List of usage examples for java.sql CallableStatement executeQuery
ResultSet executeQuery() throws SQLException;
PreparedStatement object and returns the ResultSet object generated by the query. From source file:dbProcs.Getter.java
/** * Returns the result key for a module using the module's hash for the lookup procedure. * @param ApplicationRoot The current running context of the application * @param moduleHash The hash to use for module look up * @return The db stored solution key value for the moduleHash submited *///from w w w . jav a 2s . c o m public static String getModuleResultFromHash(String ApplicationRoot, String moduleHash) { log.debug("*** Getter.getModuleResultFromHash ***"); String result = new String(); Connection conn = Database.getCoreConnection(ApplicationRoot); try { log.debug("hash '" + moduleHash + "'"); CallableStatement callstmt = conn.prepareCall("call moduleGetResultFromHash(?)"); log.debug("Gathering moduleGetResultFromHash ResultSet"); callstmt.setString(1, moduleHash); ResultSet resultSet = callstmt.executeQuery(); log.debug("Opening Result Set from moduleGetResultFromHash"); resultSet.next(); result = resultSet.getString(1); } catch (SQLException e) { log.error("Could not execute query: " + e.toString()); result = null; } Database.closeConnection(conn); log.debug("*** END getModuleResultFromHash ***"); return result; }
From source file:dbProcs.Getter.java
/** * Used to present a modules feedback, including averages and raw results. * @param applicationRoot The current running context of the application. * @param moduleId The module identifier * @return A HTML table of the feedback for a specific module *//*from ww w . ja va 2 s .co m*/ public static String getFeedback(String applicationRoot, String moduleId) { log.debug("*** Getter.getFeedback ***"); String result = new String(); Encoder encoder = ESAPI.encoder(); Connection conn = Database.getCoreConnection(applicationRoot); try { log.debug("Preparing userUpdateResult call"); CallableStatement callstmnt = conn.prepareCall("call moduleFeedback(?)"); callstmnt.setString(1, moduleId); log.debug("Executing moduleFeedback"); ResultSet resultSet = callstmnt.executeQuery(); int resultAmount = 0; int before = 0; int after = 0; int difficulty = 0; boolean color = true; while (resultSet.next()) { if (resultSet.getString(1) != null) { resultAmount++; difficulty += resultSet.getInt(3); before += resultSet.getInt(4); after += resultSet.getInt(5); result += "<tr "; if (color) //Alternate row color { color = !color; result += "BGCOLOR='A878EF'"; } else { color = !color; result += "BGCOLOR='D4BCF7'"; } //A row off information result += "><td>" + encoder.encodeForHTML(resultSet.getString(1)) + "</td><td>" + encoder.encodeForHTML(resultSet.getString(2)) + "</td><td>" + resultSet.getInt(3) + "</td><td>" + resultSet.getInt(4) + "</td><td>" + resultSet.getInt(5) + "</td><td>" + encoder.encodeForHTML(resultSet.getString(6)) + "</td></tr>"; } } if (resultAmount > 0)//Table header result = "<table><tr><th>Player</th><th>Time</th><th>Difficulty</th><th>Before</th><th>After</th><th>Comments</th></tr>" + "<tr><td>Average</td><td></td><td>" + difficulty / resultAmount + "</td><td>" + before / resultAmount + "</td><td>" + after / resultAmount + "</td><td></td></tr>" + result + "<table>"; else // If empty, Blank output result = new String(); } catch (SQLException e) { log.error("moduleFeedback Failure: " + e.toString()); result = null; } Database.closeConnection(conn); log.debug("*** END getFeedback ***"); return result; }
From source file:dbProcs.Getter.java
/** * Used to gather a menu of lessons for a user, including markers for each lesson they have completed or not completed * @param ApplicationRoot The current running context of the application * @param userId Identifier of the user// ww w . j a v a 2 s . c o m * @return HTML lesson menu for Open Floor Plan. */ public static String getLessons(String ApplicationRoot, String userId, Locale lang) { log.debug("*** Getter.getLesson ***"); //Getting Translated Level Names ResourceBundle bundle = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", lang); String output = new String(); Encoder encoder = ESAPI.encoder(); Connection conn = Database.getCoreConnection(ApplicationRoot); try { //Get the lesson modules CallableStatement callstmt = conn.prepareCall("call lessonInfo(?)"); callstmt.setString(1, userId); log.debug("Gathering lessonInfo ResultSet for user " + userId); ResultSet lessons = callstmt.executeQuery(); log.debug("Opening Result Set from moduleAllInfo"); while (lessons.next()) { //log.debug("Adding " + lessons.getString(1)); output += "<li>"; //Markers for completion if (lessons.getString(4) != null) { output += "<img src='css/images/completed.png'/>"; } else { output += "<img src='css/images/uncompleted.png'/>"; } //Prepare lesson output output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(lessons.getString(3)) + "' href='javascript:;'>" + encoder.encodeForHTML(bundle.getString(lessons.getString(1))) + "</a>"; output += "</li>"; } //If no output has been found, return an error message if (output.isEmpty()) { output = "<li><a href='javascript:;'>No lessons found</a></li>"; } else { log.debug("Lesson List returned"); } } catch (Exception e) { log.error("lesson Retrieval: " + e.toString()); } Database.closeConnection(conn); log.debug("*** END getLesson() ***"); return output; }
From source file:dbProcs.Getter.java
/** * Used to determine if a user has completed a module already * @param ApplicationRoot The current running context of an application * @param moduleId The module identifier * @param userId The user identifier/*ww w. j ava 2 s . c o m*/ * @return The module name of the module IF the user has not completed AND the user has previously opened the challenge. */ public static String checkPlayerResult(String ApplicationRoot, String moduleId, String userId) { log.debug("*** Getter.checkPlayerResult ***"); String result = null; Connection conn = Database.getCoreConnection(ApplicationRoot); try { log.debug("Preparing userCheckResult call"); CallableStatement callstmnt = conn.prepareCall("call userCheckResult(?, ?)"); callstmnt.setString(1, moduleId); callstmnt.setString(2, userId); log.debug("Executing userCheckResult"); ResultSet resultSet = callstmnt.executeQuery(); resultSet.next(); result = resultSet.getString(1); } catch (SQLException e) { log.debug("userCheckResult Failure: " + e.toString()); result = null; } Database.closeConnection(conn); log.debug("*** END checkPlayerResult ***"); return result; }
From source file:dbProcs.Getter.java
/** * This method hashes the user submitted password and sends it to the database. * The database does the rest of the work, including Brute Force prevention. * @param userName The submitted user name to be used in authentication process * @param password The submitted password in plain text to be used in authentication * @return A string array made up of nothing or information to be consumed by the initiating authentication process. *///from w ww . ja va 2 s . co m public static String[] authUser(String ApplicationRoot, String userName, String password) { String[] result = null; log.debug("$$$ Getter.authUser $$$"); log.debug("userName = " + userName); boolean userFound = false; boolean goOn = false; Connection conn = Database.getCoreConnection(ApplicationRoot); try { //See if user Exists CallableStatement callstmt = conn.prepareCall("call userFind(?)"); log.debug("Gathering userFind ResultSet"); callstmt.setString(1, userName); ResultSet userFind = callstmt.executeQuery(); log.debug("Opening Result Set from userFind"); try { userFind.next(); log.debug("User Found"); //User found if a row is in the database, this line will not work if the result set is empty userFound = true; } catch (Exception e) { log.debug("User did not exist"); userFound = false; } if (userFound) { //Authenticate User callstmt = conn.prepareCall("call authUser(?, ?)"); log.debug("Gathering authUser ResultSet"); callstmt.setString(1, userName); callstmt.setString(2, password); ResultSet loginAttempt = callstmt.executeQuery(); log.debug("Opening Result Set from authUser"); try { loginAttempt.next(); goOn = true; //Valid password for user submitted } catch (SQLException e) { //... Outer Catch has preference to this one for some reason... This code is never reached! // But I'll leave it here just in case. That includes the else block if goOn is false log.debug("Incorrect Credentials"); goOn = false; } if (goOn) { //ResultSet Not Empty => Credentials Correct result = new String[5]; result[0] = loginAttempt.getString(1); //Id result[1] = loginAttempt.getString(2); //userName result[2] = loginAttempt.getString(3); //role result[4] = loginAttempt.getString(6); //classId if (loginAttempt.getBoolean(5)) //Checking for temp password flag, if true, index View will prompt to change result[3] = "true"; else result[3] = "false"; if (!result[1].equals(userName)) //If somehow this functionality has been compromised to sign in as other users, this will limit the expoitability. But the method is sql injection safe, so it should be ok { log.fatal("User Name used (" + userName + ") and User Name retrieved (" + result[1] + ") were not the Same. Nulling Result"); result = null; } else { log.debug("User '" + userName + "' has logged in"); //Before finishing, check if user had a badlogin history, if so, Clear it if (loginAttempt.getInt(4) > 0) { log.debug("Clearing Bad Login History"); callstmt = conn.prepareCall("call userBadLoginReset(?)"); callstmt.setString(1, result[0]); callstmt.execute(); log.debug("userBadLoginReset executed!"); } } //User has logged in, or a Authentication Bypass was detected... You never know! Better safe than sorry return result; } } } catch (SQLException e) { log.error("Login Failure: " + e.toString()); result = null; //Lagging Response } Database.closeConnection(conn); log.debug("$$$ End authUser $$$"); return result; }
From source file:dbProcs.Getter.java
/** * This method returns the address of a module based on the module identifier submitted. * If user has not accessed this level before, they are put down as starting the level at this time. * If the level is a client side attack, or other issues that cannot be abused to return a result key (like XSS, CSRF or network sniffing) * the address is of the core server. Otherwise the modules sit on the vulnerable application server * @param ApplicationRoot The current running context of the application * @param moduleId Identifier of the module the to return * @param userId The identifier of the user that wants to get the module * @return The module address// ww w. j av a2 s . c o m */ public static String getModuleAddress(String ApplicationRoot, String moduleId, String userId) { log.debug("*** Getter.getModuleAddress ***"); String output = new String(); String type = new String(); Connection conn = Database.getCoreConnection(ApplicationRoot); try { CallableStatement callstmt = conn.prepareCall("call moduleGetHash(?, ?)"); callstmt.setString(1, moduleId); callstmt.setString(2, userId); log.debug("Gathering moduleGetHash ResultSet"); ResultSet modules = callstmt.executeQuery(); log.debug("Opening Result Set from moduleGetHash"); modules.next(); //Exception thrown if no hash was found //Set Type. Used to ensure the URL points at the correct directory if (modules.getString(3).equalsIgnoreCase("challenge")) { type = "challenges"; } else { type = "lessons"; } output = type + "/" + modules.getString(1) + ".jsp"; } catch (Exception e) { log.error("Module Hash Retrieval: " + e.toString()); log.error("moduleID = " + moduleId); log.error("userID = " + userId); } Database.closeConnection(conn); log.debug("*** END getModuleAddress() ***"); return output; }
From source file:dbProcs.Getter.java
/** * This method prepares the incremental module menu. This is when Security Shepherd is in "Game Mode". * Users are presented with one uncompleted module at a time. This method does not return the JS script describing how the menu used should work * @param ApplicationRoot The running context of the application. * @param userId The user identifier of the user. * @param csrfToken The cross site request forgery token * @return A HTML menu of a users current module progress and a script for interaction with this menu *///from w ww . ja v a 2 s .c o m public static String getIncrementalModulesWithoutScript(String ApplicationRoot, String userId, String lang, String csrfToken) { log.debug("*** Getter.getIncrementalChallengesWithoutScript ***"); String output = new String(); Encoder encoder = ESAPI.encoder(); Connection conn = Database.getCoreConnection(ApplicationRoot); Locale.setDefault(new Locale("en")); Locale locale = new Locale(lang); ResourceBundle bundle = ResourceBundle.getBundle("i18n.text", locale); ResourceBundle levelNames = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", locale); try { CallableStatement callstmt = conn.prepareCall("call moduleIncrementalInfo(?)"); callstmt.setString(1, userId); log.debug("Gathering moduleIncrementalInfo ResultSet"); ResultSet modules = callstmt.executeQuery(); log.debug("Opening Result Set from moduleIncrementalInfo"); boolean lastRow = false; boolean completedModules = false; //Preparing first Category header; "Completed" output = "<li><a id='completedList' href='javascript:;'><div class='menuButton'>" + bundle.getString("getter.button.completed") + "</div></a>\n" + "<ul id='theCompletedList' style='display: none;' class='levelList'>"; while (modules.next() && !lastRow) { //For each row, prepair the modules the users can select if (modules.getString(4) != null) //If not Last Row { completedModules = true; output += "<li>"; output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(modules.getString(3)) + "' href='javascript:;'>" + encoder.encodeForHTML(levelNames.getString(modules.getString(1))) + "</a>"; output += "</li>"; } else { lastRow = true; //Last Row - Highlighed Next Challenge if (completedModules) { output += "</ul></li><li>"; } else { //NO completed modules, so dont show any... output = new String(); } //Second category - Uncompleted output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(modules.getString(3)) + "' href='javascript:;'>" + "<div class='menuButton'>" + bundle.getString("getter.button.nextChallenge") + "</div>" + "</a>"; output += "</li>"; } } if (!lastRow) //If true, then the user has completed all challenges { output += "<h2 id='uncompletedList'><a href='javascript:;'>" + bundle.getString("getter.button.finished") + "</a></h2>\n" + "</li>"; } if (output.isEmpty()) //If this method has gone so far without any output, create a error message { output = "<li><a href='javascript:;'>" + bundle.getString("getter.button.noModulesFound") + "</a></li>"; } else //final tags to ensure valid HTML { log.debug("Appending End tags"); //output += "</ul></li>"; //Commented Out to prevent Search Box being pushed into Footer } } catch (Exception e) { log.error("Challenge Retrieval: " + e.toString()); } Database.closeConnection(conn); log.debug("*** END getIncrementalChallengesWithoutScript() ***"); return output; }
From source file:dbProcs.Getter.java
/** * This method prepares the incremental module menu. This is when Security Shepherd is in "Game Mode". * Users are presented with one uncompleted module at a time. This method also returns a script to be executed every time the menu is chanegd. * This is script defines the animation and operations to be carried out when the menu is interacted with * @param ApplicationRoot The running context of the application. * @param userId The user identifier of the user. * @param csrfToken The cross site request forgery token * @return A HTML menu of a users current module progress and a script for interaction with this menu *///from w w w.j a v a2 s .c o m public static String getIncrementalModules(String ApplicationRoot, String userId, String lang, String csrfToken) { log.debug("*** Getter.getIncrementalChallenges ***"); String output = new String(); Encoder encoder = ESAPI.encoder(); Connection conn = Database.getCoreConnection(ApplicationRoot); Locale.setDefault(new Locale("en")); Locale locale = new Locale(lang); ResourceBundle bundle = ResourceBundle.getBundle("i18n.text", locale); ResourceBundle levelNames = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", locale); try { CallableStatement callstmt = conn.prepareCall("call moduleIncrementalInfo(?)"); callstmt.setString(1, userId); log.debug("Gathering moduleIncrementalInfo ResultSet"); ResultSet modules = callstmt.executeQuery(); log.debug("Opening Result Set from moduleIncrementalInfo"); boolean lastRow = false; boolean completedModules = false; //Preparing first Category header; "Completed" output = "<li><a id='completedList' href='javascript:;'><div class='menuButton'>" + bundle.getString("getter.button.completed") + "</div></a>\n" + "<ul id='theCompletedList' style='display: none;' class='levelList'>"; while (modules.next() && !lastRow) { //For each row, prepair the modules the users can select if (modules.getString(4) != null) //If not Last Row { completedModules = true; output += "<li>"; output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(modules.getString(3)) + "' href='javascript:;'>" + encoder.encodeForHTML(levelNames.getString(modules.getString(1))) + "</a>"; output += "</li>"; } else { lastRow = true; //Last Row - Highlighed Next Challenge if (completedModules) { output += "</ul></li><li>"; } else { //NO completed modules, so dont show any... output = new String(); } //Second category - Uncompleted output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(modules.getString(3)) + "' href='javascript:;'>" + "<div class='menuButton'>" + bundle.getString("getter.button.nextChallenge") + "</div>" + "</a>"; output += "</li>"; } } if (!lastRow) //If true, then the user has completed all challenges { output += "<h2 id='uncompletedList'><a href='javascript:;'>" + bundle.getString("getter.button.finished") + "</a></h2>\n" + "</li>"; } if (output.isEmpty()) //If this method has gone so far without any output, create a error message { output = "<li><a href='javascript:;'>" + bundle.getString("getter.button.noModulesFound") + "</a></li>"; } else //final tags to ensure valid HTML { log.debug("Appending End tags"); //output += "</ul></li>"; //Commented Out to prevent Search Box being pushed into Footer } //This is the script for menu interaction output += "<script>applyMenuButtonActionsCtfMode('" + encoder.encodeForHTML(csrfToken) + "', \"" + encoder.encodeForHTML(bundle.getString("generic.text.sorryError")) + "\");</script>"; } catch (Exception e) { log.error("Challenge Retrieval: " + e.toString()); } Database.closeConnection(conn); log.debug("*** END getIncrementalChallenges() ***"); return output; }
From source file:dbProcs.Getter.java
/** * Returns HTML menu for challenges. Challenges are only referenced by their id, * The user will have to go through another servlet to get the module's View address * @param ApplicationRoot The current running context of the application * @return HTML menu for challenges //from w w w . j a va 2 s .c om */ public static String getChallenges(String ApplicationRoot, String userId, Locale lang) { log.debug("*** Getter.getChallenges ***"); String output = new String(); //Getting Translated Level Names ResourceBundle bundle = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", lang); //Encoder to prevent XSS Encoder encoder = ESAPI.encoder(); Connection conn = Database.getCoreConnection(ApplicationRoot); try { CallableStatement callstmt = conn.prepareCall("call moduleAllInfo(?, ?)"); callstmt.setString(1, "challenge"); callstmt.setString(2, userId); log.debug("Gathering moduleAllInfo ResultSet"); ResultSet challenges = callstmt.executeQuery(); log.debug("Opening Result Set from moduleAllInfo"); String challengeCategory = new String(); int rowNumber = 0; // Identifies the first row, ie the start of the list. This is slightly different output to every other row while (challenges.next()) { if (!challengeCategory.equalsIgnoreCase(challenges.getString(2))) { challengeCategory = challenges.getString(2); //log.debug("New Category Detected: " + challengeCategory); if (rowNumber > 0) //output prepared for Every row after row 1 output += "</ul></li><li><a href='javascript:;' class='challengeHeader' >" + encoder.encodeForHTML(bundle.getString("category." + challengeCategory)) + "</a><ul class='challengeList' style='display: none;'>"; else //output prepared for First row in entire challenge output += "<li><a href='javascript:;' class='challengeHeader'>" + encoder.encodeForHTML(bundle.getString("category." + challengeCategory)) + "</a><ul class='challengeList' style='display: none;'>"; //log.debug("Compiling Challenge Category - " + challengeCategory); } output += "<li>"; //Starts next LI element if (challenges.getString(4) != null) { output += "<img src='css/images/completed.png'/>"; //Completed marker } else { output += "<img src='css/images/uncompleted.png'/>"; //Incomplete marker } //Final out put compilation output += "<a class='lesson' id='" + encoder.encodeForHTMLAttribute(challenges.getString(3)) + "' href='javascript:;'>" + encoder.encodeForHTML(bundle.getString(challenges.getString(1))) + "</a>"; output += "</li>"; rowNumber++; } //Check if output is empty if (output.isEmpty()) { output = "<li><a href='javascript:;'>No challenges found</a></li>"; } else { log.debug("Appending End tags"); output += "</ul></li>"; } } catch (Exception e) { log.error("Challenge Retrieval: " + e.toString()); } Database.closeConnection(conn); log.debug("*** END getChallenges() ***"); return output; }
From source file:org.wso2.ws.dataservice.DBUtils.java
private static OMElement getStoredProcedureResult(OMElement queryElement, HashMap inputValues, HashMap params, HashMap paramOrder, HashMap originalParamNames, HashMap paramType, AxisService axisService, int queryLevel) throws AxisFault { OMElement resultElement = null;//ww w. j a va 2 s .c om Connection conn = null; boolean noResultSet = false; String elementValue; boolean hasResponse = true; OMNamespace omNs = null; String sqlQuery = queryElement.getFirstChildWithName(new QName("sql")).getText(); try { //Parameter dbConnectionParam = axisService.getParameter(DBConstants.DB_CONNECTION); //if(dbConnectionParam == null){ // throw new AxisFault("Database connection not found in Axis Configuration"); //} //conn = (Connection)dbConnectionParam.getValue(); conn = checkDBConnectionStatus(axisService, conn); conn.setAutoCommit(false); CallableStatement cs = (CallableStatement) getProcessedPreparedStatement(inputValues, params, paramOrder, originalParamNames, paramType, conn, sqlQuery, "STORED-PROCEDURE", axisService.getName()); ResultSet rs = null; try { rs = cs.executeQuery(); if (rs.getMetaData().getColumnCount() == 0) { noResultSet = true; } } catch (SQLException e) { if (e.getMessage() .indexOf("java.sql.CallableStatement.executeQuery() " + "was called but no result set was returned. " + "Use java.sql.CallableStatement.executeUpdate() for non-queries.") > -1) { noResultSet = true; cs.executeUpdate(); } else { log.error("Error occured getting stored procedure result", e); } } //check for out parameters OMElement result = queryElement.getFirstChildWithName(new QName("result")); String prefix = null; String resultElementNS = null; Query query = new Query(queryElement.getChildrenWithName(new QName("param"))); if (result == null) { hasResponse = false; } if (hasResponse) { Result resultObj = new Result(result); resultElementNS = result.getAttributeValue(new QName("defaultNamespace")); if (resultElementNS == null || resultElementNS.trim().length() == 0) { resultElementNS = axisService.getTargetNamespace(); } String columnDefalut = result.getAttributeValue(new QName("columnDefault")); OMFactory fac = OMAbstractFactory.getOMFactory(); //get prefix for namespace HashMap namespacePrefixMap = null; HashMap queryLevelNamespaceMap = null; HashMap queryLevelPrefixMap = null; if (axisService.getParameterValue(DBConstants.NAMESPACE_PREFIX_MAP) != null) { namespacePrefixMap = (HashMap) axisService.getParameterValue(DBConstants.NAMESPACE_PREFIX_MAP); queryLevelNamespaceMap = (HashMap) axisService .getParameterValue(DBConstants.QUERYLEVEL_NAMESPACE_MAP); queryLevelPrefixMap = (HashMap) axisService .getParameterValue(DBConstants.QUERYLEVEL_PREFIX_MAP); prefix = (String) namespacePrefixMap.get(resultElementNS); if (prefix == null) { prefix = DBConstants.RESULT_PREFIX + BeanUtil.getUniquePrefix(); namespacePrefixMap.put(resultElementNS, prefix); queryLevelNamespaceMap.put(new Integer(queryLevel), resultElementNS); queryLevelPrefixMap.put(new Integer(queryLevel), prefix); } } else { namespacePrefixMap = new HashMap(); queryLevelNamespaceMap = new HashMap(); queryLevelPrefixMap = new HashMap(); prefix = DBConstants.RESULT_PREFIX + BeanUtil.getUniquePrefix(); namespacePrefixMap.put(resultElementNS, prefix); queryLevelNamespaceMap.put(new Integer(queryLevel), resultElementNS); queryLevelPrefixMap.put(new Integer(queryLevel), prefix); axisService.addParameter(DBConstants.NAMESPACE_PREFIX_MAP, namespacePrefixMap); axisService.addParameter(DBConstants.QUERYLEVEL_NAMESPACE_MAP, queryLevelNamespaceMap); axisService.addParameter(DBConstants.QUERYLEVEL_PREFIX_MAP, queryLevelPrefixMap); } omNs = fac.createOMNamespace(resultElementNS, prefix); if (queryLevel > 0) { String previousNS = (String) queryLevelNamespaceMap.get(new Integer(queryLevel - 1)); String previousNSPrefix = (String) queryLevelPrefixMap.get(new Integer(queryLevel - 1)); omNs = fac.createOMNamespace(previousNS, previousNSPrefix); resultElement = fac.createOMElement(resultObj.getResultWrapper(), omNs); } else { resultElement = fac.createOMElement(resultObj.getResultWrapper(), omNs); } //put result elements into an array Iterator tmpElements = result.getChildElements(); ArrayList tmpElementsArrayList = new ArrayList(); while (tmpElements.hasNext()) { OMElement element = (OMElement) tmpElements.next(); tmpElementsArrayList.add(element); } if (!noResultSet && rs != null) { while (rs.next()) { HashMap elementValues = new HashMap(); int columnCount = rs.getMetaData().getColumnCount(); if (queryLevel > 0) { omNs = fac.createOMNamespace(resultElementNS, prefix); } OMElement row = fac.createOMElement(resultObj.getRowName(), omNs); if (resultObj.getRowName() == null) { row = resultElement; } for (int i = 1; i <= columnCount; i++) { String columnName = rs.getMetaData().getColumnLabel(i); //Some databases return columns in different cases columnName = columnName.toLowerCase(); String columnValue = rs.getString(columnName); elementValues.put(columnName, columnValue); } boolean useAsParamToNextQuery = false; for (int a = 0; a < resultObj.getDisplayColumnNames().length; a++) { //can be one of 'element','attribute','text','link' or 'header' String outPutElementType = resultObj.getElementLocalNames()[a]; if (outPutElementType.equals("element") || outPutElementType.equals("attribute")) { String displayTagName = resultObj.getDisplayColumnNames()[a]; String resultSetFieldName = resultObj.getResultSetColumnNames()[a]; resultSetFieldName = resultSetFieldName.toLowerCase(); // This means,the parameter is not part of the // resultset. i.e. it is being passed from user's // parameters. if (useAsParamToNextQuery) { elementValue = (String) params.get(resultSetFieldName); elementValues.put(resultSetFieldName, elementValue); } else { elementValue = (String) elementValues.get(resultSetFieldName); } if (elementValue == null) { //This could be a OUT parameter of a stored procedure elementValue = setOutparameterValue(cs, query, resultSetFieldName); } if (outPutElementType.equals("element")) { OMElement rowElement = fac.createOMElement(displayTagName, omNs); rowElement.addChild(fac.createOMText(rowElement, elementValue)); row.addChild(rowElement); } else if (outPutElementType.equals("attribute")) { row.addAttribute(displayTagName, elementValue, omNs); } } else if (resultObj.getElementLocalNames()[a].equals("call-query")) { OMElement element = (OMElement) tmpElementsArrayList.get(a); OMElement rowElement = getRDBMSResult(element, axisService, elementValues, queryLevel + 1); queryLevel = queryLevel - 1; row.addChild(rowElement); } } if (resultObj.getRowName() != null) { resultElement.addChild(row); } } } else { //No resultset, only out parameters are there. OMElement row = null; if (resultObj.getRowName() != null) { //row name is OPTIONAL row = fac.createOMElement(resultObj.getRowName(), omNs); } //if (resultObj.getRowName() == null) { // row = resultElement; //} for (int a = 0; a < resultObj.getDisplayColumnNames().length; a++) { if (resultObj.getElementLocalNames()[a].equals("element")) { String displayTagName = resultObj.getDisplayColumnNames()[a]; String resultSetFieldName = resultObj.getResultSetColumnNames()[a]; elementValue = setOutparameterValue(cs, query, resultSetFieldName); if (columnDefalut == null || columnDefalut.equals("element")) { OMElement rowElement = fac.createOMElement(displayTagName, omNs); rowElement.addChild(fac.createOMText(rowElement, elementValue)); if (row != null) { row.addChild(rowElement); } else { resultElement.addChild(rowElement); } } else if (columnDefalut.equals("attribute")) { if (row != null) { row.addAttribute(displayTagName, elementValue, omNs); } else { resultElement.addAttribute(displayTagName, elementValue, omNs); } } } } if (row != null) { resultElement.addChild(row); } } } } catch (SQLException e) { log.error("Exception occurred while trying to execute the SQL statement : " + sqlQuery, e); throw new AxisFault("Exception occurred while trying to execute the SQL statement : " + sqlQuery, e); } finally { try { if (conn != null && queryLevel == 0) { conn.commit(); conn.close(); } } catch (SQLException e) { log.error(e.getMessage()); throw new AxisFault("Exception occurred while trying to commit.", e); } } return resultElement; }