public void updateServiceType(
CFSecurityAuthorization Authorization, CFSecurityServiceTypeBuff Buff) {
final String S_ProcName = "updateServiceType";
ResultSet resultSet = null;
try {
int ServiceTypeId = Buff.getRequiredServiceTypeId();
String Description = Buff.getRequiredDescription();
int Revision = Buff.getRequiredRevision();
Connection cnx = schema.getCnx();
String sql = "exec sp_update_svctype ?, ?, ?, ?, ?, ?" + ", " + "?" + ", " + "?" + ", " + "?";
if (stmtUpdateByPKey == null) {
stmtUpdateByPKey = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtUpdateByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtUpdateByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtUpdateByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtUpdateByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtUpdateByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtUpdateByPKey.setString(argIdx++, "SVCT");
stmtUpdateByPKey.setInt(argIdx++, ServiceTypeId);
stmtUpdateByPKey.setString(argIdx++, Description);
stmtUpdateByPKey.setInt(argIdx++, Revision);
resultSet = stmtUpdateByPKey.executeQuery();
if (resultSet.next()) {
CFSecurityServiceTypeBuff updatedBuff = unpackServiceTypeResultSetToBuff(resultSet);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
Buff.setRequiredDescription(updatedBuff.getRequiredDescription());
Buff.setRequiredRevision(updatedBuff.getRequiredRevision());
} else {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Expected a single-record response, " + resultSet.getRow() + " rows selected");
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
/**
* Function: Attempt to login the user.
*
* <p>Param: stmt - Statement object to run select.
*
* <p>Return: True if the credentials are correct.
*
* <p>schwehr 20100310
*/
private static boolean login(Statement stmt) {
String pass;
System.out.print("E-mail: ");
Main.user = Keyboard.in.readString();
System.out.print("Password: "******"select email, pwd from users where email ='%s' and pwd ='%s'", Main.user, pass);
ResultSet rset = stmt.executeQuery(query);
// There should only be one record found if the credentials are valid..
rset.last();
if (rset.getRow() == 1) {
return true;
}
} catch (SQLException ex) {
System.err.println("SQLException: " + ex.getMessage());
}
return false;
}
public int[] getAd() {
int i = 0;
int j = 0;
int[] ans = null;
String str = "SELECT * FROM ad ORDER BY id";
try {
row = stm.executeQuery(str);
row.last();
i = row.getRow();
row.first();
ans = new int[i + 1];
if (i > 0) {
ans[0] = i;
do {
j++;
ans[j] = Integer.parseInt(row.getString("priority"));
} while (row.next());
} else {
ans[0] = 0;
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ans;
}
public ArrayList find(int theBegin, int theEnd) throws SQLException {
ArrayList list = new ArrayList();
String sql =
"select NODE_LINK_ID, NAME, DESCRIPTION, LINK_TYPE, TEMPLATE_ID, CURRENT_NODE_ID, NEXT_NODE_ID, EXECUTOR_RELATION, EXECUTORS_METHOD, NUMBER_OR_PERCENT, PASS_VALUE, EXPRESSION, DEFAULT_PATH, ACTION_NAME from WF_LINK";
PreparedStatement st = null;
ResultSet rs = null;
Connection conn = null;
try {
conn = ConnectionFactory.getConnection();
st = conn.prepareStatement(sql);
if (theEnd > 0) st.setFetchSize(theEnd);
rs = st.executeQuery();
if (theBegin > 1) rs.absolute(theBegin - 1);
while (rs.next()) {
list.add(parseResultSet(rs));
if (rs.getRow() == theEnd) break;
}
} catch (SQLException e) {
e.printStackTrace();
throw new SQLException(e.getMessage());
} finally {
DBHelper.closeConnection(conn, st, rs);
}
return list;
}
public String[] getVideo() {
int i = 0;
int j = 0;
String[] ans = null;
String str = "SELECT * FROM video ORDER BY id";
try {
row = stm.executeQuery(str);
row.last();
i = row.getRow();
row.first();
ans = new String[i + 1];
if (i > 0) {
ans[0] = Integer.toString(i);
do {
j++;
ans[j] = row.getString("name");
} while (row.next());
} else {
ans[0] = "0";
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ans;
}
public static Show[] getShows() {
Logger.log("Database.getShows", CALL_FLAG);
Show[] shows = new Show[0];
try {
Hall[] halls = getHalls();
Movie[] movies = getMovies();
Timestamp time;
Hall hall;
Movie movie;
int ID;
ResultSet rs = query("SELECT COUNT(*) FROM forestillinger");
rs.next();
shows = new Show[rs.getInt("COUNT(*)")];
rs = query("SELECT * FROM forestillinger ORDER BY tid ASC");
while (rs.next()) {
hall = halls[rs.getInt("sal_id") - 1];
movie = movies[rs.getInt("film_id") - 1];
time = rs.getTimestamp("tid");
ID = rs.getInt("forestilling_id");
shows[rs.getRow() - 1] = new Show(hall, movie, time, ID);
}
} catch (Exception exception) {
Logger.log(exception, "Database:getShows");
}
Logger.log("Database.getShows", FINISHED_FLAG);
return shows;
}
public ArrayList getFollowedLinkList(int theBegin, int theEnd, int templateId, int currentNodeId)
throws SQLException {
ArrayList list = new ArrayList();
String sql = "select * from wf_link where template_id = ? and current_node_id = ?";
PreparedStatement st = null;
ResultSet rs = null;
Connection conn = null;
try {
conn = ConnectionFactory.getConnection();
st = conn.prepareStatement(sql);
if (theEnd > 0) st.setFetchSize(theEnd);
st.setInt(1, templateId);
st.setInt(2, currentNodeId);
rs = st.executeQuery();
if (theBegin > 1) rs.absolute(theBegin - 1);
while (rs.next()) {
list.add(parseResultSet(rs));
if (rs.getRow() == theEnd) break;
}
} catch (SQLException e) {
e.printStackTrace();
throw new SQLException(e.getMessage());
} finally {
DBHelper.closeConnection(conn, st, rs);
}
return list;
}
@Override
public String getScanListingOfAllMessages() {
StringBuilder scanListing = new StringBuilder();
String query = "SELECT txMailContent FROM m_Mail WHERE iMaildropID=" + seissionUserID;
try (Statement statement = conn.createStatement()) {
ResultSet rs = statement.executeQuery(query);
int numberOfMails = getNumberOfMailsInMaildrop();
while (rs.next()) {
int messageNumber = rs.getRow();
int sizeInOctets = getNumberOfOctetsInString(rs.getString("txMailContent"));
if (messageNumber == numberOfMails) {
// For Nice Formatting
scanListing.append(messageNumber + " " + sizeInOctets);
} else {
scanListing.append(messageNumber + " " + sizeInOctets + "\n");
}
}
} catch (SQLException e) {
printSQLException(e);
}
return scanListing.toString();
}
public int[] searchVideo(String key) {
int i = 0;
int j = 0;
int[] ans = null;
String str = "SELECT * FROM video WHERE name LIKE '%" + key + "%'";
try {
row = stm.executeQuery(str);
row.last();
i = row.getRow();
row.first();
if (i == 0) {
ans = new int[1];
} else {
ans = new int[i];
}
if (i > 0) {
do {
ans[j] = Integer.parseInt(row.getString("id"));
j++;
} while (row.next());
} else {
ans[0] = 0;
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ans;
}
public static boolean isMyResultSetEmpty(ResultSet rs) throws SQLException {
if (!rs.isBeforeFirst() && rs.getRow() == 0) {
return true;
} else return false;
}
@Override
public String getUniqueIDListingOfAllMessages() {
StringBuilder uidlListing = new StringBuilder();
String query = "SELECT iMailID, vchUIDL FROM m_Mail WHERE iMaildropID=" + seissionUserID;
try (Statement statement = conn.createStatement()) {
ResultSet rs = statement.executeQuery(query);
int numberOfMails = getNumberOfMailsInMaildrop();
while (rs.next()) {
int messageNumber = rs.getRow();
String uidl = rs.getString("vchUIDL");
if (messageNumber == numberOfMails) {
// For Nice Formatting
uidlListing.append(messageNumber + " " + uidl);
} else {
uidlListing.append(messageNumber + " " + uidl + "\n");
}
}
} catch (SQLException e) {
printSQLException(e);
}
return uidlListing.toString();
}
public static Customer[] getCustomers() {
Logger.log("Database.getCustomers", CALL_FLAG);
Customer[] customers = new Customer[0];
try {
String name;
String phoneNumber;
int id;
ResultSet rs = query("SELECT COUNT(*) FROM kunder");
rs.next();
customers = new Customer[rs.getInt("COUNT(*)")];
rs.next();
rs = query("SELECT * FROM kunder");
while (rs.next()) {
name = rs.getString("navn");
phoneNumber = rs.getString("telefon");
id = rs.getInt("kunde_id");
customers[rs.getRow() - 1] = new Customer(name, phoneNumber, id);
}
} catch (SQLException exception) {
Logger.log(exception, "Database:getCustomers");
}
Logger.log("Database.getCustomer Finised", FINISHED_FLAG);
return customers;
}
protected List<PingData> readAll(Connection connection, String clustername) throws SQLException {
PreparedStatement ps = connection.prepareStatement(select_all_pingdata_sql);
try {
ps.setString(1, clustername);
ResultSet resultSet = ps.executeQuery();
ArrayList<PingData> results = new ArrayList<PingData>();
while (resultSet.next()) {
byte[] bytes = resultSet.getBytes(1);
PingData pingData = null;
try {
pingData = deserialize(bytes);
results.add(pingData);
} catch (Exception e) {
int row = resultSet.getRow();
log.error(
"%s: failed deserializing row %d: %s; removing it from the table",
local_addr, row, e);
try {
resultSet.deleteRow();
} catch (Throwable t) {
log.error(
"%s: failed removing row %d: %s; please delete it manually", local_addr, row, e);
}
}
}
return results;
} finally {
ps.close();
}
}
private void Baru() {
btnSave.setText("Save");
txtNip.requestFocus();
txtNip.setText("");
try {
Class.forName(KoneksiDatabase.driver);
java.sql.Connection c =
DriverManager.getConnection(
KoneksiDatabase.database, KoneksiDatabase.user, KoneksiDatabase.pass);
Statement s = c.createStatement();
String sql = "select * from absensi_lembur";
ResultSet rs = s.executeQuery(sql);
final String[] headers = {
"Kd Absen",
"NIP",
"Tgl Absen",
"Masuk",
"Pulang",
"Hari",
"Tipe Hari",
"Terlambat",
"Lembur",
"Tipe Lembur",
"Tot Lembur",
"Tunj Makan",
"Tunj Transport"
};
rs.last();
int n = rs.getRow();
Object[][] data = new Object[n][13];
int p = 0;
rs.beforeFirst();
while (rs.next()) {
data[p][0] = rs.getString(1);
data[p][1] = rs.getString(2);
data[p][2] = rs.getString(3);
data[p][3] = rs.getString(4);
data[p][4] = rs.getString(5);
data[p][5] = rs.getString(6);
data[p][6] = rs.getString(7);
data[p][7] = rs.getString(8);
data[p][8] = rs.getString(9);
data[p][9] = rs.getString(10);
data[p][10] = rs.getString(11);
data[p][11] = rs.getString(12);
data[p][12] = rs.getString(13);
p++;
}
tblLembur.setModel(new DefaultTableModel(data, headers));
tblLembur.setAlignmentX(CENTER_ALIGNMENT);
} catch (Exception e) {
JOptionPane.showMessageDialog(
null, "Gagal Koneksi, Ada Kesalahan.", "Warning", JOptionPane.WARNING_MESSAGE);
}
}
public CFInternetTopDomainBuff readBuffByNameIdx(
CFSecurityAuthorization Authorization, long TenantId, long TldId, String Name) {
final String S_ProcName = "readBuffByNameIdx";
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
final String sql =
"CALL sp_read_tdomdef_by_nameidx( ?, ?, ?, ?, ?"
+ ", "
+ "?"
+ ", "
+ "?"
+ ", "
+ "?"
+ " )";
if (stmtReadBuffByNameIdx == null) {
stmtReadBuffByNameIdx = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtReadBuffByNameIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByNameIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtReadBuffByNameIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtReadBuffByNameIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByNameIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtReadBuffByNameIdx.setLong(argIdx++, TenantId);
stmtReadBuffByNameIdx.setLong(argIdx++, TldId);
stmtReadBuffByNameIdx.setString(argIdx++, Name);
resultSet = stmtReadBuffByNameIdx.executeQuery();
if (resultSet.next()) {
CFInternetTopDomainBuff buff = unpackTopDomainResultSetToBuff(resultSet);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
return (buff);
} else {
return (null);
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
/* goodB2G1() - use badsource and goodsink by changing second IO.staticTrue to IO.staticFalse */
private void goodB2G1() throws Throwable {
String data;
if (IO.staticTrue) {
/* get environment variable ADD */
/* POTENTIAL FLAW: Read data from an environment variable */
data = System.getenv("ADD");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (IO.staticFalse) {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
IO.writeLine("Benign, fixed string");
} else {
Connection dbConnection = null;
PreparedStatement sqlStatement = null;
ResultSet resultSet = null;
try {
/* FIX: Use prepared statement and executeQuery (properly) */
dbConnection = IO.getDBConnection();
sqlStatement = dbConnection.prepareStatement("select * from users where name=?");
sqlStatement.setString(1, data);
resultSet = sqlStatement.executeQuery();
IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (sqlStatement != null) {
sqlStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing PreparedStatement", exceptSql);
}
try {
if (dbConnection != null) {
dbConnection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
}
public CFCrmContactTagBuff readBuff(
CFSecurityAuthorization Authorization, CFCrmContactTagPKey PKey) {
final String S_ProcName = "readBuff";
if (!schema.isTransactionOpen()) {
throw CFLib.getDefaultExceptionFactory()
.newUsageException(getClass(), S_ProcName, "Transaction not open");
}
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
long TenantId = PKey.getRequiredTenantId();
long ContactId = PKey.getRequiredContactId();
long TagId = PKey.getRequiredTagId();
String sql =
"{ call sp_read_ctc_tag( ?, ?, ?, ?, ?" + ", " + "?" + ", " + "?" + ", " + "?" + " ) }";
if (stmtReadBuffByPKey == null) {
stmtReadBuffByPKey = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtReadBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtReadBuffByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtReadBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtReadBuffByPKey.setLong(argIdx++, TenantId);
stmtReadBuffByPKey.setLong(argIdx++, ContactId);
stmtReadBuffByPKey.setLong(argIdx++, TagId);
resultSet = stmtReadBuffByPKey.executeQuery();
if ((resultSet != null) && resultSet.next()) {
CFCrmContactTagBuff buff = unpackContactTagResultSetToBuff(resultSet);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
return (buff);
} else {
return (null);
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
/**
* Check whether an image exists into the database
*
* @param imageString the path to the image (take care this has to be a path as recorded in the
* database)
* @return true if the image exists
*/
public boolean imageExists(String imageString) throws ClassNotFoundException, SQLException {
String query = "SELECT * FROM minute WHERE `image-path`='" + imageString + "'";
Statement st = this.connection.createStatement();
// execute the query, and get a java resultset
ResultSet rs = st.executeQuery(query);
if (rs.getRow() == 0) return false;
else return true;
}
/*
* Execute query against a list of sensors
*
* */
public static String executeQuery(
String envelope, String query, String matchingSensors, String format) throws ParseException {
// String matchingSensors = getListOfSensorsAsString(envelope);
String reformattedQuery = reformatQuery(query, matchingSensors);
StringBuilder sb = new StringBuilder();
Connection connection = null;
try {
connection = Main.getDefaultStorage().getConnection();
Statement statement =
connection.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
ResultSet results = statement.executeQuery(reformattedQuery);
ResultSetMetaData metaData; // Additional information about the results
int numCols, numRows; // How many rows and columns in the table
metaData = results.getMetaData(); // Get metadata on them
numCols = metaData.getColumnCount(); // How many columns?
results.last(); // Move to last row
numRows = results.getRow(); // How many rows?
String s;
// System.out.println("* Executing query *\n" + reformattedQuery + "\n***");
// headers
// sb.append("# Query: " + query + NEWLINE);
sb.append("# Query: " + reformattedQuery.replaceAll("\n", "\n# ") + NEWLINE);
sb.append("# ");
// System.out.println("ncols: " + numCols);
// System.out.println("nrows: " + numRows);
for (int col = 0; col < numCols; col++) {
sb.append(metaData.getColumnLabel(col + 1));
if (col < numCols - 1) sb.append(SEPARATOR);
}
sb.append(NEWLINE);
for (int row = 0; row < numRows; row++) {
results.absolute(row + 1); // Go to the specified row
for (int col = 0; col < numCols; col++) {
Object o = results.getObject(col + 1); // Get value of the column
// logger.warn(row + " , "+col+" : "+ o.toString());
if (o == null) s = "null";
else s = o.toString();
if (col < numCols - 1) sb.append(s).append(SEPARATOR);
else sb.append(s);
}
sb.append(NEWLINE);
}
} catch (SQLException e) {
sb.append("ERROR in execution of query: " + e.getMessage());
} finally {
Main.getDefaultStorage().close(connection);
}
return sb.toString();
}
public void deleteTopDomain(CFSecurityAuthorization Authorization, CFInternetTopDomainBuff Buff) {
final String S_ProcName = "deleteTopDomain";
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
long TenantId = Buff.getRequiredTenantId();
long Id = Buff.getRequiredId();
final String sql =
"CALL sp_delete_tdomdef( ?, ?, ?, ?, ?" + ", " + "?" + ", " + "?" + ", " + "?" + " )";
if (stmtDeleteByPKey == null) {
stmtDeleteByPKey = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtDeleteByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtDeleteByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtDeleteByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtDeleteByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtDeleteByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtDeleteByPKey.setLong(argIdx++, TenantId);
stmtDeleteByPKey.setLong(argIdx++, Id);
stmtDeleteByPKey.setInt(argIdx++, Buff.getRequiredRevision());
;
resultSet = stmtDeleteByPKey.executeQuery();
if (resultSet.next()) {
int deleteFlag = resultSet.getInt(1);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
} else {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Expected 1 record result set to be returned by delete, not 0 rows");
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
public void connectItems(String query)
// PRE: query must be initialized
// POST: Updates the list of Items based on the query.
{
String driver = "org.apache.derby.jdbc.ClientDriver"; // Driver for DB
String url = "jdbc:derby://localhost:1527/ShopDataBase"; // Url for DB
String user = "******"; // Username for db
String pass = "******"; // Password for db
Connection myConnection; // Connection obj to db
Statement stmt; // Statement to execute a result appon
ResultSet results; // A set containing the returned results
int rowcount; // Num objects in the resultSet
int i; // Index for the array
try { // Try connection to db
Class.forName(driver).newInstance(); // Create our db driver
myConnection = DriverManager.getConnection(url, user, pass); // Initalize our connection
stmt =
myConnection.createStatement(
ResultSet.TYPE_SCROLL_INSENSITIVE,
ResultSet.CONCUR_UPDATABLE); // Create a new statement
results = stmt.executeQuery(query); // Store the results of our query
rowcount = 0;
if (results.last()) // Go to the last result
{
rowcount = results.getRow();
results.beforeFirst();
}
itemsArray = new Item[rowcount];
i = 0;
while (results.next()) // Itterate through the results set
{
itemsArray[i] =
new Item(
results.getInt("item_id"),
results.getString("item_name"),
results.getString("item_type"),
results.getInt("price"),
results.getInt("owner_id"),
results.getString("item_path")); // Creat new Item
i++;
}
results.close(); // Close the ResultSet
stmt.close(); // Close the statement
myConnection.close(); // Close the connection to db
} catch (Exception e) // Cannot connect to db
{
System.err.println(e.toString());
System.err.println("Error, something went horribly wrong in connectItems!");
}
}
public void deleteURLProtocolByIsSecureIdx(
CFSecurityAuthorization Authorization, boolean argIsSecure) {
final String S_ProcName = "deleteURLProtocolByIsSecureIdx";
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
final String sql =
"CALL sp_delete_urlproto_by_issecureidx( ?, ?, ?, ?, ?" + ", " + "?" + " )";
if (stmtDeleteByIsSecureIdx == null) {
stmtDeleteByIsSecureIdx = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtDeleteByIsSecureIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtDeleteByIsSecureIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtDeleteByIsSecureIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtDeleteByIsSecureIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtDeleteByIsSecureIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
if (argIsSecure) {
stmtDeleteByIsSecureIdx.setString(argIdx++, "Y");
} else {
stmtDeleteByIsSecureIdx.setString(argIdx++, "N");
}
resultSet = stmtDeleteByIsSecureIdx.executeQuery();
if (resultSet.next()) {
int deleteFlag = resultSet.getInt(1);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
} else {
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Expected 1 record result set to be returned by delete, not 0 rows");
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
public CFSecurityISOCountryCurrencyBuff lockBuff(
CFSecurityAuthorization Authorization, CFSecurityISOCountryCurrencyPKey PKey) {
final String S_ProcName = "lockBuff";
if (!schema.isTransactionOpen()) {
throw CFLib.getDefaultExceptionFactory()
.newUsageException(getClass(), S_ProcName, "Transaction not open");
}
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
short ISOCountryId = PKey.getRequiredISOCountryId();
short ISOCurrencyId = PKey.getRequiredISOCurrencyId();
final String sql =
"CALL sp_lock_iso_cntryccy( ?, ?, ?, ?, ?" + ", " + "?" + ", " + "?" + " )";
if (stmtLockBuffByPKey == null) {
stmtLockBuffByPKey = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtLockBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtLockBuffByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtLockBuffByPKey.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtLockBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtLockBuffByPKey.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtLockBuffByPKey.setShort(argIdx++, ISOCountryId);
stmtLockBuffByPKey.setShort(argIdx++, ISOCurrencyId);
resultSet = stmtLockBuffByPKey.executeQuery();
if (resultSet.next()) {
CFSecurityISOCountryCurrencyBuff buff = unpackISOCountryCurrencyResultSetToBuff(resultSet);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
return (buff);
} else {
return (null);
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
/* goodG2B() - use goodsource and badsink */
private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String dataCopy;
{
String data;
/* FIX: Use a hardcoded string */
data = "foo";
dataCopy = data;
}
{
String data = dataCopy;
Connection dbConnection = null;
Statement sqlStatement = null;
ResultSet resultSet = null;
try {
dbConnection = IO.getDBConnection();
sqlStatement = dbConnection.createStatement();
/* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");
IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (sqlStatement != null) {
sqlStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
}
try {
if (dbConnection != null) {
dbConnection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
}
public void bad() throws Throwable {
String data;
if (IO.staticTrue) {
/* get environment variable ADD */
/* POTENTIAL FLAW: Read data from an environment variable */
data = System.getenv("ADD");
} else {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
}
if (IO.staticTrue) {
Connection dbConnection = null;
Statement sqlStatement = null;
ResultSet resultSet = null;
try {
dbConnection = IO.getDBConnection();
sqlStatement = dbConnection.createStatement();
/* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");
IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (sqlStatement != null) {
sqlStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
}
try {
if (dbConnection != null) {
dbConnection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
}
/* goodG2B1() - use goodsource and badsink by changing first IO.STATIC_FINAL_FIVE==5 to IO.STATIC_FINAL_FIVE!=5 */
private void goodG2B1() throws Throwable {
String data;
if (IO.STATIC_FINAL_FIVE != 5) {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
} else {
/* FIX: Use a hardcoded string */
data = "foo";
}
if (IO.STATIC_FINAL_FIVE == 5) {
Connection dbConnection = null;
Statement sqlStatement = null;
ResultSet resultSet = null;
try {
dbConnection = IO.getDBConnection();
sqlStatement = dbConnection.createStatement();
/* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");
IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (sqlStatement != null) {
sqlStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
}
try {
if (dbConnection != null) {
dbConnection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
}
public CFSecurityHostNodeBuff readBuffByUDescrIdx(
CFSecurityAuthorization Authorization, long ClusterId, String Description) {
final String S_ProcName = "readBuffByUDescrIdx";
ResultSet resultSet = null;
try {
Connection cnx = schema.getCnx();
String sql =
"{ call sp_read_hostnode_by_udescridx( ?, ?, ?, ?, ?" + ", " + "?" + ", " + "?" + " ) }";
if (stmtReadBuffByUDescrIdx == null) {
stmtReadBuffByUDescrIdx = cnx.prepareStatement(sql);
}
int argIdx = 1;
stmtReadBuffByUDescrIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByUDescrIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecUserId().toString());
stmtReadBuffByUDescrIdx.setString(
argIdx++, (Authorization == null) ? "" : Authorization.getSecSessionId().toString());
stmtReadBuffByUDescrIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecClusterId());
stmtReadBuffByUDescrIdx.setLong(
argIdx++, (Authorization == null) ? 0 : Authorization.getSecTenantId());
stmtReadBuffByUDescrIdx.setLong(argIdx++, ClusterId);
stmtReadBuffByUDescrIdx.setString(argIdx++, Description);
resultSet = stmtReadBuffByUDescrIdx.executeQuery();
if ((resultSet != null) && resultSet.next()) {
CFSecurityHostNodeBuff buff = unpackHostNodeResultSetToBuff(resultSet);
if (resultSet.next()) {
resultSet.last();
throw CFLib.getDefaultExceptionFactory()
.newRuntimeException(
getClass(),
S_ProcName,
"Did not expect multi-record response, " + resultSet.getRow() + " rows selected");
}
return (buff);
} else {
return (null);
}
} catch (SQLException e) {
throw CFLib.getDefaultExceptionFactory().newDbException(getClass(), S_ProcName, e);
} finally {
if (resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
}
resultSet = null;
}
}
}
private int getRowCount(ResultSet rs) {
int count = 0;
try {
rs.absolute(-1);
count = rs.getRow();
rs.beforeFirst();
} catch (SQLException e) {
printSQLException(e);
}
return count;
}
public void readData() {
try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con =
DriverManager.getConnection(
"jdbc:odbc:Driver={Microsoft Excel Driver (*.xls)};DBQ=" + filep);
stmnt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
rst = con.getMetaData().getTables(null, null, "%", null);
rst.next();
String SheetName = rst.getString(3);
String query = "Select distinct * from [" + SheetName + "]";
rs = stmnt.executeQuery(query);
if (rs != null) {
rs.last();
RowCount = rs.getRow();
rs.beforeFirst();
// stmnt.close();
rst.close();
if (RowCount > 0) {
registno = new String[RowCount];
name = new String[RowCount];
kdno = new int[RowCount];
kcno = new double[RowCount];
ccno = new double[RowCount];
seat = new double[RowCount];
i = 0;
while (rs.next() && (rs.getString(1) != null)) {
// rs.next();
i++;
try {
registno[i] = rs.getString(1);
name[i] = rs.getString(2);
kdno[i] = Integer.parseInt(rs.getString(3));
kcno[i] = Double.parseDouble(rs.getString(4));
ccno[i] = Double.parseDouble(rs.getString(5));
seat[i] = Double.parseDouble(rs.getString(6));
System.out.println(i);
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
rs.close();
con.close();
} catch (Exception e) {
// System.out.println("fail to get student connection");
}
}
/* goodB2G1() - use badsource and goodsink by setting the static variable to false instead of true */
public void goodB2G1Sink(String data) throws Throwable {
if (CWE89_SQL_Injection__connect_tcp_executeQuery_22a.goodB2G1PublicStatic) {
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run
* but ensure data is inititialized before the Sink to avoid compiler errors */
data = null;
} else {
Connection dbConnection = null;
PreparedStatement sqlStatement = null;
ResultSet resultSet = null;
try {
/* FIX: Use prepared statement and executeQuery (properly) */
dbConnection = IO.getDBConnection();
sqlStatement = dbConnection.prepareStatement("select * from users where name=?");
sqlStatement.setString(1, data);
resultSet = sqlStatement.executeQuery();
IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
}
try {
if (sqlStatement != null) {
sqlStatement.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing PreparedStatement", exceptSql);
}
try {
if (dbConnection != null) {
dbConnection.close();
}
} catch (SQLException exceptSql) {
IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
}
}
}
}
