vitalif
/
openesb-components
mirror of https://github.com/vitalif/openesb-components
1
0
Fork 0
Code Issues Releases Wiki Activity

Replace $WHERE only if it is present in SQL

master
Vitaliy Filippov 2015-12-18 11:55:09 +03:00
parent 7d583f1659
commit fd28841b1d
2 changed files with 22 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ojc-core/databasebc/databasebcimpl/src/org/glassfish/openesb/databasebc/InboundMessageProcessor.java
View File

@ -487,25 +487,21 @@ public class InboundMessageProcessor implements Runnable, MessageExchangeReplyLi
mLogger.log(Level.INFO, InboundMessageProcessor.mMessages.getString("DBBC_R00629.OMP_UsedJNDI") + jndiName); mLogger.log(Level.INFO, InboundMessageProcessor.mMessages.getString("DBBC_R00629.OMP_UsedJNDI") + jndiName);
String where = ""; String where = "";
List<String> bind = new ArrayList<String>(); List<String> bind = new ArrayList<String>();
if (mMarkColumnName != null && !mMarkColumnName.equals("")) { if (lSelectSQL.indexOf("$WHERE") >= 0) {
if (mFlagColumnType != null) { if (mMarkColumnName != null && !mMarkColumnName.equals("")) {
where = "("+mMarkColumnName+" != ? OR "+mMarkColumnName+" IS NULL)"; if (mFlagColumnType != null) {
bind.add(mMarkColumnValue); where = "("+mMarkColumnName+" != ? OR "+mMarkColumnName+" IS NULL)";
} else { bind.add(mMarkColumnValue);
final String msg = InboundMessageProcessor.mMessages.getString("DBBC_E00638.IMP_Error_IVALID_ColumnName") + mMarkColumnName; } else {
throw new MessagingException(msg, new NamingException()); final String msg = InboundMessageProcessor.mMessages.getString("DBBC_E00638.IMP_Error_IVALID_ColumnName") + mMarkColumnName;
throw new MessagingException(msg, new NamingException());
}
} }
lSelectSQL = lSelectSQL.replace("$WHERE", where.equals("") ? "1=1" : where);
} }
lSelectSQL = lSelectSQL.replace("$WHERE", where.equals("") ? "1=1" : where);
mLogger.log(Level.INFO, "Executing sql 1. " + lSelectSQL); mLogger.log(Level.INFO, "Executing sql 1. " + lSelectSQL);
PreparedStatement ps = connection.prepareStatement(lSelectSQL); PreparedStatement ps = connection.prepareStatement(lSelectSQL);
ParameterMetaData paramMetaData = ps.getParameterMetaData(); JDBCUtil.bindParamList(ps, bind);
for (int i = 0, l = bind.size(); i < l; i++)
{
int columnType = java.sql.Types.VARCHAR;
try { columnType = paramMetaData.getParameterType(i+1); } catch(Exception e) {}
ps.setObject(i+1, JDBCUtil.convert(bind.get(i), columnType), columnType);
}
rs = ps.executeQuery(); rs = ps.executeQuery();
} }
catch (final SQLException ex) { catch (final SQLException ex) {

11
ojc-core/databasebc/databasebcimpl/src/org/glassfish/openesb/databasebc/JDBCUtil.java
View File

@ -389,6 +389,17 @@ public class JDBCUtil {
return jdbcOps.toString();*/ return jdbcOps.toString();*/
} }
public static void bindParamList(PreparedStatement ps, List<String> params) throws Exception
{
ParameterMetaData meta = ps.getParameterMetaData();
for (int i = 0; i < params.size(); i++)
{
int columnType = java.sql.Types.VARCHAR;
try { columnType = meta.getParameterType(i+1); } catch(Exception e) {}
ps.setObject(i+1, JDBCUtil.convert(params.get(i), columnType), columnType);
}
}
public static void bindParams(PreparedStatement ps, String... params) throws Exception public static void bindParams(PreparedStatement ps, String... params) throws Exception
{ {
ParameterMetaData meta = ps.getParameterMetaData(); ParameterMetaData meta = ps.getParameterMetaData();