mirror of
https://github.com/AuthMe/AuthMeReloaded.git
synced 2024-11-27 20:57:35 +01:00
Use PreparedStatement in all case needed it - #308
This commit is contained in:
parent
2f1338b08b
commit
607380e59c
@ -627,15 +627,18 @@ public class MySQL implements DataSource {
|
||||
public synchronized List<String> autoPurgeDatabase(long until) {
|
||||
List<String> list = new ArrayList<>();
|
||||
try (Connection con = getConnection()) {
|
||||
String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnLastLogin + "<" + until;
|
||||
Statement st = con.createStatement();
|
||||
ResultSet rs = st.executeQuery(sql);
|
||||
String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnLastLogin + "<?;";
|
||||
PreparedStatement st = con.prepareStatement(sql);
|
||||
st.setLong(1, until);
|
||||
ResultSet rs = st.executeQuery();
|
||||
while (rs.next()) {
|
||||
list.add(rs.getString(columnName));
|
||||
}
|
||||
rs.close();
|
||||
sql = "DELETE FROM " + tableName + " WHERE " + columnLastLogin + "<" + until;
|
||||
st.executeUpdate(sql);
|
||||
sql = "DELETE FROM " + tableName + " WHERE " + columnLastLogin + "<?:";
|
||||
st = con.prepareStatement(sql);
|
||||
st.setLong(1, until);
|
||||
st.executeUpdate();
|
||||
st.close();
|
||||
} catch (SQLException ex) {
|
||||
ConsoleLogger.showError(ex.getMessage());
|
||||
@ -657,9 +660,10 @@ public class MySQL implements DataSource {
|
||||
ResultSet rs = pst.executeQuery();
|
||||
if (rs.next()) {
|
||||
int id = rs.getInt(columnID);
|
||||
sql = "DELETE FROM xf_user_authenticate WHERE " + columnID + "=" + id;
|
||||
Statement st = con.createStatement();
|
||||
st.executeUpdate(sql);
|
||||
sql = "DELETE FROM xf_user_authenticate WHERE " + columnID + "=?;";
|
||||
PreparedStatement st = con.prepareStatement(sql);
|
||||
st.setInt(1, id);
|
||||
st.executeUpdate();
|
||||
st.close();
|
||||
}
|
||||
rs.close();
|
||||
|
Loading…
Reference in New Issue
Block a user