/**
* 根据条件查询站内信(管理员与用户,用户与用户)
*
* @throws SQLException
* @throws DataException
*/
public void queryMailByCondition(
PageBean pageBean, Integer mailType, String sender, String beginTime, String endTime)
throws SQLException, DataException {
Connection conn = connectionManager.getConnection();
StringBuffer condition = new StringBuffer("and backgroundStatus!=2 ");
if (mailType != null) {
condition.append("and mailType=");
condition.append(mailType);
}
if (StringUtils.isNotBlank(sender)) {
condition.append(" and sender LIKE '%");
condition.append(StringEscapeUtils.escapeSql(sender));
condition.append("%'");
}
if (StringUtils.isNotBlank(beginTime)) {
condition.append(" and sendTime >= '");
condition.append(StringEscapeUtils.escapeSql(beginTime));
condition.append("'");
}
if (StringUtils.isNotBlank(endTime)) {
condition.append(" and sendTime <= '");
condition.append(StringEscapeUtils.escapeSql(endTime));
condition.append("'");
}
try {
dataPage(conn, pageBean, "t_mail", "*", " order by sendTime desc ", condition.toString());
} catch (DataException e) {
log.error(e);
e.printStackTrace();
} finally {
conn.close();
}
}
@Override
public boolean onCommand(
final CommandSender sender, final Command cmd, final String label, final String args[]) {
if (cmd.getName().equalsIgnoreCase("punish")) {
if (args.length < 2) {
sender.sendMessage(ChatColor.RED + "Not enough parameters!");
sender.sendMessage(ChatColor.RED + "Usage: /punish [@]<player> <reason>");
} else {
Boolean pOffline = false;
String ofpl = "";
if (args[0].startsWith("@")) {
pOffline = true;
StringBuilder sb = new StringBuilder();
sb.append(args[0]);
sb.deleteCharAt(0);
ofpl = sb.toString();
ofpl = StringEscapeUtils.escapeSql(ofpl);
} else if (plugin.getServer().getPlayer(args[0]) == null) {
sender.sendMessage(
args[0] + " is not online! Use /p @<player> to punish offline players!");
return true;
}
ArrayList<String> arguments = new ArrayList<String>();
for (String s : args) {
if (s != args[0]) arguments.add(s);
}
if (pOffline && sender instanceof Player) {
Player player = (Player) sender;
punishOffline(
sender.getName(),
StringEscapeUtils.escapeSql(player.getDisplayName()),
ofpl,
arguments);
} else if (pOffline && sender instanceof ConsoleCommandSender) {
punishOffline("(console)", ChatColor.GOLD + "(console)", ofpl, arguments);
} else if (!pOffline && sender instanceof Player) {
Player player = (Player) sender;
punish(
sender.getName(),
StringEscapeUtils.escapeSql(player.getDisplayName()),
plugin.getServer().getPlayer(args[0]).getName(),
plugin.getServer().getPlayer(args[0]).getDisplayName(),
arguments);
} else if (!pOffline && sender instanceof ConsoleCommandSender) {
punish(
"(console)",
ChatColor.GOLD + "(console)",
plugin.getServer().getPlayer(args[0]).getName(),
plugin.getServer().getPlayer(args[0]).getDisplayName(),
arguments);
}
}
return true;
}
return false;
}
/*
* We're updating a key--make sure it is active as well
*/
public boolean updateKeyValue(String billingNo, String key, String value) {
List<BillingONExt> results =
extDao.findByBillingNoAndKey(Integer.parseInt(billingNo), StringEscapeUtils.escapeSql(key));
for (BillingONExt result : results) {
result.setValue(StringEscapeUtils.escapeSql(value));
result.setStatus('1');
extDao.merge(result);
}
return true;
}
public String execute() {
// cityCode为空,默认为北京
// System.out.println("cityCode:"+cityCode);
if (null == cityCode || "".equals(cityCode.trim())) {
cityCode = "PEK";
}
List<String> hotelList = new ArrayList<String>();
List<Map> hotelListSpring = new ArrayList();
hotelName = StringEscapeUtils.escapeSql(hotelName);
try {
long time1 = System.currentTimeMillis();
hotelList = hotelQueryAjaxDao.autoHotelNameQuery(hotelName, cityCode);
long time2 = System.currentTimeMillis();
// System.out.println("hotelquery.autoQuery用时:"+(time2 - time1));
} catch (Exception e) {
log.error("模糊查询错误", e);
}
// System.out.println("aa:"+hotelList);
// test
// List testList = new ArrayList();
// testList.add("aa");
// testList.add("bb");
// this.setContent(testList);
this.setContent(hotelList);
return SUCCESS;
}
public boolean add3rdBillExt(String billingNo, String demoNo, String key, String value) {
BillingONExt b = new BillingONExt();
b.setBillingNo(Integer.parseInt(billingNo));
b.setDemographicNo(Integer.parseInt(demoNo));
b.setKeyVal(StringEscapeUtils.escapeSql(key));
b.setDateTime(new Date());
b.setStatus(ACTIVE.toCharArray()[0]);
if (value == null && BillingONExtDao.isNumberKey(key)) {
value = "0.00";
}
b.setValue(StringEscapeUtils.escapeSql(value));
extDao.persist(b);
return true;
}
public boolean updateKeyStatus(String billingNo, String key, String status) {
List<BillingONExt> results =
extDao.findByBillingNoAndKey(Integer.parseInt(billingNo), StringEscapeUtils.escapeSql(key));
for (BillingONExt result : results) {
result.setStatus(status.toCharArray()[0]);
extDao.merge(result);
}
return true;
}
private void appendResourceKeyCondition(StringBuilder sb) {
if (StringUtils.isNotBlank(filter.getResourceKey())) {
sb.append(" AND UPPER(p.kee) LIKE '%");
sb.append(
escapePercentAndUnderscrore(
StringEscapeUtils.escapeSql(StringUtils.upperCase(filter.getResourceKey()))));
sb.append("%'");
appendEscapeForSomeDb(sb);
}
}
/**
* 删除充值详细表,可删除多个
*
* @param conn
* @param ids id字符串,用,隔开
* @return
* @throws SQLException
*/
public long deleteRechargeDetail(Connection conn, String ids) throws SQLException {
String idStr = StringEscapeUtils.escapeSql("'" + ids + "'");
String idSQL = "-2";
idStr = idStr.replaceAll("'", "");
String[] array = idStr.split(",");
for (int n = 0; n <= array.length - 1; n++) {
idSQL += "," + array[n];
}
Dao.Tables.t_recharge_detail t_recharge_detail = new Dao().new Tables().new t_recharge_detail();
return t_recharge_detail.delete(conn, " id in(" + idSQL + ")");
}
private static void appendInStatement(List<String> values, StringBuilder to) {
to.append(" (");
for (int i = 0; i < values.size(); i++) {
if (i > 0) {
to.append(",");
}
to.append("'");
to.append(StringEscapeUtils.escapeSql(values.get(i)));
to.append("'");
}
to.append(") ");
}
public void updateRider(String id, String text)
throws SQLException, ClassNotFoundException, InstantiationException, IllegalAccessException {
DB.runQuery(
"UPDATE `riders` SET "
+ "`text`='"
+ StringEscapeUtils.escapeSql(text)
+ "'"
+ " WHERE id = "
+ id
+ ";");
DB.closeCon();
}
public static void generateNewPlayer(Player player) throws SQLException {
Connection c = getConnection();
PreparedStatement statement =
c.prepareStatement(
"INSERT OR IGNORE INTO PLAYERS (UUID, NAME, IP, RANK, NICK, TAG, LOGIN, CHAT, IMPOSTER, BANHAMMER, BUILDER, DOUBLEJUMP, GODMODE, MUTE, FROZEN, CMDBLOCK, LASTLOGIN, CHATLEVEL) VALUES (?, ?, ?, 'Op', 'off&r', 'off&r', '', '', 0, 0, 0, 0, 0, 0, 0, 0, ?, 0)");
statement.setString(1, StringEscapeUtils.escapeSql(player.getUniqueId().toString()));
statement.setString(2, player.getName());
statement.setString(3, player.getAddress().getAddress().getHostAddress());
statement.setLong(4, System.nanoTime());
statement.executeUpdate();
c.commit();
}
// 3rd bill ins. address
public int addOne3rdAddrRecord(Properties val) {
Billing3rdPartyAddress b = new Billing3rdPartyAddress();
b.setAttention(StringEscapeUtils.escapeSql(val.getProperty("attention", "")));
b.setCompanyName(StringEscapeUtils.escapeSql(val.getProperty("company_name", "")));
b.setAddress(StringEscapeUtils.escapeSql(val.getProperty("address", "")));
b.setCity(StringEscapeUtils.escapeSql(val.getProperty("city", "")));
b.setProvince(StringEscapeUtils.escapeSql(val.getProperty("province", "")));
b.setPostalCode(StringEscapeUtils.escapeSql(val.getProperty("postcode", "")));
b.setTelephone(StringEscapeUtils.escapeSql(val.getProperty("telephone", "")));
b.setFax(StringEscapeUtils.escapeSql(val.getProperty("fax", "")));
dao.persist(b);
return b.getId();
}
private void appendResourceNameCondition(StringBuilder sb) {
if (StringUtils.isNotBlank(filter.getResourceName())) {
sb.append(
" AND s.project_id IN (SELECT rindex.resource_id FROM resource_index rindex WHERE rindex.kee LIKE '");
sb.append(
escapePercentAndUnderscrore(
StringEscapeUtils.escapeSql(StringUtils.lowerCase(filter.getResourceName()))));
sb.append("%'");
appendEscapeForSomeDb(sb);
if (!filter.getResourceQualifiers().isEmpty()) {
sb.append(" AND rindex.qualifier IN ");
appendInStatement(filter.getResourceQualifiers(), sb);
}
sb.append(") ");
}
}
public void permaBanOffline(
String punisher, String punisherDisplay, String punished, ArrayList<String> arguments) {
try {
String reason = "";
for (String s : arguments) {
reason += s + " ";
}
long time = System.currentTimeMillis() / 1000L;
UUID UUID = plugin.getServer().getOfflinePlayer(punished).getUniqueId();
plugin.sqlite.insert(
"INSERT INTO punishments (punisher, punished, reason, type, time, expiry, active, server, UUID) VALUES ('"
+ punisher
+ "','"
+ punished
+ "','"
+ StringEscapeUtils.escapeSql(reason)
+ "','ban','"
+ time
+ "','0','1','"
+ Bans.server
+ "','"
+ UUID
+ "');");
for (Player plr : plugin.getServer().getOnlinePlayers()) {
plr.sendMessage(
ChatColor.DARK_AQUA
+ punisherDisplay
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ "Permanent ban"
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.DARK_AQUA
+ punished
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ reason);
}
plugin.addBan(UUID, reason, time, 0);
} catch (SQLException e) {
plugin.getLogger().severe(e.getMessage());
}
}
@SuppressWarnings("unchecked")
public List<PatientLabRouting> findLabNosByDemographic(Integer demographicNo, String[] labTypes) {
StringBuilder sb = new StringBuilder();
for (String t : labTypes) {
sb.append("'" + StringEscapeUtils.escapeSql(t) + "'");
}
String query =
"select x from "
+ modelClass.getName()
+ " x where x.labNo=? and x.labType in ("
+ sb.toString()
+ ")";
Query q = entityManager.createQuery(query);
q.setParameter(1, demographicNo);
return q.getResultList();
}
/**
* It returns the fully qualified query by replacing the expression '{}' with the replacement
* values .
*
* @param queryExpression query expression
* @param replacementValues array of values that would be placed in the query expression. it will
* replace the '{...}' in the query expression with the value
* @return fully qualified the query string . It would be used to query the repository
*/
public static String fillReplacementValues(String queryExpression, String[] replacementValues) {
if (replacementValues != null && hasText(queryExpression)) {
{
for (int i = 0; i < replacementValues.length; i++) {
if (hasText(replacementValues[i])) {
if (replacementValues[i].contains("'") && queryExpression.contains("\'{" + i + "}\'")) {
queryExpression =
replace(
queryExpression,
"{" + i + "}",
StringEscapeUtils.escapeSql(replacementValues[i]));
} else {
queryExpression = replace(queryExpression, "{" + i + "}", replacementValues[i]);
}
}
}
}
}
return queryExpression;
}
@Override
public boolean isAttributeExistCreate(AcademicKPIAttribute academicKPIAttribute) {
boolean returnValue = false;
try {
String sqltmp =
"select count(*) as totalItem from academic_kpi_attribute t where t.name='"
+ StringEscapeUtils.escapeSql(academicKPIAttribute.getName())
+ "' and t.academic_kpi_code="
+ academicKPIAttribute.getAcademicKPICode()
+ " and t.academic_year='"
+ academicKPIAttribute.getAcademicYear()
+ "'";
Long found = this.jdbcTemplate.queryForLong(sqltmp);
if (found != null && found.intValue() > 0) {
returnValue = true;
}
} catch (Exception ex) {
ex.printStackTrace();
}
return returnValue;
}
private String buildCriteria(String criteria, String property, Object value) {
value = StringEscapeUtils.escapeSql(value.toString());
if (value != null) {
if (property.equals("sdvStatus")) {
if (value.equals("complete")) {
criteria += SDVD_STUDY_SUBJECTS;
} else {
criteria += NON_SDVD_STUDY_SUBJECTS;
}
} else {
criteria = criteria + " and ";
criteria =
criteria
+ " UPPER("
+ columnMapping.get(property)
+ ") like UPPER('%"
+ value.toString()
+ "%')"
+ " ";
}
}
return criteria;
}
public static String escapeSql(String originalText) {
if (originalText == null) return "";
return StringEscapeUtils.escapeSql(originalText);
}
public int addOneClaimHeaderRecord(LoggedInInfo loggedInInfo, BillingClaimHeader1Data val) {
BillingONCHeader1 b = new BillingONCHeader1();
b.setHeaderId(0);
b.setTranscId(val.transc_id);
b.setRecId(val.rec_id);
b.setHin(val.hin);
b.setVer(val.ver);
b.setDob(val.dob);
b.setPayProgram(val.pay_program);
b.setPayee(val.payee);
b.setRefNum(val.ref_num);
b.setFaciltyNum(val.facilty_num);
if (val.admission_date.length() > 0)
try {
b.setAdmissionDate(dateformatter.parse(val.admission_date));
} catch (ParseException e) {
/*empty*/
}
b.setRefLabNum(val.ref_lab_num);
b.setManReview(val.man_review);
b.setLocation(val.location);
b.setDemographicNo(Integer.parseInt(val.demographic_no));
b.setProviderNo(val.provider_no);
String apptNo = StringUtils.trimToNull(val.appointment_no);
if (apptNo != null) {
b.setAppointmentNo(Integer.parseInt(val.appointment_no));
} else {
b.setAppointmentNo(null);
}
b.setDemographicName(StringEscapeUtils.escapeSql(val.demographic_name));
b.setSex(val.sex);
b.setProvince(val.province);
if (val.billing_date.length() > 0)
try {
b.setBillingDate(dateformatter.parse(val.billing_date));
} catch (ParseException e) {
/*empty*/
}
if (val.billing_time.length() > 0)
try {
b.setBillingTime(timeFormatter.parse(val.billing_time));
} catch (ParseException e) {
MiscUtils.getLogger().error("Invalid time", e);
}
b.setTotal(new BigDecimal(val.total == null ? "0.00" : val.total));
if (val.paid == null || val.paid.isEmpty()) {
b.setPaid(new BigDecimal("0.00"));
} else {
b.setPaid(new BigDecimal(val.paid));
}
b.setStatus(val.status);
b.setComment(StringEscapeUtils.escapeSql(val.comment));
b.setVisitType(val.visittype);
b.setProviderOhipNo(val.provider_ohip_no);
b.setProviderRmaNo(val.provider_rma_no);
b.setApptProviderNo(val.apptProvider_no);
b.setAsstProviderNo(val.asstProvider_no);
b.setCreator(val.creator);
b.setClinic(val.clinic);
ProgramProvider pp =
programManager2.getCurrentProgramInDomain(
loggedInInfo, loggedInInfo.getLoggedInProviderNo());
if (pp != null) {
b.setProgramNo(pp.getProgramId().intValue());
}
cheaderDao.persist(b);
return b.getId();
}
public void insertRider(String text)
throws SQLException, ClassNotFoundException, InstantiationException, IllegalAccessException {
DB.runQuery(
"INSERT INTO `riders` (`text`) VALUES ('" + StringEscapeUtils.escapeSql(text) + "');");
DB.closeCon();
}
public static String escapeSql(String string) {
return string == null ? null : StringEscapeUtils.escapeSql(string);
}
/**
* Creates a new instance of {@link Function}.
*
* @param function The function.
* @param exp The expression.
*/
public Function(final String function, final Expression exp) {
this.function = StringEscapeUtils.escapeSql(function);
this.exp = exp;
}
public static List<WikiMessage> upgrade070(List<WikiMessage> messages) throws WikiException {
TransactionStatus status = null;
try {
status = DatabaseConnection.startTransaction(getTransactionDefinition());
Connection conn = DatabaseConnection.getConnection();
// add characters_changed column to jam_topic_version
WikiBase.getDataHandler()
.executeUpgradeUpdate("UPGRADE_070_ADD_TOPIC_VERSION_CHARACTERS_CHANGED", conn);
messages.add(
new WikiMessage(
"upgrade.message.db.column.added", "characters_changed", "jam_topic_version"));
// add characters_changed column to jam_recent_change
WikiBase.getDataHandler()
.executeUpgradeUpdate("UPGRADE_070_ADD_RECENT_CHANGE_CHARACTERS_CHANGED", conn);
messages.add(
new WikiMessage(
"upgrade.message.db.column.added", "characters_changed", "jam_recent_change"));
// copy columns from jam_wiki_user_info into jam_wiki_user
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_ADD_USER_EMAIL", conn);
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_UPDATE_USER_EMAIL", conn);
messages.add(new WikiMessage("upgrade.message.db.column.added", "email", "jam_wiki_user"));
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_ADD_USER_EDITOR", conn);
messages.add(new WikiMessage("upgrade.message.db.column.added", "editor", "jam_wiki_user"));
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_ADD_USER_SIGNATURE", conn);
messages.add(
new WikiMessage("upgrade.message.db.column.added", "signature", "jam_wiki_user"));
WikiBase.getDataHandler().executeUpgradeUpdate("STATEMENT_CREATE_USERS_TABLE", conn);
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_INSERT_USERS", conn);
messages.add(new WikiMessage("upgrade.message.db.table.added", "jam_users"));
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_DROP_USER_REMEMBER_KEY", conn);
messages.add(
new WikiMessage("upgrade.message.db.column.dropped", "remember_key", "jam_wiki_user"));
WikiBase.getDataHandler().executeUpgradeUpdate("STATEMENT_CREATE_AUTHORITIES_TABLE", conn);
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_INSERT_AUTHORITIES", conn);
messages.add(new WikiMessage("upgrade.message.db.table.added", "jam_authorities"));
WikiBase.getDataHandler()
.executeUpgradeUpdate("STATEMENT_CREATE_GROUP_AUTHORITIES_TABLE", conn);
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_INSERT_GROUP_AUTHORITIES", conn);
messages.add(new WikiMessage("upgrade.message.db.table.added", "jam_group_authorities"));
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_DROP_ROLE_MAP", conn);
messages.add(new WikiMessage("upgrade.message.db.table.dropped", "jam_role_map"));
WikiBase.getDataHandler().executeUpgradeUpdate("STATEMENT_CREATE_GROUP_MEMBERS_TABLE", conn);
// FIXME - avoid hard coding
String sql =
"select group_id from jam_group where group_name = '"
+ WikiGroup.GROUP_REGISTERED_USER
+ "'";
WikiResultSet rs = DatabaseConnection.executeQuery(sql, conn);
int groupId = rs.getInt("group_id");
// FIXME - avoid hard coding
sql = "select username from jam_users ";
rs = DatabaseConnection.executeQuery(sql, conn);
int id = 1;
while (rs.next()) {
// FIXME - avoid hard coding
sql =
"insert into jam_group_members ( "
+ "id, username, group_id "
+ ") values ( "
+ id
+ ", '"
+ StringEscapeUtils.escapeSql(rs.getString("username"))
+ "', "
+ groupId
+ ") ";
DatabaseConnection.executeUpdate(sql, conn);
id++;
}
messages.add(new WikiMessage("upgrade.message.db.table.added", "jam_group_members"));
WikiBase.getDataHandler().executeUpgradeUpdate("UPGRADE_070_DROP_USER_INFO", conn);
messages.add(new WikiMessage("upgrade.message.db.table.dropped", "jam_wiki_user_info"));
} catch (SQLException e) {
DatabaseConnection.rollbackOnException(status, e);
try {
DatabaseConnection.executeUpdate(AnsiQueryHandler.STATEMENT_DROP_GROUP_MEMBERS_TABLE);
} catch (Exception ex) {
}
try {
DatabaseConnection.executeUpdate(AnsiQueryHandler.STATEMENT_DROP_GROUP_AUTHORITIES_TABLE);
} catch (Exception ex) {
}
try {
DatabaseConnection.executeUpdate(AnsiQueryHandler.STATEMENT_DROP_AUTHORITIES_TABLE);
} catch (Exception ex) {
}
try {
DatabaseConnection.executeUpdate(AnsiQueryHandler.STATEMENT_DROP_USERS_TABLE);
} catch (Exception ex) {
}
logger.severe("Database failure during upgrade", e);
throw new WikiException(new WikiMessage("upgrade.error.fatal", e.getMessage()));
}
DatabaseConnection.commit(status);
// for some reason HSQL hangs when populating the characters_changed column. since this step is
// optional just skip it for HSQL.
String dbType = Environment.getValue(Environment.PROP_DB_TYPE);
if (!StringUtils.equals(dbType, DataHandler.DATA_HANDLER_HSQL)) {
try {
// perform a second transaction to populate the new columns. this code is in its own
// transaction since if it fails the upgrade can still be considered successful.
status = DatabaseConnection.startTransaction(getTransactionDefinition());
Connection conn = DatabaseConnection.getConnection();
WikiBase.getDataHandler()
.executeUpgradeUpdate("UPGRADE_070_UPDATE_TOPIC_VERSION_CHARACTERS_CHANGED", conn);
messages.add(
new WikiMessage(
"upgrade.message.db.column.populated", "characters_changed", "jam_topic_version"));
} catch (SQLException e) {
messages.add(new WikiMessage("upgrade.error.nonfatal", e.getMessage()));
// do not throw this error and halt the upgrade process - populating the field
// is not required for existing systems.
logger.warning(
"Failure while populating characters_changed colum in jam_topic_version. See UPGRADE.txt for instructions on how to manually complete this optional step.",
e);
try {
DatabaseConnection.rollbackOnException(status, e);
} catch (Exception ex) {
// ignore
}
status = null; // so we do not try to commit
}
if (status != null) {
DatabaseConnection.commit(status);
}
}
return messages;
}
@SuppressWarnings("unchecked")
public boolean add3rdBillExt(Map<String, String> mVal, int id, Vector vecObj) {
BillingClaimHeader1Data claim1Obj = (BillingClaimHeader1Data) vecObj.get(0);
boolean retval = true;
String[] temp = {
"billTo",
"remitTo",
"total",
"payment",
"discount",
"provider_no",
"gst",
"payDate",
"payMethod"
};
String demoNo = mVal.get("demographic_no");
String dateTime = UtilDateUtilities.getToday("yyyy-MM-dd HH:mm:ss");
mVal.put("payDate", dateTime);
String paymentSumParam = null;
String paymentDateParam = null;
String paymentTypeParam = null;
String provider_no = mVal.get("provider_no");
for (int i = 0; i < temp.length; i++) {
String val = mVal.get(temp[i]);
if ("discount".equals(temp[i])) {
val =
mVal.get(
"total_discount"); // 'refund' stands for write off, here totoal_discount is write
// off
}
if ("payment".equals(temp[i])) {
val = mVal.get("total_payment");
}
BillingONExt billingONExt = new BillingONExt();
billingONExt.setBillingNo(id);
billingONExt.setDemographicNo(Integer.parseInt(demoNo));
billingONExt.setKeyVal(StringEscapeUtils.escapeSql(temp[i]));
billingONExt.setValue(StringEscapeUtils.escapeSql(val));
billingONExt.setDateTime(new Date());
billingONExt.setStatus('1');
extDao.persist(billingONExt);
if (i == 3) paymentSumParam = mVal.get("total_payment"); // total_payment
else if (i == 7) paymentDateParam = mVal.get(temp[i]); // paymentDate
else if (i == 8) paymentTypeParam = mVal.get(temp[i]); // paymentMethod
}
if (paymentSumParam != null) {
BillingONPaymentDao billingONPaymentDao =
(BillingONPaymentDao) SpringUtils.getBean("billingONPaymentDao");
BillingPaymentTypeDao billingPaymentTypeDao =
(BillingPaymentTypeDao) SpringUtils.getBean("billingPaymentTypeDao");
BillingONCHeader1 ch1 = cheaderDao.find(id);
Date paymentDate = null;
try {
paymentDate = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse(paymentDateParam);
} catch (ParseException ex) {
_logger.error("add3rdBillExt wrong date format " + paymentDateParam);
return retval;
}
// allow user to override with the text box added
String paymentDateOverride = mVal.get("payment_date");
if (paymentDateOverride != null && paymentDateOverride.length() > 0) {
try {
paymentDate =
new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse(paymentDateOverride + " 00:00:00");
} catch (ParseException ex) {
_logger.error("add3rdBillExt wrong date format " + paymentDateOverride);
return retval;
}
}
if (paymentTypeParam == null || paymentTypeParam.equals("")) {
paymentTypeParam = "1";
}
BillingPaymentType type = billingPaymentTypeDao.find(Integer.parseInt(paymentTypeParam));
BillingONPayment payment = null;
if (paymentSumParam != null) {
payment = new BillingONPayment();
payment.setTotal_payment(BigDecimal.valueOf(Double.parseDouble(paymentSumParam)));
payment.setTotal_discount(
BigDecimal.valueOf(Double.parseDouble(mVal.get("total_discount"))));
payment.setTotal_refund(new BigDecimal(0));
payment.setPaymentDate(paymentDate);
payment.setBillingOnCheader1(ch1);
payment.setBillingNo(id);
payment.setCreator(claim1Obj.getCreator());
payment.setPaymentTypeId(Integer.parseInt(paymentTypeParam));
// payment.setBillingPaymentType(type);
billingONPaymentDao.persist(payment);
addItemPaymentRecord(
(List) vecObj.get(1),
id,
payment.getId(),
Integer.parseInt(paymentTypeParam),
paymentDate);
addCreate3rdInvoiceTrans(
(BillingClaimHeader1Data) vecObj.get(0),
(List<BillingItemData>) vecObj.get(1),
payment);
}
}
return retval;
}
public static String escapeStringConstant(String pattern) {
return StringEscapeUtils.escapeSql(pattern); // Need to escape double quotes
}
public boolean keyExists(String billingNo, String key) {
List<BillingONExt> results =
extDao.findByBillingNoAndKey(Integer.parseInt(billingNo), StringEscapeUtils.escapeSql(key));
if (results.isEmpty()) return false;
return true;
}
public void punishOffline(
String punisher, String punisherDisplay, String punished, ArrayList<String> arguments) {
String reason = "";
for (String s : arguments) {
reason += s + " ";
}
try {
ResultSet result =
plugin.sqlite.query(
("SELECT * FROM punishments WHERE punished='" + punished + "' AND active=1;"));
Boolean kicked = false;
Boolean banned = false;
while (result.next()) {
String type = result.getString("type");
if (type.equals("ban") || type.equals("tempban")) {
banned = true;
} else if (type.equals("kick")) {
kicked = true;
}
}
long time = System.currentTimeMillis() / 1000L;
long expiry = time + (86400 * 7);
UUID UUID = plugin.getServer().getOfflinePlayer(punished).getUniqueId();
if (banned) {
plugin.sqlite.insert(
"INSERT INTO punishments (punisher, punished, reason, type, time, expiry, active, server, UUID) VALUES ('"
+ punisher
+ "','"
+ punished
+ "','"
+ StringEscapeUtils.escapeSql(reason)
+ "','ban','"
+ time
+ "','0','1','"
+ Bans.server
+ "','"
+ UUID
+ "');");
for (Player plr : plugin.getServer().getOnlinePlayers()) {
plr.sendMessage(
ChatColor.DARK_AQUA
+ punisherDisplay
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ "Permanent ban"
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.DARK_AQUA
+ punished
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ reason);
}
plugin.addBan(UUID, reason, time, 0);
} else if (kicked) {
plugin.sqlite.insert(
"INSERT INTO punishments (punisher, punished, reason, type, time, expiry, active, server, UUID) VALUES ('"
+ punisher
+ "','"
+ punished
+ "','"
+ StringEscapeUtils.escapeSql(reason)
+ "','tempban','"
+ time
+ "','"
+ expiry
+ "','1','"
+ Bans.server
+ "','"
+ UUID
+ "');");
for (Player plr : plugin.getServer().getOnlinePlayers()) {
plr.sendMessage(
ChatColor.DARK_AQUA
+ punisherDisplay
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ "7 day ban"
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.DARK_AQUA
+ punished
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ reason);
}
plugin.addBan(UUID, reason, time, expiry);
} else {
plugin.sqlite.insert(
"INSERT INTO punishments (punisher, punished, reason, type, time, active, server, UUID) VALUES ('"
+ punisher
+ "','"
+ punished
+ "','"
+ StringEscapeUtils.escapeSql(reason)
+ "','kick','"
+ time
+ "','1','"
+ Bans.server
+ "','"
+ UUID
+ "');");
for (Player plr : plugin.getServer().getOnlinePlayers()) {
plr.sendMessage(
punisherDisplay
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ "Kick"
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.DARK_AQUA
+ punished
+ ChatColor.YELLOW
+ " -> "
+ ChatColor.GOLD
+ reason);
}
}
} catch (SQLException e) {
plugin.getLogger().severe(e.getMessage());
}
}
private String quoteString(String s) {
String escaped = StringEscapeUtils.escapeSql(s);
escaped = escaped.replaceAll("\n", "\\\\n");
escaped = escaped.replaceAll("\r", "\\\\r");
return "'" + escaped + "'";
}
