {
if (result[0].isAdmin == 1) {
user_id = result[0].UserID;
username = result[0].UserName;
// Set restaurant ID
var get_restid_sql = `SELECT MAX(RestaurantID) as max_id FROM Restaurant `;
connection.query(get_restid_sql, function (err, result) {
if (err) {
res.send(err);
return;
}
cur_rest_id = result[0].max_id + 1;
})
// Set location ID
var get_locid_sql = `SELECT MAX(LocationID) as max_id FROM Location `;
connection.query(get_locid_sql, function (err, result) {
if (err) {
res.send(err);
return;
}
cur_location_id = result[0].max_id + 1;
})
res.render('admin_index', { title: 'Robust Restaurant System' });
} else {
res.redirect('/notadmin');
}
}
})
})
// Trial
app.post('/restaurant-trial-system', function (req, res) {
res.render('user_index', { title: 'Robust Restaurant System' });
})
// Basic search (restaurant)
app.post('/search-restaurant', function (req, res) {
var rest = req.body.restaurant_input;
var sql;
if (!rest) {
sql = `SELECT * FROM Restaurant NATURAL JOIN Locate NATURAL JOIN Location `;
} else {
sql = `SELECT * FROM Restaurant NATURAL JOIN Locate NATURAL JOIN Location WHERE RestaurantName LIKE "%${rest}%";`
}
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
res.render('search_restaurant', { title: "Restaurant Search Result", data: result, keyword: rest });
})
})
app.post('/admin-search-restaurant', function (req, res) {
var rest = req.body.restaurant_input;
var sql;
if (!rest) {
sql = `SELECT * FROM Restaurant NATURAL JOIN Locate NATURAL JOIN Location `;
} else {
sql = `SELECT * FROM Restaurant NATURAL JOIN Locate NATURAL JOIN Location WHERE RestaurantName LIKE "%${rest}%";`
}
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
console.log(result);
res.render('admin_search_rest', { title: "Restaurant Search Result", data: result, keyword: rest });
})
})
app.listen(80, function () {
console.log('Node app is running on port 80');
});
// Show favourite restaurants
app.post('/show-favourite', function (req, res) {
if (user_id == -1) {
res.redirect('./mustlogin');
}
var sql = `SELECT *
FROM Restaurant NATURAL JOIN Likes NATURAL JOIN Locate NATURAL JOIN Location
WHERE UserID = ${user_id}`
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
res.render('favourite_restaurant', { title: "Favourite Restaurant", data: result });
})
})
// Comparison
app.post('/comparison', function (req, res) {
var restid1 = req.body.rest1;
var restid2 = req.body.rest2;
var sql = `SELECT r.RestaurantID, r.RestaurantName, r.PriceLevel, r.AverageRating, RatingNum, r.Cuisine, r.Delivery, r.Dine_In, ln.Address
FROM Restaurant r NATURAL JOIN Locate le NATURAL JOIN Location ln
WHERE r.RestaurantID = ${restid1} OR r.RestaurantID = ${restid2}
`
connection.query(sql, function (err, result) {
if (err) {
res.send(err);
return;
}
console.log(result);
if (result.length != 2) {
res.redirect("./invalidcompare");
} else {
var list = ["ID", "Name", "Price Level", "Average Rating", "Number of Rating", "Cuisine", "Delivery", "Dine In", "Address"];
var col1 = [];
var col2 = [];
var result1 = [];
var result2 = [];
for (const property in result[0]) {
col1.push(result[0][property]);
}
for (const property in result[1]) {
col2.push(result[1][property]);
}
// -------------
// ID
result1.push('-');
result2.push('-');
// Name
result1.push('-');
result2.push('-');
// Price Level
if (!col1[2] || !col2[2] || (col1[2] == col2[2])) {
result1.push('-');
result2.push('-');
} else {
if (col1[2] > col2[2]) {
result1.push('↓');
result2.push('↑');
} else {
result1.push('↑');
result2.push('↓');
}
}
// Average Rating
if (!col1[3] || !col2[3] || (col1[3] == col2[3])) {
result1.push('-');
result2.push('-');
} else {
if (col1[3] < col2[3]) {
result1.push('↓');
result2.push('↑');
} else {
result1.push('↑');
result2.push('↓');
}
}
// Number of Rating
if (!col1[4] || !col2[4] || (col1[4] == col2[4])) {
result1.push('-');
result2.push('-');
} else {
if (col1[4] < col2[4]) {
result1.push('↓');
result2.push('↑');
} else {
result1.push('↑');
result2.push('↓');
}
}
// Cuisine
result1.push('-');
result2.push('-');
// Delivery
if (!col1[6] || !col2[6] || (col1[6] == col2[6])) {
result1.push('-');
result2.push('-');
} else {
if (col1[6] < col2[6]) {
result1.push('↓');
result2.push('↑');
} else {
result1.push('↑');
result2.push('↓');
}
}
// Dine In
if (!col1[7] || !col2[7] || (col1[7] == col2[7])) {
result1.push('-');
result2.push('-');
} else {
if (col1[7] < col2[7]) {
result1.push('↓');
result2.push('↑');
} else {
result1.push('↑');
result2.push('↓');
}
}
// Address
result1.push('-');
result2.push('-');
// -------------
res.render('compare', { title: "Restaurant Comparsion", rest1: result[0], rest2: result[1], compare_list: list, col1: col1, col2: col2, result1: result1, result2: result2 });
}
})
})
app.post('/storedproctest', function (req, res) {
if(user_id == -1){
res.redirect('/mustlogin');
}
var dayofweek = req.body.dayofweek;
var timeofday = req.body.timeofday;
/* var sql1 = `DROP PROCEDURE <procedure_name>`
var sql2 = `CREATE PROCEDURE <procedure_name(_args)
BEGIN
COMMANDS;
END;>`*/
var sql3 = `CALL new_procedure('${dayofweek}',${timeofday},${user_id});`
/*ALSO CHANGE THE VARIABLE NAME BELOW WHEN TESTING. PROBABLY COPY AND PASTE THE BELOW CODE TWO OTHER PLACES THO*/
console.log(sql3);
connection.query(sql3, function (err, result) {
if (err) {
res.send(err)
return;
}
res.render('procedure',{title:"Stored Procedure", dayofweek:dayofweek, timeofday:timeofday, data:result[0]})
});
});