dc is creates a Database Connector object. I'm not sure why there would be two parallel calls as the connection to the database is closed after every call...
On Mar 8, 3:44 pm, Lothar Kimmeringer <[email protected]> wrote: > [email protected] schrieb: > > >Caused by: java.lang.NullPointerException: null > > at com.mysql.jdbc.StatementImpl.executeQuery(StatementImpl.java:1468) > > at > >com.project.server.Management.ServerSQLServiceImpl.selectOrdersBeingPrepared > >(ServerSQLServiceImpl.java:492) > > > Here is the code found at the selectOrdersBeingPrepared method on the > > server > > [...] > > > > > public ServerSQLData selectOrdersBeingPrepared(String message) { > [...] > > dc.openConnection(); > > What is dc? A global variable in the servlet. Then you most likely > will have a problem with two parallel calls of the servlet where > one request interfers with another > > > This is the call from the client to the server: > > > //Get prepare order data > > String ordersBeingPrepared = "Select oi.QuantityOrdered, > > i.itemName, wo.TableNo, wo.timeOrderSentToChef FROM > > catering.orderitem_table oi, catering.wholeorder_table wo, > > catering.menuITems_table mi, catering.items_table i, > > catering.itemcategory_table ic Where wo.WholeOrderID = oi.WholeOrderID > > AND oi.MenuItemID = mi.MenuItemID AND mi.itemID = i.itemID AND > > i.categoryID = ic.categoryID AND ItemType = '" + applicationType + "' > > AND oi.itemStatus = 'Being Prepared'"; > > Cool, the proof that SQL-injection is possible with every web-frame- > work in the word. > > Regards, Lothar --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
