Removed vulnerabilities

Mainly leftover raw stacktrace prints in exceptions instead of propper
logging statements.

src/main/java/us/tastybento/bskyblock/api/panels/Panel.java

@@ -70,7 +70,7 @@ public class Panel {
     public void open(Player... players) {
         for (Player player : players) {
             player.openInventory(inventory);
-            PanelListenerManager.openPanels.put(player.getUniqueId(), this);
+            PanelListenerManager.getOpenPanels().put(player.getUniqueId(), this);
         }
     }
 
@@ -81,7 +81,7 @@ public class Panel {
     public void open(User... users) {
         for (User user : users) {
             user.getPlayer().openInventory(inventory);
-            PanelListenerManager.openPanels.put(user.getUniqueId(), this);
+            PanelListenerManager.getOpenPanels().put(user.getUniqueId(), this);
         }
     }
 

src/main/java/us/tastybento/bskyblock/database/mysql/MySQLDatabaseResourceCloser.java

@@ -5,6 +5,8 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
 
+import org.bukkit.Bukkit;
+
 public class MySQLDatabaseResourceCloser {
 
     /**
@@ -23,8 +25,7 @@ public class MySQLDatabaseResourceCloser {
                 try {
                     resultSet.close();
                 } catch (SQLException e) {
-                    /* Do some exception-logging here. */
+                    Bukkit.getLogger().severe("Could not close MySQL resultset");
-                    e.printStackTrace();
                 }
             }
         }
@@ -50,8 +51,7 @@ public class MySQLDatabaseResourceCloser {
                 try {
                     statement.close();
                 } catch (SQLException e) {
-                    /* Do some exception-logging here. */
+                    Bukkit.getLogger().severe("Could not close MySQL statement");
-                    e.printStackTrace();
                 }
             }
         }
@@ -72,8 +72,7 @@ public class MySQLDatabaseResourceCloser {
                 try {
                     connection.close();
                 } catch (SQLException e) {
-                    /* Do some exception-logging here. */
+                    Bukkit.getLogger().severe("Could not close MySQL connection");
-                    e.printStackTrace();
                 }
             }
         }

src/main/java/us/tastybento/bskyblock/generators/IslandWorld.java

@@ -81,7 +81,6 @@ public class IslandWorld {
                 }
             } catch (Exception e) {
                 Bukkit.getLogger().severe("Not successfull! Disabling " + plugin.getName() + "!");
-                e.printStackTrace();
                 Bukkit.getServer().getPluginManager().disablePlugin(plugin);
             }
         }

src/main/java/us/tastybento/bskyblock/listeners/PanelListenerManager.java

@@ -19,7 +19,7 @@ public class PanelListenerManager implements Listener {
 
     //private static final boolean DEBUG = false;
 
-    public static HashMap<UUID, Panel> openPanels = new HashMap<>();
+    private static HashMap<UUID, Panel> openPanels = new HashMap<>();
 
     @EventHandler(priority = EventPriority.LOWEST)
     public void onInventoryClick(InventoryClickEvent event) {
@@ -28,11 +28,11 @@ public class PanelListenerManager implements Listener {
         //UUID playerUUID = player.getUniqueId();
         Inventory inventory = event.getInventory(); // The inventory that was
         // Open the inventory panel that this player has open (they can only ever have one)
-        if (openPanels.containsKey(user.getUniqueId())) {
+        if (getOpenPanels().containsKey(user.getUniqueId())) {
             // Check the name of the panel
-            if (inventory.getName().equals(openPanels.get(user.getUniqueId()).getInventory().getName())) {
+            if (inventory.getName().equals(getOpenPanels().get(user.getUniqueId()).getInventory().getName())) {
                 // Get the panel itself
-                Panel panel = openPanels.get(user.getUniqueId());
+                Panel panel = getOpenPanels().get(user.getUniqueId());
                 // Check that they clicked on a specific item
                 for (int slot : panel.getItems().keySet()) {
                     if (slot == event.getRawSlot()) {
@@ -48,19 +48,26 @@ public class PanelListenerManager implements Listener {
                 }
             } else {
                 // Wrong name - delete this panel
-                openPanels.remove(user.getUniqueId());
+                getOpenPanels().remove(user.getUniqueId());
             }
         }
     }
 
     @EventHandler(priority = EventPriority.LOWEST)
     public void onInventoryClose(InventoryCloseEvent event) {
-        if (openPanels.containsKey(event.getPlayer().getUniqueId())) openPanels.remove(event.getPlayer().getUniqueId());
+        if (getOpenPanels().containsKey(event.getPlayer().getUniqueId())) getOpenPanels().remove(event.getPlayer().getUniqueId());
     }
 
     @EventHandler(priority = EventPriority.NORMAL)
     public void onLogOut(PlayerQuitEvent event) {
-        if (openPanels.containsKey(event.getPlayer().getUniqueId())) openPanels.remove(event.getPlayer().getUniqueId());
+        if (getOpenPanels().containsKey(event.getPlayer().getUniqueId())) getOpenPanels().remove(event.getPlayer().getUniqueId());
+    }
+
+    /**
+     * @return the openPanels
+     */
+    public static HashMap<UUID, Panel> getOpenPanels() {
+        return openPanels;
     }
     
 }

src/main/java/us/tastybento/bskyblock/listeners/flags/AbstractFlagListener.java

@@ -18,6 +18,7 @@ import us.tastybento.bskyblock.BSkyBlock;
 import us.tastybento.bskyblock.api.commands.User;
 import us.tastybento.bskyblock.api.flags.Flag;
 import us.tastybento.bskyblock.api.flags.Flag.FlagType;
+import us.tastybento.bskyblock.database.managers.island.IslandsManager;
 import us.tastybento.bskyblock.database.objects.Island;
 
 /**
@@ -27,9 +28,16 @@ import us.tastybento.bskyblock.database.objects.Island;
  */
 public abstract class AbstractFlagListener implements Listener {
 
-    public BSkyBlock plugin = BSkyBlock.getInstance();
+    private BSkyBlock plugin = BSkyBlock.getInstance();
     private User user = null;
     
+    /**
+     * @return the plugin
+     */
+    public BSkyBlock getPlugin() {
+        return plugin;
+    }
+
     /**
      * Used for unit testing only to set the plugin
      * @param plugin
@@ -47,13 +55,13 @@ public abstract class AbstractFlagListener implements Listener {
     private boolean createEventUser(Event e) {
         try {
             // Use reflection to get the getPlayer method if it exists
-
             Method getPlayer = e.getClass().getMethod("getPlayer");
             if (getPlayer != null) {
                 setUser(User.getInstance((Player)getPlayer.invoke(e)));
                 return true;
             }
-        } catch (Exception e1) { e1.printStackTrace();}
+        } catch (Exception e1) {  // Do nothing 
+        }
         return false;
     }
 
@@ -147,7 +155,7 @@ public abstract class AbstractFlagListener implements Listener {
         if (!inWorld(loc)) return true;
 
         // Get the island and if present
-        Optional<Island> island = plugin.getIslands().getIslandAt(loc);
+        Optional<Island> island = getIslands().getIslandAt(loc);
 
         // Handle Settings Flag
         if (flag.getType().equals(FlagType.SETTING)) {
@@ -201,4 +209,11 @@ public abstract class AbstractFlagListener implements Listener {
         return plugin.getFlagsManager().getFlagByID(id);
     }
 
+    /**
+     * Get the island database manager
+     * @return the island database manager
+     */
+    protected IslandsManager getIslands() {
+        return plugin.getIslands();
+    }
 }

src/main/java/us/tastybento/bskyblock/listeners/flags/BreakBlocksListener.java

@@ -94,7 +94,7 @@ public class BreakBlocksListener extends AbstractFlagListener {
         if (inWorld(e.getVehicle()) && e.getAttacker() instanceof Player) {
             User user = User.getInstance((Player) e.getAttacker());
             // Get the island and if present, check the flag, react if required and return
-            plugin.getIslands().getIslandAt(e.getVehicle().getLocation()).ifPresent(x -> { 
+            getIslands().getIslandAt(e.getVehicle().getLocation()).ifPresent(x -> { 
                 if (!x.isAllowed(user, Flags.BREAK_BLOCKS)) {
                     e.setCancelled(true);
                     user.sendMessage("protection.protected");

src/main/java/us/tastybento/bskyblock/listeners/flags/FireListener.java

@@ -40,7 +40,7 @@ public class FireListener extends AbstractFlagListener {
             return;
         }
         // Check if the island exists and if fire is allowed
-        Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
+        Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
         island.ifPresent(x ->  {
             if (!x.isAllowed(Flags.FIRE_SPREAD)) e.setCancelled(true);
         });
@@ -59,7 +59,7 @@ public class FireListener extends AbstractFlagListener {
                 return;
             }
             // Check if the island exists and if fire is allowed
-            Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
+            Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
             island.ifPresent(x ->  {
                 if (!x.isAllowed(Flags.FIRE_SPREAD)) e.setCancelled(true);
             });
@@ -82,7 +82,7 @@ public class FireListener extends AbstractFlagListener {
             return;
         }
         // Check if the island exists and if fire is allowed
-        Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
+        Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
         island.ifPresent(x ->  {
             if (!x.isAllowed(Flags.FIRE)) e.setCancelled(true);
         });
@@ -135,7 +135,7 @@ public class FireListener extends AbstractFlagListener {
             return;
         }
         // Check if the island exists and if fire is allowed
-        Optional<Island> island = plugin.getIslands().getIslandAt(e.getBlock().getLocation());
+        Optional<Island> island = getIslands().getIslandAt(e.getBlock().getLocation());
         island.ifPresent(x ->  {
             if (!x.isAllowed(Flags.FIRE)) e.setCancelled(true);
         });

src/main/java/us/tastybento/bskyblock/listeners/flags/HurtingListener.java

@@ -169,7 +169,7 @@ public class HurtingListener extends AbstractFlagListener {
             UUID uuid = ((Player)projectile.getShooter()).getUniqueId();
             // Store it and remove it when the effect is gone
             thrownPotions.put(e.getAreaEffectCloud().getEntityId(), uuid);
-            plugin.getServer().getScheduler().runTaskLater(plugin, () -> {
+            getPlugin().getServer().getScheduler().runTaskLater(getPlugin(), () -> {
                 thrownPotions.remove(e.getAreaEffectCloud().getEntityId());
             }, e.getAreaEffectCloud().getDuration());
         }

src/main/java/us/tastybento/bskyblock/listeners/flags/MobSpawnListener.java

@@ -41,7 +41,7 @@ public class MobSpawnListener extends AbstractFlagListener {
                 || e.getSpawnReason().equals(SpawnReason.DEFAULT)
                 || e.getSpawnReason().equals(SpawnReason.MOUNT)
                 || e.getSpawnReason().equals(SpawnReason.NETHER_PORTAL)) {
-            Optional<Island> island = plugin.getIslands().getIslandAt(e.getLocation());
+            Optional<Island> island = getIslands().getIslandAt(e.getLocation());
             if (island.isPresent()) {
                 if (e.getEntity() instanceof Monster || e.getEntity() instanceof Slime) {             
                     if (!island.get().isAllowed(Flags.MOB_SPAWN)) {

src/main/java/us/tastybento/bskyblock/listeners/flags/PVPListener.java

@@ -45,8 +45,8 @@ public class PVPListener extends AbstractFlagListener {
     public void onEntityDamage(final EntityDamageByEntityEvent e) {
         if (e.getEntity() instanceof Player) {
             Flag flag = Flags.PVP_OVERWORLD;
-            if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
+            if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
-            else if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
+            else if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
             respond(e, e.getDamager(), flag);
         }
     }
@@ -73,8 +73,8 @@ public class PVPListener extends AbstractFlagListener {
     public void onFishing(PlayerFishEvent e) {
         if (e.getCaught() != null && e.getCaught() instanceof Player) {
             Flag flag = Flags.PVP_OVERWORLD;
-            if (e.getCaught().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
+            if (e.getCaught().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
-            else if (e.getCaught().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
+            else if (e.getCaught().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
             if (checkIsland(e, e.getCaught().getLocation(), flag)) {
                 e.getHook().remove();
                 return;
@@ -90,8 +90,8 @@ public class PVPListener extends AbstractFlagListener {
     public void onSplashPotionSplash(final PotionSplashEvent e) {
         // Deduce the world
         Flag flag = Flags.PVP_OVERWORLD;
-        if (e.getPotion().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
+        if (e.getPotion().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
-        else if (e.getPotion().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
+        else if (e.getPotion().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
 
         // Try to get the thrower
         Projectile projectile = (Projectile) e.getEntity();
@@ -123,7 +123,7 @@ public class PVPListener extends AbstractFlagListener {
             UUID uuid = ((Player)projectile.getShooter()).getUniqueId();
             // Store it and remove it when the effect is gone
             thrownPotions.put(e.getAreaEffectCloud().getEntityId(), uuid);
-            plugin.getServer().getScheduler().runTaskLater(plugin, () -> {
+            getPlugin().getServer().getScheduler().runTaskLater(getPlugin(), () -> {
                 thrownPotions.remove(e.getAreaEffectCloud().getEntityId());
             }, e.getAreaEffectCloud().getDuration());
         }
@@ -138,8 +138,8 @@ public class PVPListener extends AbstractFlagListener {
         if (e.getCause().equals(DamageCause.ENTITY_ATTACK) && thrownPotions.containsKey(e.getDamager().getEntityId())) {
             // Deduce the world
             Flag flag = Flags.PVP_OVERWORLD;
-            if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
+            if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getNetherWorld())) flag = Flags.PVP_NETHER;
-            else if (e.getEntity().getWorld().equals(plugin.getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
+            else if (e.getEntity().getWorld().equals(getPlugin().getIslandWorldManager().getEndWorld())) flag = Flags.PVP_END;
 
             UUID attacker = thrownPotions.get(e.getDamager().getEntityId());
             // Self damage

src/main/java/us/tastybento/bskyblock/lists/Flags.java

@@ -4,6 +4,7 @@ import java.util.Arrays;
 import java.util.List;
 import java.util.stream.Collectors;
 
+import org.bukkit.Bukkit;
 import org.bukkit.Material;
 
 import us.tastybento.bskyblock.api.flags.Flag;
@@ -126,9 +127,8 @@ public class Flags {
         return Arrays.asList(Flags.class.getFields()).stream().map(field -> {
             try {
                 return (Flag)field.get(null);
-            } catch (IllegalArgumentException | IllegalAccessException e) {
+            } catch (IllegalArgumentException | IllegalAccessException e) {                
-                
+                Bukkit.getLogger().severe("Could not get Flag values " + e.getMessage());
-                e.printStackTrace();
             }
             return null;
         }).collect(Collectors.toList());

src/main/java/us/tastybento/bskyblock/managers/AddonsManager.java

@@ -64,10 +64,7 @@ public final class AddonsManager {
             try {
                 f.mkdir();
             } catch (SecurityException e) {
-                e.printStackTrace();
+                Bukkit.getLogger().severe("Cannot create folder 'addons' (Permission ?)");
-                if (DEBUG) {
-                    Bukkit.getLogger().severe("Cannot create folder 'addons' (Permission ?)");
-                }
             }
         }
 
@@ -182,7 +179,7 @@ public final class AddonsManager {
             try {
                 loader.close();
             } catch (IOException e) {
-                e.printStackTrace();
+                // Do nothing
             }
         });
     }

src/main/java/us/tastybento/bskyblock/managers/LocalesManager.java

@@ -2,6 +2,7 @@ package us.tastybento.bskyblock.managers;
 
 import java.io.File;
 import java.io.FilenameFilter;
+import java.io.IOException;
 import java.io.InputStream;
 import java.util.HashMap;
 import java.util.Locale;
@@ -78,20 +79,24 @@ public final class LocalesManager {
             try {
                 for (String name : lister.listJar(LOCALE_FOLDER)) {
                     // We cannot use Bukkit's saveResource, because we want it to go into a specific folder, so...
-                    InputStream initialStream = plugin.getResource(name);
+                    try (InputStream initialStream = plugin.getResource(name)) {
-                    // Get the last part of the name
+                        // Get the last part of the name
-                    int lastIndex = name.lastIndexOf('/');
+                        int lastIndex = name.lastIndexOf('/');
-                    File targetFile = new File(localeDir, name.substring(lastIndex >= 0 ? lastIndex : 0, name.length()));
+                        File targetFile = new File(localeDir, name.substring(lastIndex >= 0 ? lastIndex : 0, name.length()));
-                    if (DEBUG)
+                        if (DEBUG)
-                        plugin.getLogger().info("DEBUG: targetFile = " + targetFile.getAbsolutePath());
+                            plugin.getLogger().info("DEBUG: targetFile = " + targetFile.getAbsolutePath());
-                    if (!targetFile.exists()) {
+                        if (!targetFile.exists()) {
-                        java.nio.file.Files.copy(initialStream, targetFile.toPath());
+                            java.nio.file.Files.copy(initialStream, targetFile.toPath());
+                        }
+                    } catch (IOException e) {
+                        plugin.getLogger().severe("Could not copy locale files from jar " + e.getMessage());
                     }
-                    initialStream.close();
+
                 }
-            } catch (Exception e) {
+            } catch (IOException e) {
-                e.printStackTrace();
+                plugin.getLogger().severe("Could not copy locale files from jar " + e.getMessage());
             }
+
         }
 
         // Store all the locales available

src/main/java/us/tastybento/bskyblock/util/Util.java

@@ -287,7 +287,7 @@ public class Util {
                 config = new YamlConfiguration();
                 config.load(yamlFile);
             } catch (Exception e) {
-                e.printStackTrace();
+                plugin.getLogger().severe("Could not load yml file " + e.getMessage());
             }
         } else {
             // Create the missing file

src/main/java/us/tastybento/bskyblock/util/placeholders/PlaceholderHandler.java

@@ -40,7 +40,6 @@ public class PlaceholderHandler {
         } catch (Exception e){
             // Should never happen.
             plugin.getLogger().severe("Failed to load default placeholder API");
-            e.printStackTrace();
         }
 
         // Load hooks