diff options
-rw-r--r-- | src/db.go | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/db.go b/src/db.go index 2d9a876..94e317c 100644 --- a/src/db.go +++ b/src/db.go @@ -127,12 +127,12 @@ func dbEditChallengeUUID(uuid string, updatedChallenge Challenge) error { // dbGetChallengeByUUID returns the challenge with the given UUID from the database func dbGetChallengeByUUID(uuid string) (Challenge, error) { // build the query to be executed - query := fmt.Sprintf("SELECT uuid, name, description, flag, container, category, points, static FROM challenges WHERE uuid::text= '%s'", uuid) + query := fmt.Sprintf("SELECT uuid, name, description, flag, container, category, points, static FROM challenges WHERE uuid::text= '$1'") challenge := Challenge{} // execute the query storing the values in the challenge struct defined above - err := db.QueryRow(query).Scan(&challenge.UUID, &challenge.Name, &challenge.Description, &challenge.Flag, &challenge.Container, &challenge.Category, &challenge.Points, &challenge.Static) + err := db.QueryRow(query, uuid).Scan(&challenge.UUID, &challenge.Name, &challenge.Description, &challenge.Flag, &challenge.Container, &challenge.Category, &challenge.Points, &challenge.Static) if err != nil { return Challenge{}, err @@ -141,9 +141,12 @@ func dbGetChallengeByUUID(uuid string) (Challenge, error) { } func dbDeleteChallengeByUUID(uuid string) error { - query := fmt.Sprintf("DELETE FROM challenges WHERE uuid::text = '%s'", uuid) + query := fmt.Sprintf("DELETE FROM challenges WHERE uuid::text = '%s'") - _, _ = db.Exec(query) + err = db.QueryRow(query, uuid) + if err != nil { + return err + } return nil } |