Revision 765
Added by bojilova over 23 years ago
| src/edu/ucsb/nceas/metacat/AccessControlList.java | ||
|---|---|---|
| 521 | 521 |
PreparedStatement pstmt; |
| 522 | 522 |
pstmt = conn.prepareStatement( |
| 523 | 523 |
"UPDATE xml_documents SET public_access = ?" + |
| 524 |
" WHERE docid LIKE ?");
|
|
| 524 |
" WHERE docid = ?");
|
|
| 525 | 525 |
// Bind the values to the query |
| 526 | 526 |
if ( publicAcc == null ) {
|
| 527 | 527 |
pstmt.setString(1, null); |
| ... | ... | |
| 550 | 550 |
PreparedStatement pstmt; |
| 551 | 551 |
pstmt = conn.prepareStatement( |
| 552 | 552 |
"SELECT permission FROM xml_access " + |
| 553 |
"WHERE docid LIKE ? " +
|
|
| 554 |
"AND principal_name LIKE ? " +
|
|
| 555 |
"AND perm_order NOT LIKE ?");
|
|
| 553 |
"WHERE docid = ? " +
|
|
| 554 |
"AND principal_name = ? " +
|
|
| 555 |
"AND perm_order NOT = ?");
|
|
| 556 | 556 |
pstmt.setString(1, docid); |
| 557 | 557 |
pstmt.setString(2, principal); |
| 558 | 558 |
pstmt.setString(3, permOrder); |
| ... | ... | |
| 641 | 641 |
try {
|
| 642 | 642 |
pstmt = conn.prepareStatement( |
| 643 | 643 |
"SELECT 'x' FROM xml_documents " + |
| 644 |
"WHERE docid LIKE ? AND public_access = 1");
|
|
| 644 |
"WHERE docid = ? AND public_access = 1");
|
|
| 645 | 645 |
// Bind the values to the query |
| 646 | 646 |
pstmt.setString(1, resourceID); |
| 647 | 647 |
|
| ... | ... | |
| 668 | 668 |
try {
|
| 669 | 669 |
pstmt = conn.prepareStatement( |
| 670 | 670 |
"SELECT 'x' FROM xml_documents " + |
| 671 |
"WHERE docid LIKE ? AND user_owner LIKE ?");
|
|
| 671 |
"WHERE docid = ? AND user_owner = ?");
|
|
| 672 | 672 |
// Bind the values to the query |
| 673 | 673 |
pstmt.setString(1, resourceID); |
| 674 | 674 |
pstmt.setString(2, principal); |
| ... | ... | |
| 697 | 697 |
pstmt = conn.prepareStatement( |
| 698 | 698 |
"SELECT permission, perm_order, ticket_count " + |
| 699 | 699 |
"FROM xml_access " + |
| 700 |
"WHERE docid LIKE ? " +
|
|
| 701 |
"AND principal_name LIKE ? " +
|
|
| 702 |
"AND perm_type LIKE ? " +
|
|
| 700 |
"WHERE docid = ? " +
|
|
| 701 |
"AND principal_name = ? " +
|
|
| 702 |
"AND perm_type = ? " +
|
|
| 703 | 703 |
"AND sysdate BETWEEN nvl(begin_time,sysdate) " + |
| 704 | 704 |
"AND nvl(end_time,sysdate)"); |
| 705 | 705 |
// check if it is "deny" with "allowFirst" first |
| ... | ... | |
| 803 | 803 |
PreparedStatement pstmt; |
| 804 | 804 |
pstmt = conn.prepareStatement( |
| 805 | 805 |
"UPDATE xml_access SET ticket_count = ticket_count - 1 " + |
| 806 |
"WHERE docid LIKE ? " +
|
|
| 807 |
"AND principal_name LIKE ? " +
|
|
| 808 |
"AND permission LIKE ? " +
|
|
| 809 |
"AND perm_type LIKE ? " +
|
|
| 810 |
"AND perm_order LIKE ? " +
|
|
| 806 |
"WHERE docid = ? " +
|
|
| 807 |
"AND principal_name = ? " +
|
|
| 808 |
"AND permission = ? " +
|
|
| 809 |
"AND perm_type = ? " +
|
|
| 810 |
"AND perm_order = ? " +
|
|
| 811 | 811 |
"AND sysdate BETWEEN nvl(begin_time,sysdate) " + |
| 812 | 812 |
"AND nvl(end_time,sysdate)"); |
| 813 | 813 |
// Bind the values to the query |
| ... | ... | |
| 876 | 876 |
"SELECT distinct accessfileid, principal_name, permission, " + |
| 877 | 877 |
"perm_type, perm_order, to_char(begin_time,'mm/dd/yyyy'), " + |
| 878 | 878 |
"to_char(end_time,'mm/dd/yyyy'), ticket_count " + |
| 879 |
"FROM xml_access WHERE docid LIKE ? " +
|
|
| 879 |
"FROM xml_access WHERE docid = ? " +
|
|
| 880 | 880 |
"ORDER BY accessfileid, perm_order, perm_type, permission"); |
| 881 | 881 |
// Bind the values to the query |
| 882 | 882 |
pstmt.setString(1, docid); |
| ... | ... | |
| 1011 | 1011 |
|
| 1012 | 1012 |
PreparedStatement pstmt; |
| 1013 | 1013 |
pstmt = conn.prepareStatement("SELECT 'x' FROM xml_documents " +
|
| 1014 |
"WHERE docid LIKE ? " +
|
|
| 1015 |
"AND user_owner LIKE ?");
|
|
| 1014 |
"WHERE docid = ? " +
|
|
| 1015 |
"AND user_owner = ?");
|
|
| 1016 | 1016 |
pstmt.setString(1, docid); |
| 1017 | 1017 |
pstmt.setString(2, user); |
| 1018 | 1018 |
pstmt.execute(); |
| ... | ... | |
| 1028 | 1028 |
int publicAcc = 0; |
| 1029 | 1029 |
PreparedStatement pstmt; |
| 1030 | 1030 |
pstmt = conn.prepareStatement("SELECT public_access FROM xml_documents " +
|
| 1031 |
"WHERE docid LIKE ?");
|
|
| 1031 |
"WHERE docid = ?");
|
|
| 1032 | 1032 |
pstmt.setString(1, docid); |
| 1033 | 1033 |
pstmt.execute(); |
| 1034 | 1034 |
ResultSet rs = pstmt.getResultSet(); |
| ... | ... | |
| 1047 | 1047 |
PreparedStatement pstmt; |
| 1048 | 1048 |
pstmt = conn.prepareStatement("SELECT system_id FROM xml_catalog " +
|
| 1049 | 1049 |
"WHERE entry_type = 'DTD' " + |
| 1050 |
"AND public_id LIKE ?");
|
|
| 1050 |
"AND public_id = ?");
|
|
| 1051 | 1051 |
pstmt.setString(1, publicID); |
| 1052 | 1052 |
pstmt.execute(); |
| 1053 | 1053 |
ResultSet rs = pstmt.getResultSet(); |
Also available in: Unified diff
changed
SELECT ... WHERE LIKE ? ...
to:
SELECT ... WHERE = ? ...
It should be changed everywhere it is found