Project

General

Profile

Revision 96

Added by Matt Jones over 20 years ago

fixed entity parsing bug

View differences:

src/edu/ucsb/nceas/metacat/ElementNode.java
83 83
      PreparedStatement pstmt;
84 84
      try {
85 85
        pstmt =
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
87
                  "nodename,nodedata FROM xml_nodes WHERE nodeid = ?");
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype,nodename,"+
87
               "replace(" +
88
               "replace(" +
89
               "replace(nodedata,'&','&') " +
90
               ",'<','&lt;') " +
91
               ",'>','&gt;') " +
92
               "FROM xml_nodes WHERE nodeid = ?");
88 93
        // Bind the values to the query
89 94
        pstmt.setLong(1, nodeid);
90 95

  
......
135 140
      try {
136 141
        pstmt =
137 142
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
138
                  "nodename,nodedata FROM xml_nodes WHERE parentnodeid = ?");
143
                  "nodename, " +
144
                  "replace(" +
145
                  "replace(" +
146
                  "replace(nodedata,'&','&amp;')" +
147
                  ",'<','&lt;') " +
148
                  ",'>','&gt;') " +
149
                  "FROM xml_nodes WHERE parentnodeid = ?");
139 150
        // Bind the values to the query
140 151
        pstmt.setLong(1, nodeid);
141 152

  
src/edu/ucsb/nceas/metacat/ReaderElement.java
83 83
      PreparedStatement pstmt;
84 84
      try {
85 85
        pstmt =
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
87
                  "nodename,nodedata FROM xml_nodes WHERE nodeid = ?");
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype,nodename,"+
87
               "replace(" +
88
               "replace(" +
89
               "replace(nodedata,'&','&amp;') " +
90
               ",'<','&lt;') " +
91
               ",'>','&gt;') " +
92
               "FROM xml_nodes WHERE nodeid = ?");
88 93
        // Bind the values to the query
89 94
        pstmt.setLong(1, nodeid);
90 95

  
......
135 140
      try {
136 141
        pstmt =
137 142
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
138
                  "nodename,nodedata FROM xml_nodes WHERE parentnodeid = ?");
143
                  "nodename, " +
144
                  "replace(" +
145
                  "replace(" +
146
                  "replace(nodedata,'&','&amp;')" +
147
                  ",'<','&lt;') " +
148
                  ",'>','&gt;') " +
149
                  "FROM xml_nodes WHERE parentnodeid = ?");
139 150
        // Bind the values to the query
140 151
        pstmt.setLong(1, nodeid);
141 152

  
ReaderElement.java
83 83
      PreparedStatement pstmt;
84 84
      try {
85 85
        pstmt =
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
87
                  "nodename,nodedata FROM xml_nodes WHERE nodeid = ?");
86
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype,nodename,"+
87
               "replace(" +
88
               "replace(" +
89
               "replace(nodedata,'&','&amp;') " +
90
               ",'<','&lt;') " +
91
               ",'>','&gt;') " +
92
               "FROM xml_nodes WHERE nodeid = ?");
88 93
        // Bind the values to the query
89 94
        pstmt.setLong(1, nodeid);
90 95

  
......
135 140
      try {
136 141
        pstmt =
137 142
          conn.prepareStatement("SELECT nodeid,parentnodeid,nodetype, " +
138
                  "nodename,nodedata FROM xml_nodes WHERE parentnodeid = ?");
143
                  "nodename, " +
144
                  "replace(" +
145
                  "replace(" +
146
                  "replace(nodedata,'&','&amp;')" +
147
                  ",'<','&lt;') " +
148
                  ",'>','&gt;') " +
149
                  "FROM xml_nodes WHERE parentnodeid = ?");
139 150
        // Bind the values to the query
140 151
        pstmt.setLong(1, nodeid);
141 152

  

Also available in: Unified diff