Working

author: Logan Hunt <loganhunt@simponic.xyz> 2022-03-30 22:15:20 -0600
committer: Logan Hunt <loganhunt@simponic.xyz> 2022-03-30 22:15:20 -0600
commit: 42cf50ee7521bd751f4d0f0798276e548bb83fee (patch)
tree: 5b2e8877a137a9b62ea630cc69135183804131d5 /server/providers/services/chat_room.service.ts
parent: ae0c829453d4663203887979349047850cb98626 (diff)
download: locchat-42cf50ee7521bd751f4d0f0798276e548bb83fee.tar.gz
locchat-42cf50ee7521bd751f4d0f0798276e548bb83fee.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/server/providers/services/chat_room.service.ts b/server/providers/services/chat_room.service.ts
index a6af023..ed75ba4 100644
--- a/server/providers/services/chat_room.service.ts
+++ b/server/providers/services/chat_room.service.ts
@@ -18,9 +18,10 @@ export class ChatRoomService {
     return this.chatRoomRepository.find();
   }
 
-  near({ lat, lng }: { lat: number; lng: number }) {
+  nearOrUserOwns({ lat, lng, userId }: { lat: number; lng: number; userId: number }) {
+    // SQL injection maybe?
     return this.chatRoomRepository.query(
-      `SELECT * FROM chat_room WHERE calculate_distance(latitude, longitude, ${lat}, ${lng}, 'M') < 5`,
+      `SELECT * FROM chat_room WHERE calculate_distance(latitude, longitude, ${lat}, ${lng}, 'M') < 5 OR "userId" = ${userId}`,
     );
   }
author	Logan Hunt <loganhunt@simponic.xyz>	2022-03-30 22:15:20 -0600
committer	Logan Hunt <loganhunt@simponic.xyz>	2022-03-30 22:15:20 -0600
commit	42cf50ee7521bd751f4d0f0798276e548bb83fee (patch)
tree	5b2e8877a137a9b62ea630cc69135183804131d5 /server/providers/services/chat_room.service.ts
parent	ae0c829453d4663203887979349047850cb98626 (diff)
download	locchat-42cf50ee7521bd751f4d0f0798276e548bb83fee.tar.gz locchat-42cf50ee7521bd751f4d0f0798276e548bb83fee.zip