Author: tdraier
Date: Thu Sep 27 15:45:09 2007
New Revision: 18695
URL: https://svndev.jahia.net/websvn/listing.php?sc=3D1&rev=3D18695&repname=
=3Djahia
Log:
use prepared statements (JAHIA-2409)
Modified:
branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/admin/database/Dat=
abaseConnection.java
branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/bin/JahiaConfigura=
tionWizard.java
Modified: branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/admin/databa=
se/DatabaseConnection.java
URL: https://svndev.jahia.net/websvn/diff.php?path=3D/branches/JAHIA-5-0-SP=
-BRANCH/core/src/java/org/jahia/admin/database/DatabaseConnection.java&rev=
=3D18695&repname=3Djahia
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/admin/database/Dat=
abaseConnection.java (original)
+++ branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/admin/database/Dat=
abaseConnection.java Thu Sep 27 15:45:09 2007
@@ -283,6 +283,16 @@
theStatement.execute(sqlCode);
} // end query
=
+ public void queryPreparedStatement(String sqlCode, Object[] params)
+ throws Exception {
+ PreparedStatement ps =3D theConnection.prepareStatement(sqlCode);
+ for (int i =3D 0; i < params.length; i++) {
+ Object param =3D params[i];
+ ps.setObject(i+1,params[i]);
+ }
+ ps.execute();
+ } // end query
+
/**
* Close the current database connection. If the connection statement =
do
* not exists, the exception is simply catched. There is no problem ab=
out
Modified: branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/bin/JahiaCon=
figurationWizard.java
URL: https://svndev.jahia.net/websvn/diff.php?path=3D/branches/JAHIA-5-0-SP=
-BRANCH/core/src/java/org/jahia/bin/JahiaConfigurationWizard.java&rev=3D186=
95&repname=3Djahia
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/bin/JahiaConfigura=
tionWizard.java (original)
+++ branches/JAHIA-5-0-SP-BRANCH/core/src/java/org/jahia/bin/JahiaConfigura=
tionWizard.java Thu Sep 27 15:45:09 2007
@@ -1620,74 +1620,31 @@
final String grpKey0 =3D JahiaGroupManagerService.ADMINISTRATORS_G=
ROUPNAME + ":" + siteID0;
=
// query insert root user...
- final StringBuffer sqlRootUser =3D new StringBuffer();
- sqlRootUser.append("INSERT INTO jahia_users(id_jahia_users, name_j=
ahia_users, password_jahia_users, key_jahia_users, siteid_jahia_users) VALU=
ES(0, '");
- sqlRootUser.append(rootName);
- sqlRootUser.append("', '");
- sqlRootUser.append(JahiaUserManagerService.encryptPassword((String=
) values.get("root_pwd")));
- sqlRootUser.append("','");
- sqlRootUser.append(rootKey);
- sqlRootUser.append("', null)");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_users(id_jahia_users,=
name_jahia_users, password_jahia_users, key_jahia_users, siteid_jahia_user=
s) VALUES(0,?,?,?,null)",
+ new Object[] { rootName, JahiaUserManagerService.encryptPa=
ssword((String) values.get("root_pwd")), rootKey } );
=
// query insert root first name...
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_user_prop(id_jahia_users, na=
me_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop, userke=
y_jahia_user_prop) VALUES(0, 'firstname', '");
- sqlRootUser.append(JahiaTools.replacePattern((String) values.get("=
root_firstname"), "'", "''")).append("',");
- sqlRootUser.append("'jahia', '");
- sqlRootUser.append(rootKey);
- sqlRootUser.append("')");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_user_prop(id_jahia_us=
ers, name_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop,=
userkey_jahia_user_prop) VALUES(0, 'firstname', ?, 'jahia',?)",
+ new Object[] { (String) values.get("root_firstname"), root=
Key } );
=
// query insert root last name...
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_user_prop(id_jahia_users, na=
me_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop, userke=
y_jahia_user_prop) VALUES(0, 'lastname', '");
- sqlRootUser.append(JahiaTools.replacePattern((String) values.get("=
root_lastname"), "'", "''"));
- sqlRootUser.append("',");
- sqlRootUser.append("'jahia', '");
- sqlRootUser.append(rootKey);
- sqlRootUser.append("')");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_user_prop(id_jahia_us=
ers, name_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop,=
userkey_jahia_user_prop) VALUES(0, 'lastname', ?, 'jahia',?)",
+ new Object[] { (String) values.get("root_lastname"), rootK=
ey } );
=
// query insert root e-mail address...
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_user_prop(id_jahia_users, na=
me_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop, userke=
y_jahia_user_prop) VALUES(0, 'email', '");
- sqlRootUser.append((String) values.get("root_mail"));
- sqlRootUser.append("',");
- sqlRootUser.append("'jahia', '");
- sqlRootUser.append(rootKey);
- sqlRootUser.append("')");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_user_prop(id_jahia_us=
ers, name_jahia_user_prop, value_jahia_user_prop, provider_jahia_user_prop,=
userkey_jahia_user_prop) VALUES(0, 'email', ?, 'jahia',?)",
+ new Object[] { (String) values.get("root_mail"), rootKey }=
);
=
// query insert administrators group...
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_grps(id_jahia_grps, name_jah=
ia_grps, key_jahia_grps, siteid_jahia_grps) VALUES(");
- sqlRootUser.append(siteID0);
- sqlRootUser.append(", '");
- sqlRootUser.append(JahiaGroupManagerService.ADMINISTRATORS_GROUPNA=
ME);
- sqlRootUser.append("','");
- sqlRootUser.append(grpKey0);
- sqlRootUser.append("', null)");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_grps(id_jahia_grps, n=
ame_jahia_grps, key_jahia_grps, siteid_jahia_grps) VALUES(?,?,?,null)",
+ new Object[] { new Integer(siteID0), JahiaGroupManagerServ=
ice.ADMINISTRATORS_GROUPNAME, grpKey0 } );
=
// query insert administrators group access...
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_grp_access(id_jahia_member, =
id_jahia_grps, membertype_grp_access) VALUES('");
- sqlRootUser.append(rootKey);
- sqlRootUser.append("', '");
- sqlRootUser.append(grpKey0);
- sqlRootUser.append("', 1)");
- db.query(sqlRootUser.toString());
-
- sqlRootUser.delete(0, sqlRootUser.length());
- sqlRootUser.append("INSERT INTO jahia_version(install_number, buil=
d, release_number, install_date) VALUES(0, ");
- sqlRootUser.append(new Integer(JahiaInterface.BUILD_NUMBER));
- sqlRootUser.append(",'");
- sqlRootUser.append(Jahia.RELEASE_NUMBER + "." + Jahia.PATCH_NUMBER=
);
- sqlRootUser.append("',TIMESTAMP '");
- sqlRootUser.append(new Timestamp(System.currentTimeMillis()));
- sqlRootUser.append("')");
- db.query(sqlRootUser.toString());
+ db.queryPreparedStatement("INSERT INTO jahia_grp_access(id_jahia_m=
ember, id_jahia_grps, membertype_grp_access) VALUES(?,?,1)",
+ new Object[] { rootKey,grpKey0 } );
+
+ db.queryPreparedStatement("INSERT INTO jahia_version(install_numbe=
r, build, release_number, install_date) VALUES(0, ?,?,?)",
+ new Object[] { new Integer(JahiaInterface.BUILD_NUMBER), J=
ahia.RELEASE_NUMBER + "." + Jahia.PATCH_NUMBER, new Timestamp(System.curren=
tTimeMillis()) } );
}
// end insertDBCustomContent()
=
_______________________________________________
cvs_list mailing list
[email protected]
http://lists.jahia.org/cgi-bin/mailman/listinfo/cvs_list
