From 6bec8a401b5d1c3f43204ff4d4401581d63bf2f6 Mon Sep 17 00:00:00 2001 From: zapata Date: Sat, 14 Dec 2002 01:37:43 +0000 Subject: [PATCH] - circumvented the JDBC ?-bug - made a separate encodeXML function (' is not valid in HTML, but required in XML) --- source/mir/misc/StringUtil.java | 5 +- source/mir/storage/Database.java | 16 +- source/mir/storage/DatabaseAdaptor.java | 200 ++++----- source/mir/storage/DatabaseAdaptorMySQL.java | 142 +++--- source/mir/storage/DatabaseAdaptorPostgresql.java | 142 +++--- source/mir/storage/DatabaseAdaptorSybase.java | 224 +++++----- source/mir/util/GeneratorHTMLFunctions.java | 17 + source/mir/util/HTMLRoutines.java | 34 +- source/mir/util/JDBCStringRoutines.java | 23 + source/mir/util/StringRoutines.java | 30 ++ source/mircoders/module/ModuleContent.java | 5 +- source/mircoders/servlet/ServletModuleComment.java | 3 +- source/mircoders/servlet/ServletModuleContent.java | 4 +- source/mircoders/storage/DatabaseLinksImcs.java | 492 +++++++++++---------- 14 files changed, 695 insertions(+), 642 deletions(-) create mode 100755 source/mir/util/JDBCStringRoutines.java diff --git a/source/mir/misc/StringUtil.java b/source/mir/misc/StringUtil.java index ac553614..85b1bc3f 100755 --- a/source/mir/misc/StringUtil.java +++ b/source/mir/misc/StringUtil.java @@ -40,7 +40,7 @@ import gnu.regexp.*; /** * Statische Hilfsmethoden zur Stringbehandlung * - * @version $Id: StringUtil.java,v 1.29 2002/12/02 12:33:23 zapata Exp $ + * @version $Id: StringUtil.java,v 1.30 2002/12/14 01:37:43 zapata Exp $ * @author mir-coders group * */ @@ -322,6 +322,7 @@ public final class StringUtil { * * @return geqoteter String */ +/* public static String quote(String s) { //String s2 = quote(s, '\''); @@ -341,7 +342,7 @@ public final class StringUtil { s2 = quote(s2, '\"'); return s2; } - +*/ /** * schließt s in ' ein und setzt Backslashes vor * "gefährliche" Zeichen innerhalb des Strings diff --git a/source/mir/storage/Database.java b/source/mir/storage/Database.java index 5dfb5b7f..a40af7b9 100755 --- a/source/mir/storage/Database.java +++ b/source/mir/storage/Database.java @@ -45,6 +45,7 @@ import mir.storage.StorageObject; import mir.storage.store.*; import mir.entity.*; import mir.misc.*; +import mir.util.*; /** @@ -55,7 +56,7 @@ import mir.misc.*; * Treiber, Host, User und Passwort, ueber den der Zugriff auf die * Datenbank erfolgt. * - * @version $Id: Database.java,v 1.26 2002/12/13 17:57:31 zapata Exp $ + * @version $Id: Database.java,v 1.27 2002/12/14 01:37:43 zapata Exp $ * @author rk * */ @@ -703,8 +704,7 @@ public class Database implements StorageObject { } else { if (theEntity.hasValueForField(aField)) { - aValue = "'" + StringUtil.quote((String)theEntity.getValue(aField)) - + "'"; + aValue = "'" + JDBCStringRoutines.escapeStringLiteral((String)theEntity.getValue(aField)) + "'"; } } } @@ -806,7 +806,9 @@ public class Database implements StorageObject { else { firstField = false; } - fv.append(aField).append("='").append(StringUtil.quote((String)theEntity.getValue(aField))).append("'"); + fv.append(aField).append("='").append(JDBCStringRoutines.escapeStringLiteral((String) theEntity.getValue(aField))).append("'"); + +// fv.append(aField).append("='").append(StringUtil.quote((String)theEntity.getValue(aField))).append("'"); } } } @@ -855,9 +857,11 @@ public class Database implements StorageObject { } } pstmt.executeUpdate(); - } catch (SQLException sqe) { + } + catch (SQLException sqe) { throwSQLException(sqe, "update"); - } finally { + } + finally { try { con.setAutoCommit(true); } catch (Exception e) { diff --git a/source/mir/storage/DatabaseAdaptor.java b/source/mir/storage/DatabaseAdaptor.java index d97cc2fe..16d42f0c 100755 --- a/source/mir/storage/DatabaseAdaptor.java +++ b/source/mir/storage/DatabaseAdaptor.java @@ -1,103 +1,97 @@ -/* - * Copyright (C) 2001, 2002 The Mir-coders group - * - * This file is part of Mir. - * - * Mir is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * Mir is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Mir; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * In addition, as a special exception, The Mir-coders gives permission to link - * the code of this program with the com.oreilly.servlet library, any library - * licensed under the Apache Software License, The Sun (tm) Java Advanced - * Imaging library (JAI), The Sun JIMI library (or with modified versions of - * the above that use the same license as the above), and distribute linked - * combinations including the two. You must obey the GNU General Public - * License in all respects for all of the code used other than the above - * mentioned libraries. If you modify this file, you may extend this exception - * to your version of the file, but you are not obligated to do so. If you do - * not wish to do so, delete this exception statement from your version. - */ - -package mir.storage; - -import java.util.*; - - -/** - * Interfacedefinition für Datenbank-Adpatoren. Die Adaptoren legen - * jeweils das Verhalten und die Befehlsmächtigkeit der Datenbank - * fest. - * - * @author - * - * @version $Id: DatabaseAdaptor.java,v 1.2 2002/09/01 22:05:52 mh Exp $ - */ - -public interface DatabaseAdaptor{ - - /* Liefert den Namen der Adaptorklasse - * @return Adaptorklasse als String - */ - public abstract String getDriver (); - - - /** - * Liefert die URL für JDBC zurück, in den die Parameter user, pass und host - * eingefügt werden. Die URL wird aus der Konfiguration geholt. - * - * @param user user als String - * @param pass passwort als String - * @param host host als String - * @return url als String - */ - public abstract String getURL (String user, String pass, String host); - - - /** - * Gibt zurück, ob das SQL der Datenbank den limit-Befehl beherrscht. - * @return true wenn ja, sonst false - */ - public abstract boolean hasLimit (); - - - /** - * Liefert zurück, ob der limit-Befehl erst start und dann offset - * hat (true), oder umgekehrt. Nur Relevant, wenn hasLimit true zurückliefert. - * - * @return true wenn erstes, sonst false - */ - public abstract boolean reverseLimit (); - - - /** - * Liefert ein Properties-Objekt zurueck mit user und password. - * @param user - * @param password - * @return Properties - */ - public abstract Properties getProperties (String user, String password); - - - /** - * Gibt SQL-Stringfragment zurück, mit dem nach einem insert-Befehl ermittelt - * werden kann, wie man den primary-Key des eingefügten Datensatzes bekommt. - * - * @param theDB Database-Objekt, aus dem ggf. noetige Informationen geholt - * werden können, wie z.B. der Tabellenname - * @return SQL-Statement als String - */ - public abstract String getLastInsertSQL (Database theDB); -} - - +/* + * Copyright (C) 2001, 2002 The Mir-coders group + * + * This file is part of Mir. + * + * Mir is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Mir is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Mir; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * In addition, as a special exception, The Mir-coders gives permission to link + * the code of this program with the com.oreilly.servlet library, any library + * licensed under the Apache Software License, The Sun (tm) Java Advanced + * Imaging library (JAI), The Sun JIMI library (or with modified versions of + * the above that use the same license as the above), and distribute linked + * combinations including the two. You must obey the GNU General Public + * License in all respects for all of the code used other than the above + * mentioned libraries. If you modify this file, you may extend this exception + * to your version of the file, but you are not obligated to do so. If you do + * not wish to do so, delete this exception statement from your version. + */ + +package mir.storage; + +import java.util.*; + + +/** + * Interfacedefinition für Datenbank-Adpatoren. Die Adaptoren legen + * jeweils das Verhalten und die Befehlsmächtigkeit der Datenbank + * fest. + * + * @author + * + * @version $Id: DatabaseAdaptor.java,v 1.3 2002/12/14 01:37:43 zapata Exp $ + */ + +public interface DatabaseAdaptor{ + + /* Liefert den Namen der Adaptorklasse + * @return Adaptorklasse als String + */ + public abstract String getDriver(); + + /** + * Liefert die URL für JDBC zurück, in den die Parameter user, pass und host + * eingefügt werden. Die URL wird aus der Konfiguration geholt. + * + * @param user user als String + * @param pass passwort als String + * @param host host als String + * @return url als String + */ + public abstract String getURL(String user, String pass, String host); + + /** + * Gibt zurück, ob das SQL der Datenbank den limit-Befehl beherrscht. + * @return true wenn ja, sonst false + */ + public abstract boolean hasLimit(); + + /** + * Liefert zurück, ob der limit-Befehl erst start und dann offset + * hat (true), oder umgekehrt. Nur Relevant, wenn hasLimit true zurückliefert. + * + * @return true wenn erstes, sonst false + */ + public abstract boolean reverseLimit(); + + /** + * Liefert ein Properties-Objekt zurueck mit user und password. + * @param user + * @param password + * @return Properties + */ + public abstract Properties getProperties(String user, String password); + + /** + * Gibt SQL-Stringfragment zurück, mit dem nach einem insert-Befehl ermittelt + * werden kann, wie man den primary-Key des eingefügten Datensatzes bekommt. + * + * @param theDB Database-Objekt, aus dem ggf. noetige Informationen geholt + * werden können, wie z.B. der Tabellenname + * @return SQL-Statement als String + */ + public abstract String getLastInsertSQL(Database theDB); +} + diff --git a/source/mir/storage/DatabaseAdaptorMySQL.java b/source/mir/storage/DatabaseAdaptorMySQL.java index 612f8add..a21a86db 100755 --- a/source/mir/storage/DatabaseAdaptorMySQL.java +++ b/source/mir/storage/DatabaseAdaptorMySQL.java @@ -1,71 +1,71 @@ -/* - * Copyright (C) 2001, 2002 The Mir-coders group - * - * This file is part of Mir. - * - * Mir is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * Mir is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Mir; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * In addition, as a special exception, The Mir-coders gives permission to link - * the code of this program with the com.oreilly.servlet library, any library - * licensed under the Apache Software License, The Sun (tm) Java Advanced - * Imaging library (JAI), The Sun JIMI library (or with modified versions of - * the above that use the same license as the above), and distribute linked - * combinations including the two. You must obey the GNU General Public - * License in all respects for all of the code used other than the above - * mentioned libraries. If you modify this file, you may extend this exception - * to your version of the file, but you are not obligated to do so. If you do - * not wish to do so, delete this exception statement from your version. - */ - -package mir.storage; - -import java.util.*; -import mir.misc.*; - -/** - * Diese Klasse implementiert die abstrakte Klasse DatabaseAdaptor - * - * @author - * @version 27.6.1999 - */ - -public final class DatabaseAdaptorMySQL implements DatabaseAdaptor{ - - public String getDriver() { - return MirConfig.getProp("Adaptor.MySQL.Driver"); - } - - public String getURL(String user, String pass, String host) { - return MirConfig.getProp("Adaptor.MySQL.URL"); - } - - public boolean hasLimit() { - return true; - } - - public boolean reverseLimit() { - return false; - } - - public Properties getProperties(String user, String password) { - return null; - } - - public String getLastInsertSQL(Database theDB) { - return "select last_insert_id()"; - } -} - - +/* + * Copyright (C) 2001, 2002 The Mir-coders group + * + * This file is part of Mir. + * + * Mir is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Mir is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Mir; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * In addition, as a special exception, The Mir-coders gives permission to link + * the code of this program with the com.oreilly.servlet library, any library + * licensed under the Apache Software License, The Sun (tm) Java Advanced + * Imaging library (JAI), The Sun JIMI library (or with modified versions of + * the above that use the same license as the above), and distribute linked + * combinations including the two. You must obey the GNU General Public + * License in all respects for all of the code used other than the above + * mentioned libraries. If you modify this file, you may extend this exception + * to your version of the file, but you are not obligated to do so. If you do + * not wish to do so, delete this exception statement from your version. + */ + +package mir.storage; + +import java.util.*; +import mir.misc.*; + +/** + * Diese Klasse implementiert die abstrakte Klasse DatabaseAdaptor + * + * @author + * @version 27.6.1999 + */ + +public final class DatabaseAdaptorMySQL implements DatabaseAdaptor{ + + public String getDriver() { + return MirConfig.getProp("Adaptor.MySQL.Driver"); + } + + public String getURL(String user, String pass, String host) { + return MirConfig.getProp("Adaptor.MySQL.URL"); + } + + public boolean hasLimit() { + return true; + } + + public boolean reverseLimit() { + return false; + } + + public Properties getProperties(String user, String password) { + return null; + } + + public String getLastInsertSQL(Database theDB) { + return "select last_insert_id()"; + } +} + + diff --git a/source/mir/storage/DatabaseAdaptorPostgresql.java b/source/mir/storage/DatabaseAdaptorPostgresql.java index 70727413..fb45b7db 100755 --- a/source/mir/storage/DatabaseAdaptorPostgresql.java +++ b/source/mir/storage/DatabaseAdaptorPostgresql.java @@ -1,71 +1,71 @@ -/* - * Copyright (C) 2001, 2002 The Mir-coders group - * - * This file is part of Mir. - * - * Mir is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * Mir is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Mir; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * In addition, as a special exception, The Mir-coders gives permission to link - * the code of this program with the com.oreilly.servlet library, any library - * licensed under the Apache Software License, The Sun (tm) Java Advanced - * Imaging library (JAI), The Sun JIMI library (or with modified versions of - * the above that use the same license as the above), and distribute linked - * combinations including the two. You must obey the GNU General Public - * License in all respects for all of the code used other than the above - * mentioned libraries. If you modify this file, you may extend this exception - * to your version of the file, but you are not obligated to do so. If you do - * not wish to do so, delete this exception statement from your version. - */ - -package mir.storage; - -import java.util.*; -import mir.misc.*; - -/** - * Diese Klasse implementiert die abstrakte Klasse DatabaseAdaptor für Postgresql-Datenbanken - * - * @author - * @version 30.12.2000 - */ - -public final class DatabaseAdaptorPostgresql implements DatabaseAdaptor{ - - public String getDriver() { - return MirConfig.getProp("Adaptor.PostgreSQL.Driver"); - } - - public String getURL(String user, String pass, String host) { - return MirConfig.getProp("Adaptor.PostgreSQL.URL"); - } - - public boolean hasLimit() { - return true; - } - - public boolean reverseLimit() { - return true; - } - - public Properties getProperties(String user, String password) { - return null; - } - - public String getLastInsertSQL(Database theDB) { - return "select currval('"+theDB.getCoreTable()+"_id_seq')"; - } -} - - +/* + * Copyright (C) 2001, 2002 The Mir-coders group + * + * This file is part of Mir. + * + * Mir is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Mir is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Mir; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * In addition, as a special exception, The Mir-coders gives permission to link + * the code of this program with the com.oreilly.servlet library, any library + * licensed under the Apache Software License, The Sun (tm) Java Advanced + * Imaging library (JAI), The Sun JIMI library (or with modified versions of + * the above that use the same license as the above), and distribute linked + * combinations including the two. You must obey the GNU General Public + * License in all respects for all of the code used other than the above + * mentioned libraries. If you modify this file, you may extend this exception + * to your version of the file, but you are not obligated to do so. If you do + * not wish to do so, delete this exception statement from your version. + */ + +package mir.storage; + +import java.util.*; +import mir.misc.*; + +/** + * Diese Klasse implementiert die abstrakte Klasse DatabaseAdaptor für Postgresql-Datenbanken + * + * @author + * @version 30.12.2000 + */ + +public final class DatabaseAdaptorPostgresql implements DatabaseAdaptor{ + + public String getDriver() { + return MirConfig.getProp("Adaptor.PostgreSQL.Driver"); + } + + public String getURL(String user, String pass, String host) { + return MirConfig.getProp("Adaptor.PostgreSQL.URL"); + } + + public boolean hasLimit() { + return true; + } + + public boolean reverseLimit() { + return true; + } + + public Properties getProperties(String user, String password) { + return null; + } + + public String getLastInsertSQL(Database theDB) { + return "select currval('" + theDB.getCoreTable() + "_id_seq')"; + } +} + + diff --git a/source/mir/storage/DatabaseAdaptorSybase.java b/source/mir/storage/DatabaseAdaptorSybase.java index 037688c1..91ac1b97 100755 --- a/source/mir/storage/DatabaseAdaptorSybase.java +++ b/source/mir/storage/DatabaseAdaptorSybase.java @@ -1,116 +1,108 @@ -/* - * Copyright (C) 2001, 2002 The Mir-coders group - * - * This file is part of Mir. - * - * Mir is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * Mir is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Mir; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * In addition, as a special exception, The Mir-coders gives permission to link - * the code of this program with the com.oreilly.servlet library, any library - * licensed under the Apache Software License, The Sun (tm) Java Advanced - * Imaging library (JAI), The Sun JIMI library (or with modified versions of - * the above that use the same license as the above), and distribute linked - * combinations including the two. You must obey the GNU General Public - * License in all respects for all of the code used other than the above - * mentioned libraries. If you modify this file, you may extend this exception - * to your version of the file, but you are not obligated to do so. If you do - * not wish to do so, delete this exception statement from your version. - */ -/* - * Implementiert DatabaseAdaptor Interface für Sybase. - */ - - - -package mir.storage; - -import java.util.*; -import mir.misc.*; - - -/** - * Diese Klasse implementiert Interface DatabaseAdaptor fuer Sybase - * - * @author - * @version 15.05.2000 - */ -public final class DatabaseAdaptorSybase - implements DatabaseAdaptor { - - /** - * Liefert den Namen der Adaptorklasse Adaptor.Sybase.Driver - * für Sybase zurück. - * @return Adaptorklasse als String - */ - public String getDriver() { - return MirConfig.getProp("Adaptor.Sybase.Driver"); - } - - /** - * Liefert die URL für JDBC zurück, in den die Parameter user, pass und host - * eingefügt werden. Die URL wird aus der Konfiguration geholt. - * - * @param user user als String - * @param pass passwort als String - * @param host host als String - * @return url als String - */ - public String getURL(String user, String pass, String host) { - return MirConfig.getProp("Adaptor.Sybase.URL"); - /** @todo hier muesste bessererweise $HOST durch HOST ersetzt, etc. werden */ - } - - /** - * Gibt zurück, ob das SQL der Datenbank den limit-Befehl beherrscht. - * @return false - */ - public boolean hasLimit () { - return false; - } - - /** - * Liefert zurück, ob der limit-Befehl erst start und dann offset - * hat (true), oder umgekehrt. Nur Relevant, wenn hasLimit true zurückliefert. - * - * @return false - */ - public boolean reverseLimit() { - return false; - } - - /** - * Liefert ein Properties-Objekt zurueck mit user und password. - * @param user - * @param password - * @return Properties - */ - public Properties getProperties(String user, String password) { - Properties props = new Properties(); - props.put("user", user); - props.put("password", password); - return props; - } - - - - - - - - - public String getLastInsertSQL(Database theDB) { - return "select currval('"+theDB.getCoreTable()+"_id_seq')"; - } -} +/* + * Copyright (C) 2001, 2002 The Mir-coders group + * + * This file is part of Mir. + * + * Mir is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Mir is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Mir; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * In addition, as a special exception, The Mir-coders gives permission to link + * the code of this program with the com.oreilly.servlet library, any library + * licensed under the Apache Software License, The Sun (tm) Java Advanced + * Imaging library (JAI), The Sun JIMI library (or with modified versions of + * the above that use the same license as the above), and distribute linked + * combinations including the two. You must obey the GNU General Public + * License in all respects for all of the code used other than the above + * mentioned libraries. If you modify this file, you may extend this exception + * to your version of the file, but you are not obligated to do so. If you do + * not wish to do so, delete this exception statement from your version. + */ +/* + * Implementiert DatabaseAdaptor Interface für Sybase. + */ + + + +package mir.storage; + +import java.util.*; +import mir.misc.*; + + +/** + * Diese Klasse implementiert Interface DatabaseAdaptor fuer Sybase + * + * @author + * @version 15.05.2000 + */ +public final class DatabaseAdaptorSybase implements DatabaseAdaptor { + + /** + * Liefert den Namen der Adaptorklasse Adaptor.Sybase.Driver + * für Sybase zurück. + * @return Adaptorklasse als String + */ + public String getDriver() { + return MirConfig.getProp("Adaptor.Sybase.Driver"); + } + + /** + * Liefert die URL für JDBC zurück, in den die Parameter user, pass und host + * eingefügt werden. Die URL wird aus der Konfiguration geholt. + * + * @param user user als String + * @param pass passwort als String + * @param host host als String + * @return url als String + */ + public String getURL(String user, String pass, String host) { + return MirConfig.getProp("Adaptor.Sybase.URL"); + /** @todo hier muesste bessererweise $HOST durch HOST ersetzt, etc. werden */ + } + + /** + * Gibt zurück, ob das SQL der Datenbank den limit-Befehl beherrscht. + * @return false + */ + public boolean hasLimit() { + return false; + } + + /** + * Liefert zurück, ob der limit-Befehl erst start und dann offset + * hat (true), oder umgekehrt. Nur Relevant, wenn hasLimit true zurückliefert. + * + * @return false + */ + public boolean reverseLimit() { + return false; + } + + /** + * Liefert ein Properties-Objekt zurueck mit user und password. + * @param user + * @param password + * @return Properties + */ + public Properties getProperties(String user, String password) { + Properties props = new Properties(); + props.put("user", user); + props.put("password", password); + return props; + } + + public String getLastInsertSQL(Database theDB) { + return "select currval('" + theDB.getCoreTable() + "_id_seq')"; + } +} diff --git a/source/mir/util/GeneratorHTMLFunctions.java b/source/mir/util/GeneratorHTMLFunctions.java index 7d156d2e..c098c272 100755 --- a/source/mir/util/GeneratorHTMLFunctions.java +++ b/source/mir/util/GeneratorHTMLFunctions.java @@ -72,4 +72,21 @@ public class GeneratorHTMLFunctions { } }; } + + public static class encodeXMLGeneratorFunction implements Generator.GeneratorFunction { + public Object perform(List aParameters) throws GeneratorExc { + try { + if (aParameters.size()!=1) + throw new GeneratorExc("encodeHTMLGeneratorFunction: only 1 parameter expected"); + + return HTMLRoutines.encodeXML(StringRoutines.interpretAsString(aParameters.get(0))); + } + catch (GeneratorExc e) { + throw e; + } + catch (Throwable t) { + throw new GeneratorFailure("encodeHTMLGeneratorFunction: " + t.getMessage(), t); + } + }; + } } diff --git a/source/mir/util/HTMLRoutines.java b/source/mir/util/HTMLRoutines.java index 076f4cef..53bced3c 100755 --- a/source/mir/util/HTMLRoutines.java +++ b/source/mir/util/HTMLRoutines.java @@ -40,34 +40,16 @@ public class HTMLRoutines { } public static String encodeHTML(String aText) { - final char[] CHARACTERS_TO_ESCAPE = { '&', '<', '>', '"', '\'' }; - final String[] ESCAPE_CODES = { "&", "<", ">", """, "'" }; - - int position, nextPosition; - int i; - StringBuffer result = new StringBuffer(); - - position=0; - - do { - nextPosition = StringRoutines.indexOfCharacters(aText, CHARACTERS_TO_ESCAPE, position); + final char[] CHARACTERS_TO_ESCAPE = { '&', '<', '>', '"' }; + final String[] ESCAPE_CODES = { "&", "<", ">", """ }; - if (nextPosition<0) - nextPosition = aText.length(); - - result.append(aText.substring(position, nextPosition)); + return StringRoutines.replaceStringCharacters(aText, CHARACTERS_TO_ESCAPE, ESCAPE_CODES); + } - if (nextPosition', '"', '\'' }; + final String[] ESCAPE_CODES = { "&", "<", ">", """, "'" }; - return result.toString(); + return StringRoutines.replaceStringCharacters(aText, CHARACTERS_TO_ESCAPE, ESCAPE_CODES); } } \ No newline at end of file diff --git a/source/mir/util/JDBCStringRoutines.java b/source/mir/util/JDBCStringRoutines.java new file mode 100755 index 00000000..0e273f2a --- /dev/null +++ b/source/mir/util/JDBCStringRoutines.java @@ -0,0 +1,23 @@ +package mir.util; + +/** + *

Title:

+ *

Description:

+ *

Copyright: Copyright (c) 2002

+ *

Company:

+ * @author not attributable + * @version 1.0 + */ + +public class JDBCStringRoutines { + private JDBCStringRoutines() { + } + + public static String escapeStringLiteral(String aText) { + final char[] CHARACTERS_TO_ESCAPE = { '\'', '\\', '%', '_', '?' }; + final String[] ESCAPE_CODES = { "\'\'", "\\\\", "\\%", "\\_", "\\?" }; + + return StringRoutines.replaceStringCharacters(aText, CHARACTERS_TO_ESCAPE, ESCAPE_CODES); + } + +} \ No newline at end of file diff --git a/source/mir/util/StringRoutines.java b/source/mir/util/StringRoutines.java index e25df140..ddb6ccbc 100755 --- a/source/mir/util/StringRoutines.java +++ b/source/mir/util/StringRoutines.java @@ -55,6 +55,36 @@ public class StringRoutines { return result; } + static String replaceStringCharacters(String aText, char[] aCharactersToReplace, String[] aStringsToSubstitute) { + int position, nextPosition; + int i; + StringBuffer result = new StringBuffer(); + + position=0; + + do { + nextPosition = StringRoutines.indexOfCharacters(aText, aCharactersToReplace, position); + + if (nextPosition<0) + nextPosition = aText.length(); + + result.append(aText.substring(position, nextPosition)); + + if (nextPositionDiese Klasse implementiert die Datenbankverbindung zur MetaObjekt-Tabelle - * - * - */ -public class DatabaseLinksImcs extends Database - implements StorageObject { - private static DatabaseLinksImcs instance; - - /** - * put your documentation comment here - * @return - * @exception StorageObjectException - */ - // the following *has* to be sychronized cause this static method - // could get preemted and we could end up with 2 instances of DatabaseFoo.. - // see the "Singletons with needles and thread" article at JavaWorld -mh - public synchronized static DatabaseLinksImcs getInstance () - throws StorageObjectException { - if (instance == null) { - instance = new DatabaseLinksImcs(); - instance.myselfDatabase = instance; - } - return instance; - } - - /** - * put your documentation comment here - */ - private DatabaseLinksImcs () throws StorageObjectException - { - super(); - ////this.cache = new HashMap(); - this.hasTimestamp = false; - this.theTable = "links_imcs"; - try { - this.theEntityClass = Class.forName("mircoders.entity.EntityLinksImcs"); - } catch (Exception e) { - throw new StorageObjectException(e.toString()); - } - } - - /** @todo toooo much copy/paste in this class //rk */ - - public String insert (Entity theEntity) throws StorageObjectException { - String returnId = "0"; - Connection con = null; - PreparedStatement pstmt = null; - //cache - invalidatePopupCache(); - try { - HashMap theEntityValues = theEntity.getValues(); - ArrayList streamedInput = theEntity.streamedInput(); - StringBuffer f = new StringBuffer(); - StringBuffer v = new StringBuffer(); - String aField, aValue; - boolean firstField = true; - // make sql-string - for (int i = 0; i < getFields().size(); i++) { - aField = (String)getFields().get(i); - if (!aField.equals(thePKeyName)) { - aValue = null; - // sonderfaelle - if (aField.equals("webdb_create")) { - aValue = "NOW()"; - } - else { - if (streamedInput != null && streamedInput.contains(aField)) { - aValue = "?"; - } - else { - if (theEntityValues.containsKey(aField)) { - if (aField.equals("to_parent_id")) { - aValue = StringUtil.quote((String)theEntityValues.get(aField)); - } else { - aValue = "'" + StringUtil.quote((String)theEntityValues.get(aField)) + "'"; - } - } - } - } - // wenn Wert gegeben, dann einbauen - if (aValue != null) { - if (firstField == false) { - f.append(","); - v.append(","); - } - else { - firstField = false; - } - f.append(aField); - v.append(aValue); - } - } - } // end for - // insert into db - StringBuffer sqlBuf = new StringBuffer("insert into ").append(theTable).append("(").append(f).append(") values (").append(v).append(")"); - String sql = sqlBuf.toString(); - theLog.printInfo("INSERT: " + sql); - con = getPooledCon(); - con.setAutoCommit(false); - pstmt = con.prepareStatement(sql); - if (streamedInput != null) { - for (int i = 0; i < streamedInput.size(); i++) { - String inputString = (String)theEntityValues.get(streamedInput.get(i)); - pstmt.setBytes(i + 1, inputString.getBytes()); - } - } - pstmt.execute(); - pstmt = con.prepareStatement(theAdaptor.getLastInsertSQL((Database)myselfDatabase)); - ResultSet rs = pstmt.executeQuery(); - rs.next(); - returnId = rs.getString(1); - theEntity.setId(returnId); - } catch (SQLException sqe) { - throwSQLException(sqe, "insert"); - } finally { - try { - con.setAutoCommit(true); - } catch (Exception e) { - ; - } - freeConnection(con, pstmt); - } - return returnId; - } - - public void update (Entity theEntity) throws StorageObjectException { - Connection con = null; - PreparedStatement pstmt = null; - ArrayList streamedInput = theEntity.streamedInput(); - HashMap theEntityValues = theEntity.getValues(); - String id = theEntity.getId(); - String aField; - StringBuffer fv = new StringBuffer(); - boolean firstField = true; - //cache - invalidatePopupCache(); - // build sql statement - for (int i = 0; i < getFields().size(); i++) { - aField = (String)metadataFields.get(i); - // only normal cases - if (!(aField.equals(thePKeyName) || aField.equals("webdb_create") || - aField.equals("webdb_lastchange") || (streamedInput != null && streamedInput.contains(aField)))) { - if (theEntityValues.containsKey(aField)) { - if (firstField == false) { - fv.append(", "); - } - else { - firstField = false; - } - if (aField.equals("to_parent_id")) { - fv.append(aField).append("=").append(StringUtil.quote((String)theEntityValues.get(aField))); - } else { - fv.append(aField).append("='").append(StringUtil.quote((String)theEntityValues.get(aField))).append("'"); - } - } - } - } - StringBuffer sql = new StringBuffer("update ").append(theTable).append(" set ").append(fv); - // exceptions - if (metadataFields.contains("webdb_lastchange")) { - sql.append(",webdb_lastchange=NOW()"); - } - if (streamedInput != null) { - for (int i = 0; i < streamedInput.size(); i++) { - sql.append(",").append(streamedInput.get(i)).append("=?"); - } - } - sql.append(" where id=").append(id); - theLog.printInfo("UPDATE: " + sql); - // execute sql - try { - con = getPooledCon(); - con.setAutoCommit(false); - pstmt = con.prepareStatement(sql.toString()); - if (streamedInput != null) { - for (int i = 0; i < streamedInput.size(); i++) { - String inputString = (String)theEntityValues.get(streamedInput.get(i)); - pstmt.setBytes(i + 1, inputString.getBytes()); - } - } - pstmt.executeUpdate(); - } catch (SQLException sqe) { - throwSQLException(sqe, "update"); - } finally { - try { - con.setAutoCommit(true); - } catch (Exception e) { - ; - } - freeConnection(con, pstmt); - } - } - -} - - - +/* + * Copyright (C) 2001, 2002 The Mir-coders group + * + * This file is part of Mir. + * + * Mir is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Mir is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Mir; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * In addition, as a special exception, The Mir-coders gives permission to link + * the code of this program with the com.oreilly.servlet library, any library + * licensed under the Apache Software License, The Sun (tm) Java Advanced + * Imaging library (JAI), The Sun JIMI library (or with modified versions of + * the above that use the same license as the above), and distribute linked + * combinations including the two. You must obey the GNU General Public + * License in all respects for all of the code used other than the above + * mentioned libraries. If you modify this file, you may extend this exception + * to your version of the file, but you are not obligated to do so. If you do + * not wish to do so, delete this exception statement from your version. + */ + +package mircoders.storage; + +import java.lang.*; +import java.sql.*; +import java.io.*; +import java.util.*; +import freemarker.template.*; +import mir.storage.*; +import mir.entity.*; +import mir.misc.*; +import mir.util.*; + + +/** + * Diese Klasse implementiert die Datenbankverbindung zur MetaObjekt-Tabelle + * + * + */ +public class DatabaseLinksImcs extends Database + implements StorageObject { + private static DatabaseLinksImcs instance; + + /** + * put your documentation comment here + * @return + * @exception StorageObjectException + */ + // the following *has* to be sychronized cause this static method + // could get preemted and we could end up with 2 instances of DatabaseFoo.. + // see the "Singletons with needles and thread" article at JavaWorld -mh + public synchronized static DatabaseLinksImcs getInstance() throws + StorageObjectException { + if (instance == null) { + instance = new DatabaseLinksImcs(); + instance.myselfDatabase = instance; + } + return instance; + } + + /** + * put your documentation comment here + */ + private DatabaseLinksImcs() throws StorageObjectException { + super(); + ////this.cache = new HashMap(); + this.hasTimestamp = false; + this.theTable = "links_imcs"; + try { + this.theEntityClass = Class.forName("mircoders.entity.EntityLinksImcs"); + } + catch (Exception e) { + throw new StorageObjectException(e.toString()); + } + } + + /** @todo toooo much copy/paste in this class //rk */ + + public String insert(Entity theEntity) throws StorageObjectException { + String returnId = "0"; + Connection con = null; + PreparedStatement pstmt = null; + //cache + invalidatePopupCache(); + try { + HashMap theEntityValues = theEntity.getValues(); + ArrayList streamedInput = theEntity.streamedInput(); + StringBuffer f = new StringBuffer(); + StringBuffer v = new StringBuffer(); + String aField, aValue; + boolean firstField = true; + // make sql-string + for (int i = 0; i < getFields().size(); i++) { + aField = (String) getFields().get(i); + if (!aField.equals(thePKeyName)) { + aValue = null; + // sonderfaelle + if (aField.equals("webdb_create")) { + aValue = "NOW()"; + } + else { + if (streamedInput != null && streamedInput.contains(aField)) { + aValue = "?"; + } + else { + if (theEntityValues.containsKey(aField)) { + if (aField.equals("to_parent_id")) { + aValue = JDBCStringRoutines.escapeStringLiteral((String) theEntityValues.get(aField)); + } + else { + aValue = "'" + JDBCStringRoutines.escapeStringLiteral((String) theEntityValues.get(aField)) + "'"; + } + } + } + } + // wenn Wert gegeben, dann einbauen + if (aValue != null) { + if (firstField == false) { + f.append(","); + v.append(","); + } + else { + firstField = false; + } + f.append(aField); + v.append(aValue); + } + } + } // end for + // insert into db + StringBuffer sqlBuf = new StringBuffer("insert into ").append(theTable). + append("(").append(f).append(") values (").append(v).append(")"); + String sql = sqlBuf.toString(); + theLog.printInfo("INSERT: " + sql); + con = getPooledCon(); + con.setAutoCommit(false); + pstmt = con.prepareStatement(sql); + if (streamedInput != null) { + for (int i = 0; i < streamedInput.size(); i++) { + String inputString = (String) theEntityValues.get(streamedInput.get(i)); + pstmt.setBytes(i + 1, inputString.getBytes()); + } + } + pstmt.execute(); + pstmt = con.prepareStatement(theAdaptor.getLastInsertSQL( (Database) + myselfDatabase)); + ResultSet rs = pstmt.executeQuery(); + rs.next(); + returnId = rs.getString(1); + theEntity.setId(returnId); + } + catch (SQLException sqe) { + throwSQLException(sqe, "insert"); + } + finally { + try { + con.setAutoCommit(true); + } + catch (Exception e) { + ; + } + freeConnection(con, pstmt); + } + return returnId; + } + + public void update(Entity theEntity) throws StorageObjectException { + Connection con = null; + PreparedStatement pstmt = null; + ArrayList streamedInput = theEntity.streamedInput(); + HashMap theEntityValues = theEntity.getValues(); + String id = theEntity.getId(); + String aField; + StringBuffer fv = new StringBuffer(); + boolean firstField = true; + //cache + invalidatePopupCache(); + // build sql statement + for (int i = 0; i < getFields().size(); i++) { + aField = (String) metadataFields.get(i); + // only normal cases + if (! (aField.equals(thePKeyName) || aField.equals("webdb_create") || + aField.equals("webdb_lastchange") || + (streamedInput != null && streamedInput.contains(aField)))) { + if (theEntityValues.containsKey(aField)) { + if (firstField == false) { + fv.append(", "); + } + else { + firstField = false; + } + if (aField.equals("to_parent_id")) { + fv.append(aField).append("=").append(JDBCStringRoutines.escapeStringLiteral((String)theEntityValues.get(aField))); + } + else { + fv.append(aField).append("='").append(JDBCStringRoutines.escapeStringLiteral((String)theEntityValues.get(aField))).append("'"); + } + } + } + } + StringBuffer sql = new StringBuffer("update ").append(theTable).append( + " set ").append(fv); + // exceptions + if (metadataFields.contains("webdb_lastchange")) { + sql.append(",webdb_lastchange=NOW()"); + } + if (streamedInput != null) { + for (int i = 0; i < streamedInput.size(); i++) { + sql.append(",").append(streamedInput.get(i)).append("=?"); + } + } + sql.append(" where id=").append(id); + theLog.printInfo("UPDATE: " + sql); + // execute sql + try { + con = getPooledCon(); + con.setAutoCommit(false); + pstmt = con.prepareStatement(sql.toString()); + if (streamedInput != null) { + for (int i = 0; i < streamedInput.size(); i++) { + String inputString = (String) theEntityValues.get(streamedInput.get(i)); + pstmt.setBytes(i + 1, inputString.getBytes()); + } + } + pstmt.executeUpdate(); + } + catch (SQLException sqe) { + throwSQLException(sqe, "update"); + } + finally { + try { + con.setAutoCommit(true); + } + catch (Exception e) { + ; + } + freeConnection(con, pstmt); + } + } + +} \ No newline at end of file -- 2.11.0