I am using nodejs and express for my backend. As I was testing my error handling on 1 of the required input column in postman, It displayed the correct error handling message that I want to see but It is submitting the data into my database (mysql workbench).
It should stopped after displaying the error message and not continue to post the data into my database. My regex is checking for this column 'Multiplier' to see if the input value = 1-100 only.
If any of the Multiplier is 1-100, return success, else if multiplier did not match with my regex return 400 message: "Number from 1 to 100 only" else return res.status(500).send({ message: "Internal Server Error" });
Also if possible, can I add custom regex to other input value for eventName, eventDesc etc? If yes, how should I modify the code to?
Thank you in advance, here is my code.
const express = require("express");
const router = express.Router();
router.post("/submitEvent", (req, res, next) => {
var {eventName,topicId,eventDesc,multiplierType,multiplier,eventStart,eventEnd,status} = req.body;
var pattern = /(^[1-9][0-9]?$|^100$)/; //regular expression allow number from 1 to 100 only
eventsDB.createEvent(eventName,topicId,eventDesc,multiplierType,multiplier,eventStart,eventEnd,status, (err, results) => {
if (err) {
return res.status(500).send({ message: "Internal Server Error" });
}
else if (pattern.test(multiplier) === false) {
return res.status(400).send({ message: "Number from 1 to 100 only" });
}
else if (pattern.test(multiplier) === true) {
return res.status(200).send({ message: "Success" });
}
// return res.status(200).json(results);
}
);
}
);
module.exports = router;
const db = require('../config/databaseConfig');
const eventsDB = {};
eventsDB.createEvent = (eventName, topicId, eventDesc, multiplierType, multiplier, eventStart, eventEnd, stat, callback) => {
var dbConn = db.getConnection();
dbConn.connect(function (err) {
if (err) {
return callback(err, null);
}
const query = "INSERT INTO practiceme.events (eventName, topicId, eventDesc, multiplierType, multiplier, eventStart, eventEnd, status) values (?,?,?,?,?,?,?,?)";
dbConn.query(query, [eventName, topicId, eventDesc, multiplierType, multiplier, eventStart, eventEnd, stat], (err, results) => {
dbConn.end();
if (err) {
console.log(err);
return callback(err, null);
} else {
return callback(null, results);
}
});
});
// return callback(null, true);
};
module.exports = eventsDB;
CodePudding user response:
By the time you're validating multiplier, you've already inserted a record in your DB. Do the check before calling eventsDB.createEvent()
const pattern = /(^[1-9][0-9]?$|^100$)/; //regular expression allow number from 1 to 100 only
router.post("/submitEvent", (req, res, next) => {
const {
eventName,
topicId,
eventDesc,
multiplierType,
multiplier,
eventStart,
eventEnd,
status,
} = req.body;
if (!pattern.test(multiplier)) {
return res.status(400).send({ message: "Number from 1 to 100 only" });
}
eventsDB.createEvent(
eventName,
topicId,
eventDesc,
multiplierType,
multiplier,
eventStart,
eventEnd,
status,
(err, results) => {
if (err) {
return res.status(500).send({ message: "Internal Server Error" });
}
return res.status(200).send({ message: "Success" });
}
);
});