mirror of
https://github.com/correl/mage.git
synced 2024-11-15 03:00:16 +00:00
Fixed SQL errors on non escaped symbols in usernames/emails/passwords;
This commit is contained in:
Oleg Agafonov
parent
9ef888c634
commit
971a98061d
8 changed files with 203 additions and 196 deletions
|
|
@ -72,14 +72,11 @@ public class CardSelector extends javax.swing.JPanel implements ComponentListene
|
|||
currentView = mainModel; // by default we use List View
|
||||
|
||||
listCodeSelected = new CheckBoxList();
|
||||
// remove the all option
|
||||
boolean is_removeFinish = false;
|
||||
|
||||
String[] setCodes = ConstructedFormats.getTypes();
|
||||
java.util.List<String> result = new ArrayList<>();
|
||||
|
||||
for (int i = 0; (i < setCodes.length) && (!is_removeFinish); i++) {
|
||||
String item = setCodes[i];
|
||||
for (String item : setCodes) {
|
||||
if (!item.equals(ConstructedFormats.ALL_SETS)) {
|
||||
result.add(item);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ public class ConnectDialog extends MageDialog {
|
|||
MagePreferences.setServerAddress(serverAddress);
|
||||
MagePreferences.setServerPort(Integer.parseInt(txtPort.getText().trim()));
|
||||
MagePreferences.setUserName(serverAddress, txtUserName.getText().trim());
|
||||
MagePreferences.setPassword(serverAddress, txtPassword.getText().trim());
|
||||
MagePreferences.setPassword(serverAddress, String.valueOf(txtPassword.getPassword()).trim());
|
||||
MageFrame.getPreferences().put(KEY_CONNECT_AUTO_CONNECT, Boolean.toString(chkAutoConnect.isSelected()));
|
||||
}
|
||||
|
||||
|
|
@ -508,7 +508,7 @@ public class ConnectDialog extends MageDialog {
|
|||
connection.setHost(this.txtServer.getText().trim());
|
||||
connection.setPort(Integer.valueOf(this.txtPort.getText().trim()));
|
||||
connection.setUsername(this.txtUserName.getText().trim());
|
||||
connection.setPassword(this.txtPassword.getText().trim());
|
||||
connection.setPassword(String.valueOf(this.txtPassword.getPassword()).trim());
|
||||
// force to redownload db
|
||||
boolean redownloadDatabase = (ExpansionRepository.instance.getSetByCode("GRN") == null || CardRepository.instance.findCard("Island") == null);
|
||||
connection.setForceDBComparison(this.chkForceUpdateDB.isSelected() || redownloadDatabase);
|
||||
|
|
|
|||
|
|
@ -1,16 +1,18 @@
|
|||
package mage.client.dialog;
|
||||
|
||||
import java.util.concurrent.CancellationException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
import javax.swing.SwingWorker;
|
||||
import mage.client.MageFrame;
|
||||
import mage.client.SessionHandler;
|
||||
import mage.client.preference.MagePreferences;
|
||||
import mage.remote.Connection;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import javax.swing.*;
|
||||
import java.util.Arrays;
|
||||
import java.util.concurrent.CancellationException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
|
||||
public class RegisterUserDialog extends MageDialog {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(ConnectDialog.class);
|
||||
|
|
@ -187,7 +189,7 @@ public class RegisterUserDialog extends MageDialog {
|
|||
}//GEN-LAST:event_btnCancelActionPerformed
|
||||
|
||||
private void btnRegisterActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_btnRegisterActionPerformed
|
||||
if (!this.txtPassword.getText().equals(this.txtPasswordConfirmation.getText())) {
|
||||
if (!Arrays.equals(this.txtPassword.getPassword(), this.txtPasswordConfirmation.getPassword())) {
|
||||
MageFrame.getInstance().showError("Passwords don't match.");
|
||||
return;
|
||||
}
|
||||
|
|
@ -195,7 +197,7 @@ public class RegisterUserDialog extends MageDialog {
|
|||
connection.setHost(this.txtServer.getText().trim());
|
||||
connection.setPort(Integer.valueOf(this.txtPort.getText().trim()));
|
||||
connection.setUsername(this.txtUserName.getText().trim());
|
||||
connection.setPassword(this.txtPassword.getText().trim());
|
||||
connection.setPassword(String.valueOf(this.txtPassword.getPassword()).trim());
|
||||
connection.setEmail(this.txtEmail.getText().trim());
|
||||
PreferencesDialog.setProxyInformation(connection);
|
||||
task = new ConnectTask();
|
||||
|
|
|
|||
|
|
@ -1,16 +1,18 @@
|
|||
package mage.client.dialog;
|
||||
|
||||
import java.util.concurrent.CancellationException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
import javax.swing.SwingWorker;
|
||||
import mage.client.MageFrame;
|
||||
import mage.client.SessionHandler;
|
||||
import mage.client.preference.MagePreferences;
|
||||
import mage.remote.Connection;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import javax.swing.*;
|
||||
import java.util.Arrays;
|
||||
import java.util.concurrent.CancellationException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
|
||||
public class ResetPasswordDialog extends MageDialog {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(ResetPasswordDialog.class);
|
||||
|
|
@ -269,11 +271,11 @@ public class ResetPasswordDialog extends MageDialog {
|
|||
MageFrame.getInstance().showError("Please enter an auth token.");
|
||||
return;
|
||||
}
|
||||
if (this.txtPassword.getText().isEmpty()) {
|
||||
if (String.valueOf(this.txtPassword.getPassword()).trim().isEmpty()) {
|
||||
MageFrame.getInstance().showError("Please enter a new password.");
|
||||
return;
|
||||
}
|
||||
if (!this.txtPassword.getText().equals(this.txtPasswordConfirmation.getText())) {
|
||||
if (!Arrays.equals(this.txtPassword.getPassword(), this.txtPasswordConfirmation.getPassword())) {
|
||||
MageFrame.getInstance().showError("Passwords don't match.");
|
||||
return;
|
||||
}
|
||||
|
|
@ -284,7 +286,7 @@ public class ResetPasswordDialog extends MageDialog {
|
|||
PreferencesDialog.setProxyInformation(connection);
|
||||
connection.setEmail(this.txtEmail.getText().trim());
|
||||
connection.setAuthToken(this.txtAuthToken.getText().trim());
|
||||
connection.setPassword(this.txtPassword.getText().trim());
|
||||
connection.setPassword(String.valueOf(this.txtPassword.getPassword()).trim());
|
||||
|
||||
resetPasswordTask = new ResetPasswordTask();
|
||||
resetPasswordTask.execute();
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import com.j256.ormlite.dao.Dao;
|
|||
import com.j256.ormlite.dao.DaoManager;
|
||||
import com.j256.ormlite.jdbc.JdbcConnectionSource;
|
||||
import com.j256.ormlite.stmt.QueryBuilder;
|
||||
import com.j256.ormlite.stmt.SelectArg;
|
||||
import com.j256.ormlite.support.ConnectionSource;
|
||||
import com.j256.ormlite.support.DatabaseConnection;
|
||||
import com.j256.ormlite.table.TableUtils;
|
||||
|
|
@ -55,7 +56,7 @@ public enum TableRecordRepository {
|
|||
public List<TableRecord> getAfter(long endTimeMs) {
|
||||
try {
|
||||
QueryBuilder<TableRecord, Object> qb = dao.queryBuilder();
|
||||
qb.where().gt("endTimeMs", endTimeMs);
|
||||
qb.where().gt("endTimeMs", new SelectArg(endTimeMs));
|
||||
qb.orderBy("endTimeMs", true);
|
||||
return dao.query(qb.prepare());
|
||||
} catch (SQLException ex) {
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import com.j256.ormlite.dao.Dao;
|
|||
import com.j256.ormlite.dao.DaoManager;
|
||||
import com.j256.ormlite.jdbc.JdbcConnectionSource;
|
||||
import com.j256.ormlite.stmt.QueryBuilder;
|
||||
import com.j256.ormlite.stmt.SelectArg;
|
||||
import com.j256.ormlite.support.ConnectionSource;
|
||||
import com.j256.ormlite.support.DatabaseConnection;
|
||||
import com.j256.ormlite.table.TableUtils;
|
||||
|
|
@ -70,7 +71,7 @@ public enum UserStatsRepository {
|
|||
public UserStats getUser(String userName) {
|
||||
try {
|
||||
QueryBuilder<UserStats, Object> qb = dao.queryBuilder();
|
||||
qb.limit(1L).where().eq("userName", userName);
|
||||
qb.limit(1L).where().eq("userName", new SelectArg(userName));
|
||||
List<UserStats> users = dao.query(qb.prepare());
|
||||
if (!users.isEmpty()) {
|
||||
return users.get(0);
|
||||
|
|
|
|||
|
|
@ -329,7 +329,9 @@ public enum CardRepository {
|
|||
public CardInfo findCard(String setCode, String cardNumber) {
|
||||
try {
|
||||
QueryBuilder<CardInfo, Object> queryBuilder = cardDao.queryBuilder();
|
||||
queryBuilder.limit(1L).where().eq("setCode", new SelectArg(setCode)).and().eq("cardNumber", cardNumber).and().eq("nightCard", false);
|
||||
queryBuilder.limit(1L).where().eq("setCode", new SelectArg(setCode))
|
||||
.and().eq("cardNumber", new SelectArg(cardNumber))
|
||||
.and().eq("nightCard", new SelectArg(false));
|
||||
List<CardInfo> result = cardDao.query(queryBuilder.prepare());
|
||||
if (!result.isEmpty()) {
|
||||
return result.get(0);
|
||||
|
|
|
|||
|
|
@ -32,7 +32,8 @@ public final class RepositoryUtil {
|
|||
Dao<DatabaseVersion, Object> dbVersionDao = DaoManager.createDao(connectionSource, DatabaseVersion.class);
|
||||
|
||||
QueryBuilder<DatabaseVersion, Object> queryBuilder = dbVersionDao.queryBuilder();
|
||||
queryBuilder.where().eq("entity", new SelectArg(entityName)).and().eq("version", version);
|
||||
queryBuilder.where().eq("entity", new SelectArg(entityName))
|
||||
.and().eq("version", new SelectArg(version));
|
||||
List<DatabaseVersion> dbVersions = dbVersionDao.query(queryBuilder.prepare());
|
||||
|
||||
if (dbVersions.isEmpty()) {
|
||||
|
|
@ -56,7 +57,8 @@ public final class RepositoryUtil {
|
|||
Dao<DatabaseBuild, Object> dbBuildDao = DaoManager.createDao(connectionSource, DatabaseBuild.class);
|
||||
|
||||
QueryBuilder<DatabaseBuild, Object> queryBuilder = dbBuildDao.queryBuilder();
|
||||
queryBuilder.where().eq("entity", new SelectArg(entityName)).and().eq("last_build", currentBuild);
|
||||
queryBuilder.where().eq("entity", new SelectArg(entityName))
|
||||
.and().eq("last_build", new SelectArg(currentBuild));
|
||||
List<DatabaseBuild> dbBuilds = dbBuildDao.query(queryBuilder.prepare());
|
||||
|
||||
if (dbBuilds.isEmpty()) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue