Revision 6606
Added by ben leinfelder over 12 years ago
| Eml200SAXHandler.java | ||
|---|---|---|
| 41 | 41 |
import java.sql.PreparedStatement; |
| 42 | 42 |
import java.sql.ResultSet; |
| 43 | 43 |
import java.sql.SQLException; |
| 44 |
import java.sql.Statement; |
|
| 45 | 44 |
import java.util.Date; |
| 46 | 45 |
import java.util.EmptyStackException; |
| 47 | 46 |
import java.util.Enumeration; |
| ... | ... | |
| 742 | 741 |
.getDBConnection("DBSAXHandler.startElement");
|
| 743 | 742 |
serialNumber = dbConn.getCheckOutSerialNumber(); |
| 744 | 743 |
|
| 745 |
Statement stmt = dbConn.createStatement(); |
|
| 746 |
ResultSet rs = stmt |
|
| 747 |
.executeQuery("SELECT catalog_id FROM xml_catalog "
|
|
| 748 |
+ "WHERE entry_type = 'Schema' " |
|
| 749 |
+ "AND public_id = '" + doctype + "'"); |
|
| 744 |
String sql = "SELECT catalog_id FROM xml_catalog " |
|
| 745 |
+ "WHERE entry_type = 'Schema' " |
|
| 746 |
+ "AND public_id = ?"; |
|
| 747 |
PreparedStatement pstmt = dbConn.prepareStatement(sql); |
|
| 748 |
pstmt.setString(1, doctype); |
|
| 749 |
ResultSet rs = pstmt.executeQuery(); |
|
| 750 | 750 |
boolean hasRow = rs.next(); |
| 751 | 751 |
if (hasRow) {
|
| 752 | 752 |
catalogid = rs.getString(1); |
| 753 | 753 |
} |
| 754 |
stmt.close(); |
|
| 754 |
pstmt.close();
|
|
| 755 | 755 |
//System.out.println("here!!!!!!!!!!!!!!!!!!2");
|
| 756 | 756 |
}//try |
| 757 | 757 |
finally {
|
| ... | ... | |
| 2169 | 2169 |
private void deletePermissionsInAccessTableForDoc(String docid) |
| 2170 | 2170 |
throws SAXException |
| 2171 | 2171 |
{
|
| 2172 |
Statement stmt = null;
|
|
| 2172 |
PreparedStatement pstmt = null;
|
|
| 2173 | 2173 |
try {
|
| 2174 |
String sql = "DELETE FROM xml_access WHERE docid = ?"; |
|
| 2174 | 2175 |
// delete all acl records for resources related to @aclid if any |
| 2175 |
stmt = connection.createStatement(); |
|
| 2176 |
pstmt = connection.prepareStatement(sql); |
|
| 2177 |
pstmt.setString(1, docid); |
|
| 2176 | 2178 |
// Increase DBConnection usage count |
| 2177 | 2179 |
connection.increaseUsageCount(1); |
| 2178 |
stmt.execute("DELETE FROM xml_access WHERE docid = '"
|
|
| 2179 |
+ docid + "'"); |
|
| 2180 |
pstmt.execute(); |
|
| 2180 | 2181 |
|
| 2181 | 2182 |
} catch (SQLException e) {
|
| 2182 | 2183 |
throw new SAXException(e.getMessage()); |
| 2183 | 2184 |
} finally {
|
| 2184 | 2185 |
try {
|
| 2185 |
stmt.close(); |
|
| 2186 |
pstmt.close();
|
|
| 2186 | 2187 |
} catch (SQLException ee) {
|
| 2187 | 2188 |
throw new SAXException(ee.getMessage()); |
| 2188 | 2189 |
} |
| ... | ... | |
| 2192 | 2193 |
/* Delete access rules from xml_access for a subtee id */ |
| 2193 | 2194 |
private void deleteSubtreeAccessRule(String subtreeid) throws SAXException |
| 2194 | 2195 |
{
|
| 2195 |
Statement stmt = null;
|
|
| 2196 |
PreparedStatement pstmt = null;
|
|
| 2196 | 2197 |
try |
| 2197 | 2198 |
{
|
| 2198 |
stmt = connection.createStatement(); |
|
| 2199 |
String sql = |
|
| 2200 |
"DELETE FROM xml_access " + |
|
| 2201 |
"WHERE accessfileid = ? " + |
|
| 2202 |
"AND subtreeid = ?"; |
|
| 2203 |
pstmt = connection.prepareStatement(sql); |
|
| 2204 |
pstmt.setString(1, docid); |
|
| 2205 |
pstmt.setString(2, subtreeid); |
|
| 2199 | 2206 |
// Increase DBConnection usage count |
| 2200 | 2207 |
connection.increaseUsageCount(1); |
| 2201 |
stmt.execute("DELETE FROM xml_access WHERE accessfileid = '"
|
|
| 2202 |
+ docid + "' AND subtreeid ='" + subtreeid +"'"); |
|
| 2208 |
pstmt.execute(); |
|
| 2203 | 2209 |
} |
| 2204 | 2210 |
catch (SQLException e) |
| 2205 | 2211 |
{
|
| ... | ... | |
| 2209 | 2215 |
{
|
| 2210 | 2216 |
try |
| 2211 | 2217 |
{
|
| 2212 |
stmt.close(); |
|
| 2218 |
pstmt.close();
|
|
| 2213 | 2219 |
} |
| 2214 | 2220 |
catch (SQLException ee) |
| 2215 | 2221 |
{
|
| ... | ... | |
| 2221 | 2227 |
|
| 2222 | 2228 |
private void deleteAllInlineDataAccessRules() throws SAXException |
| 2223 | 2229 |
{
|
| 2224 |
Statement stmt = null;
|
|
| 2230 |
PreparedStatement pstmt = null;
|
|
| 2225 | 2231 |
try |
| 2226 | 2232 |
{
|
| 2227 |
stmt = connection.createStatement(); |
|
| 2233 |
String sql = |
|
| 2234 |
"DELETE FROM xml_access " + |
|
| 2235 |
"WHERE accessfileid = ? AND subtreeid IS NOT NULL"; |
|
| 2236 |
pstmt = connection.prepareStatement(sql); |
|
| 2237 |
pstmt.setString(1, docid); |
|
| 2228 | 2238 |
// Increase DBConnection usage count |
| 2229 | 2239 |
connection.increaseUsageCount(1); |
| 2230 |
stmt.execute("DELETE FROM xml_access WHERE accessfileid = '"
|
|
| 2231 |
+ docid + "' AND subtreeid IS NOT NULL"); |
|
| 2240 |
pstmt.execute(); |
|
| 2232 | 2241 |
} |
| 2233 | 2242 |
catch (SQLException e) |
| 2234 | 2243 |
{
|
| ... | ... | |
| 2238 | 2247 |
{
|
| 2239 | 2248 |
try |
| 2240 | 2249 |
{
|
| 2241 |
stmt.close(); |
|
| 2250 |
pstmt.close();
|
|
| 2242 | 2251 |
} |
| 2243 | 2252 |
catch (SQLException ee) |
| 2244 | 2253 |
{
|
| ... | ... | |
| 2349 | 2358 |
/* Delete every access subtree record from xml_accesssubtree. */ |
| 2350 | 2359 |
private void deleteAccessSubTreeRecord(String docId) throws SAXException |
| 2351 | 2360 |
{
|
| 2352 |
Statement stmt = null;
|
|
| 2361 |
PreparedStatement pstmt = null;
|
|
| 2353 | 2362 |
try {
|
| 2363 |
String sql = "DELETE FROM xml_accesssubtree WHERE docid = ?"; |
|
| 2354 | 2364 |
// delete all acl records for resources related to @aclid if any |
| 2355 |
stmt = connection.createStatement(); |
|
| 2365 |
pstmt = connection.prepareStatement(sql); |
|
| 2366 |
pstmt.setString(1, docId); |
|
| 2356 | 2367 |
// Increase DBConnection usage count |
| 2357 | 2368 |
connection.increaseUsageCount(1); |
| 2358 |
logMetacat.debug("running sql: DELETE FROM xml_accesssubtree WHERE docid = '"
|
|
| 2359 |
+ docId + "'"); |
|
| 2360 |
stmt.execute("DELETE FROM xml_accesssubtree WHERE docid = '"
|
|
| 2361 |
+ docId + "'"); |
|
| 2369 |
logMetacat.debug("running sql: " + sql);
|
|
| 2370 |
pstmt.execute(); |
|
| 2362 | 2371 |
|
| 2363 | 2372 |
} catch (SQLException e) {
|
| 2364 | 2373 |
throw new SAXException(e.getMessage()); |
| 2365 | 2374 |
} finally {
|
| 2366 | 2375 |
try {
|
| 2367 |
stmt.close(); |
|
| 2376 |
pstmt.close();
|
|
| 2368 | 2377 |
} catch (SQLException ee) {
|
| 2369 | 2378 |
throw new SAXException(ee.getMessage()); |
| 2370 | 2379 |
} |
Also available in: Unified diff
uses prepared statement instead of plain old statement.
deprecated the DBConnection.createStatement() method to discourage direct parameter value use in favor of parameter binding.
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=5527