Example usage for java.sql PreparedStatement executeQuery

List of usage examples for java.sql PreparedStatement executeQuery

Introduction

In this page you can find the example usage for java.sql PreparedStatement executeQuery.

Prototype

ResultSet executeQuery() throws SQLException;

Source Link

Document

Executes the SQL query in this PreparedStatement object and returns the ResultSet object generated by the query.

Usage

From source file:com.chaosinmotion.securechat.server.commands.ChangePassword.java

public static boolean processRequest(Login.UserInfo userinfo, JSONObject requestParams, String token)
        throws ClassNotFoundException, SQLException, IOException {
    String oldpassword = requestParams.optString("oldpassword");
    String newpassword = requestParams.optString("newpassword");

    /*/*w ww.j av  a2 s  .c o  m*/
     * Validate the old password against the token we received
     */

    Connection c = null;
    PreparedStatement ps = null;
    ResultSet rs = null;

    try {
        c = Database.get();
        ps = c.prepareStatement("SELECT password " + "FROM Users " + "WHERE userid = ?");
        ps.setInt(1, userinfo.getUserID());
        rs = ps.executeQuery();

        if (rs.next()) {
            /*
             * If the result is found, hash the entry in the way it would
             * be hashed by the front end, and compare to see if the
             * hash codes match. (This requires that the hashed password
             * stored in the back-end has a consistent capitalization.
             * We arbitrarily pick lower-case for our SHA-256 hex string.
             */
            String spassword = rs.getString(1);

            /*
             * Encrypt password with token and salt
             */

            spassword = spassword + Constants.SALT + token;
            spassword = Hash.sha256(spassword);

            /*
             * Compare; if matches, then return the user info record
             * so we can store away. While the SHA256 process returns
             * consistent case, we compare ignoring case anyway, just
             * because. :-)
             */

            if (!spassword.equalsIgnoreCase(oldpassword)) {
                /* Wrong password */
                return false;
            }
        }

        /*
         * Update password stored with the updated value passed in.
         */

        rs.close();
        ps.close();

        ps = c.prepareStatement("UPDATE Users " + "SET password = ? " + "WHERE userid = ?");
        ps.setString(1, newpassword);
        ps.setInt(2, userinfo.getUserID());
        ps.execute();

        return true;
    } finally {
        if (rs != null)
            rs.close();
        if (ps != null)
            ps.close();
        if (c != null)
            c.close();
    }
}

From source file:ch.newscron.registration.UserRegistration.java

public static long getShortUrlId(String shortURL) {
    Connection connection = null;
    PreparedStatement query = null;
    ResultSet rs = null;//from   w w  w . j  av  a 2s  . co m
    try {
        connection = connect();
        query = connection.prepareStatement("SELECT id FROM ShortURL WHERE shortUrl=?");
        query.setString(1, shortURL);
        rs = query.executeQuery();
        rs.next();
        long shortURLId = rs.getLong("id");
        return shortURLId;
    } catch (Exception ex) {
        Logger.getLogger(UserRegistration.class.getName()).log(Level.SEVERE, null, ex);
    } finally {
        disconnect(connection, query, rs);
    }
    return -1;
}

From source file:com.krawler.common.util.SchedulingUtilities.java

public static String getCmpHolidaydays(Connection conn, String companyId) throws ServiceException {
    String res = "";
    try {/*  w ww .  j a v a 2  s . c om*/
        String qry = "SELECT holiday, description FROM companyholidays WHERE companyid = ?";
        PreparedStatement pstmt = conn.prepareStatement(qry);
        pstmt.setString(1, companyId);
        ResultSet rs = pstmt.executeQuery();
        KWLJsonConverter j = new KWLJsonConverter();
        res = j.GetJsonForGrid(rs);
    } catch (SQLException e) {
        throw ServiceException.FAILURE("SchedulingUtilities.getCmpHolidaydays : " + e.getMessage(), e);
    }
    return res;
}

From source file:com.chaosinmotion.securechat.server.commands.Login.java

/**
 * Process the login request. This returns null if the user could not
 * be logged in.//from  w  ww.  java2  s  . c  o m
 * 
 * The expected parameters are 'username' and 'password', which should
 * be hashed.
 * 
 * @param requestParams
 * @return
 * @throws IOException 
 * @throws SQLException 
 * @throws ClassNotFoundException 
 */
public static UserInfo processRequest(JSONObject requestParams, String token)
        throws ClassNotFoundException, SQLException, IOException {
    String username = requestParams.optString("username");
    String password = requestParams.optString("password");

    /*
     * Obtain user information from database
     */

    Connection c = null;
    PreparedStatement ps = null;
    ResultSet rs = null;

    try {
        c = Database.get();
        ps = c.prepareStatement("SELECT userid, password " + "FROM Users " + "WHERE username = ?");
        ps.setString(1, username);
        rs = ps.executeQuery();

        if (rs.next()) {
            /*
             * If the result is found, hash the entry in the way it would
             * be hashed by the front end, and compare to see if the
             * hash codes match. (This requires that the hashed password
             * stored in the back-end has a consistent capitalization.
             * We arbitrarily pick lower-case for our SHA-256 hex string.
             */
            int userID = rs.getInt(1);
            String spassword = rs.getString(2);

            /*
             * Encrypt password with token and salt
             */

            spassword = spassword + Constants.SALT + token;
            spassword = Hash.sha256(spassword);

            /*
             * Compare; if matches, then return the user info record
             * so we can store away. While the SHA256 process returns
             * consistent case, we compare ignoring case anyway, just
             * because. :-)
             */

            if (spassword.equalsIgnoreCase(password)) {
                return new UserInfo(userID);
            }
        }
        return null;
    } finally {
        if (rs != null)
            rs.close();
        if (ps != null)
            ps.close();
        if (c != null)
            c.close();
    }
}

From source file:org.red5.webapps.admin.controllers.service.UserDAO.java

public static AdminUserDetails getUser(String username) {
    AdminUserDetails details = null;/*  w w w .j a v  a2  s .  c o m*/
    Connection conn = null;
    PreparedStatement stmt = null;
    try {
        conn = UserDatabase.getConnection();
        //make a statement
        stmt = conn.prepareStatement("SELECT * FROM APPUSER WHERE username = ?");
        stmt.setString(1, username);
        ResultSet rs = stmt.executeQuery();
        if (rs.next()) {
            log.debug("User found");
            details = new AdminUserDetails();
            details.setEnabled("enabled".equals(rs.getString("enabled")));
            details.setPassword(rs.getString("password"));
            details.setUserid(rs.getInt("userid"));
            details.setUsername(rs.getString("username"));
            //
            rs.close();
            //get role            
            stmt = conn.prepareStatement("SELECT authority FROM APPROLE WHERE username = ?");
            stmt.setString(1, username);
            rs = stmt.executeQuery();
            if (rs.next()) {
                GrantedAuthority[] authorities = new GrantedAuthority[1];
                authorities[0] = new GrantedAuthorityImpl(rs.getString("authority"));
                details.setAuthorities(authorities);
                //
                //if (daoAuthenticationProvider != null) {
                //User usr = new User(username, details.getPassword(), true, true, true, true, authorities);
                //daoAuthenticationProvider.getUserCache().putUserInCache(usr);               
                //}
            }
        }
        rs.close();
    } catch (Exception e) {
        log.error("Error connecting to db", e);
    } finally {
        if (stmt != null) {
            try {
                stmt.close();
            } catch (SQLException e) {
            }
        }
        if (conn != null) {
            UserDatabase.recycle(conn);
        }
    }
    return details;
}

From source file:las.DBConnector.java

public static boolean checkDataExistedInTable(String tableName) throws SQLException {
    boolean exists = true;
    String check = "SELECT * FROM " + tableName;
    PreparedStatement pt = conn.prepareStatement(check);
    ResultSet rs = pt.executeQuery();
    if (rs.next()) {
        exists = false;/*from   ww w . j a v  a 2s .  c  o  m*/
    }
    return exists;
}

From source file:las.DBConnector.java

public static ArrayList<Transaction> getTransactionTable() throws SQLException {
    ArrayList<Transaction> table = new ArrayList<>();
    String data = "SELECT * FROM Transactions";
    PreparedStatement pt = conn.prepareStatement(data);
    ResultSet rs = pt.executeQuery();
    while (rs.next()) {
        table.add(new Transaction(rs.getInt("MEMBER_ID"), rs.getInt("ITEM_ID"),
                rs.getTimestamp("TRANSACTION_TIME")));
    }/*from  ww w  .ja v a2 s. c o m*/

    return table;
}

From source file:las.DBConnector.java

public static ArrayList<Item> getItemTable() throws SQLException {
    ArrayList<Item> table = new ArrayList<>();
    String data = "SELECT * FROM Items";
    PreparedStatement pt = conn.prepareStatement(data);
    ResultSet rs = pt.executeQuery();
    while (rs.next()) {
        table.add(new Item(rs.getString("title"), rs.getString("author"), rs.getString("type"),
                rs.getInt("Item_ID"), rs.getInt("amountleft")));
    }/*from w  ww .  ja  va 2 s.c om*/

    return table;
}

From source file:las.DBConnector.java

public static ArrayList<Member> getMemberTableIntoList() throws SQLException, ClassNotFoundException {
    ArrayList<Member> mtable = new ArrayList<>();
    String data = "SELECT * FROM LAS.MEMBERS";
    PreparedStatement pt = conn.prepareStatement(data);
    ResultSet rs = pt.executeQuery();
    while (rs.next()) {
        mtable.add(new Member(rs.getInt("MEMBER_ID"), rs.getString("NAME"), rs.getString("EMAIL"),
                rs.getString("PRIVILEGE"), rs.getBoolean("ISSTAFF")));
    }//from w w w.  ja  v a2 s.c  o m

    return mtable;
}

From source file:ch.newscron.referral.ReferralManager.java

/**
 * Calls the database to query for all rows in ShortURL table of database in relation to customerId
 * @param customerId a long representing the unique customer id
 * @return a List of CustomerShortURL objects, consisting of the shortURL table entries corresponding to the given customerId 
 */// w  w w  .  j  av a  2 s . c  o m
public static List<CustomerShortURL> getCustomerShortURLs(long customerId) {
    Connection connection = null;
    PreparedStatement query = null;
    ResultSet rs = null;
    try {
        connection = connect();
        query = connection.prepareStatement("SELECT * FROM ShortURL WHERE custId = ?");
        query.setLong(1, customerId);
        rs = query.executeQuery();
        List<CustomerShortURL> shortURLList = parseResultSet(rs);
        return shortURLList;
    } catch (Exception ex) {
        Logger.getLogger(ReferralManager.class.getName()).log(Level.SEVERE, null, ex);
    } finally {
        disconnect(connection, query, rs);
    }
    return null;
}