upd: precise SQL statements for verification

Change-Id: I921b638d0734b14eb2cd1f9389c20e7fb7b15922

diff --git a/src/club/wpia/gigi/dbObjects/CATS.java b/src/club/wpia/gigi/dbObjects/CATS.java
index c9f96d11a55701064bd4548af44528ce4e2949f8..0f2b9ff0d0d45cd96ae9af9956a8282266263739 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/CATS.java
+++ b/src/club/wpia/gigi/dbObjects/CATS.java
@@ -97,7 +97,7 @@ public class CATS {
     }
 
     public static boolean isInCatsLimit(int uID, int testID) {
     }
 
     public static boolean isInCatsLimit(int uID, int testID) {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `cats_passed` WHERE `user_id` = ? AND `variant_id` = ? AND`pass_date` > (now() - interval '1 months' * ?)")) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `cats_passed` WHERE `user_id` = ? AND `variant_id` = ? AND`pass_date` > (now() - interval '1 months' * ?::INTEGER)")) {

             ps.setInt(1, uID);
             ps.setInt(2, testID);
             ps.setInt(3, TEST_MONTHS);
             ps.setInt(1, uID);
             ps.setInt(2, testID);
             ps.setInt(3, TEST_MONTHS);

diff --git a/src/club/wpia/gigi/dbObjects/Domain.java b/src/club/wpia/gigi/dbObjects/Domain.java
index d7de209c28ae069e1c03e29d9a6417f858b4032b..e8accbcac1b545d4040bfbdbb4118403128e9c2f 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/Domain.java
+++ b/src/club/wpia/gigi/dbObjects/Domain.java
@@ -34,7 +34,7 @@ public class Domain implements IdCachable, Verifyable {
     }
 
     private static void checkInsert(String suffix) throws GigiApiException {
     }
 
     private static void checkInsert(String suffix) throws GigiApiException {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domains` WHERE (`domain`=? OR (CONCAT('.', `domain`)=RIGHT(?,LENGTH(`domain`)+1)  OR RIGHT(`domain`,LENGTH(?)+1)=CONCAT('.',?))) AND `deleted` IS NULL")) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domains` WHERE (`domain`=? OR (CONCAT('.', `domain`)=RIGHT(?,LENGTH(`domain`)+1)  OR RIGHT(`domain`,LENGTH(?)+1)=CONCAT('.',?::VARCHAR))) AND `deleted` IS NULL")) {

             ps.setString(1, suffix);
             ps.setString(2, suffix);
             ps.setString(3, suffix);
             ps.setString(1, suffix);
             ps.setString(2, suffix);
             ps.setString(3, suffix);

diff --git a/src/club/wpia/gigi/dbObjects/Group.java b/src/club/wpia/gigi/dbObjects/Group.java
index 778c46e014d1da29f246b9f57e831071b7255705..556395b294a7fb7735bbaaf0a438ee9177cef8be 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/Group.java
+++ b/src/club/wpia/gigi/dbObjects/Group.java
@@ -74,7 +74,7 @@ public enum Group implements DBEnum {
     }
 
     public User[] getMembers(int offset, int count) {
     }
 
     public User[] getMembers(int offset, int count) {

-        try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `user` FROM `user_groups` WHERE `permission`=?::`userGroup` AND `deleted` IS NULL OFFSET ? LIMIT ?", true)) {
+        try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT `user` FROM `user_groups` WHERE `permission`=?::`userGroup` AND `deleted` IS NULL OFFSET ?::INTEGER LIMIT ?::INTEGER", true)) {

             gps.setEnum(1, this);
             gps.setInt(2, offset);
             gps.setInt(3, count);
             gps.setEnum(1, this);
             gps.setInt(2, offset);
             gps.setInt(3, count);

diff --git a/src/club/wpia/gigi/dbObjects/Organisation.java b/src/club/wpia/gigi/dbObjects/Organisation.java
index 3ce83c70b77ed3312827f977a0007010a4e0a74b..7029929388a9854eb46618307def03f87bfa71d9 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/Organisation.java
+++ b/src/club/wpia/gigi/dbObjects/Organisation.java
@@ -198,7 +198,7 @@ public class Organisation extends CertificateOwner {
     }
 
     public static Organisation[] getOrganisations(int offset, int count) {
     }
 
     public static Organisation[] getOrganisations(int offset, int count) {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certOwners`.`id` FROM `organisations` INNER JOIN `certOwners` ON `certOwners`.`id`=`organisations`.`id` WHERE `certOwners`.`deleted` IS NULL OFFSET ? LIMIT ?", true)) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certOwners`.`id` FROM `organisations` INNER JOIN `certOwners` ON `certOwners`.`id`=`organisations`.`id` WHERE `certOwners`.`deleted` IS NULL OFFSET ?::INTEGER LIMIT ?::INTEGER", true)) {

             ps.setInt(1, offset);
             ps.setInt(2, count);
             GigiResultSet res = ps.executeQuery();
             ps.setInt(1, offset);
             ps.setInt(2, count);
             GigiResultSet res = ps.executeQuery();

diff --git a/src/club/wpia/gigi/dbObjects/User.java b/src/club/wpia/gigi/dbObjects/User.java
index a4c32014c3209132f1863733bd9e8b22a14997a9..b65dbc5a027f5edee63c301b3dd12cd42f661957 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/User.java
+++ b/src/club/wpia/gigi/dbObjects/User.java
@@ -591,7 +591,7 @@ public class User extends CertificateOwner {
     }
 
     public static User getResetWithToken(int id, String token) {
     }
 
     public static User getResetWithToken(int id, String token) {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `memid` FROM `passwordResetTickets` WHERE `id`=? AND `token`=? AND `used` IS NULL AND `created` > CURRENT_TIMESTAMP - interval '1 hours' * ?")) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `memid` FROM `passwordResetTickets` WHERE `id`=? AND `token`=? AND `used` IS NULL AND `created` > CURRENT_TIMESTAMP - interval '1 hours' * ?::INTEGER")) {

             ps.setInt(1, id);
             ps.setString(2, token);
             ps.setInt(3, PasswordResetPage.HOUR_MAX);
             ps.setInt(1, id);
             ps.setString(2, token);
             ps.setInt(3, PasswordResetPage.HOUR_MAX);


@@ -631,7 +631,7 @@ public class User extends CertificateOwner {
     }
 
     public boolean isInVerificationLimit() {
     }
 
     public boolean isInVerificationLimit() {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` INNER JOIN `names` ON `names`.`id`=`to` WHERE `names`.`uid` = ? AND `when` > (now() - (interval '1 month' * ?)) AND (`expire` IS NULL OR `expire` > now()) AND `notary`.`deleted` IS NULL;")) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` INNER JOIN `names` ON `names`.`id`=`to` WHERE `names`.`uid` = ? AND `when` > (now() - (interval '1 month' * ?::INTEGER)) AND (`expire` IS NULL OR `expire` > now()) AND `notary`.`deleted` IS NULL;")) {

             ps.setInt(1, getId());
             ps.setInt(2, VERIFICATION_MONTHS);
 
             ps.setInt(1, getId());
             ps.setInt(2, VERIFICATION_MONTHS);
 

diff --git a/src/club/wpia/gigi/pages/PasswordResetPage.java b/src/club/wpia/gigi/pages/PasswordResetPage.java
index 92937aeaa1bd6530d15e960488fd6add53a794ca..3bfb894a851417bb10fd2a51cad04574da754d86 100644 (file)
--- a/src/club/wpia/gigi/pages/PasswordResetPage.java
+++ b/src/club/wpia/gigi/pages/PasswordResetPage.java
@@ -61,7 +61,7 @@ public class PasswordResetPage extends Page {
 
         @Override
         public SuccessMessageResult submit(HttpServletRequest req) throws GigiApiException {
 
         @Override
         public SuccessMessageResult submit(HttpServletRequest req) throws GigiApiException {

-            try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) {
+            try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?::INTEGER;")) {

                 passwordReset.setInt(1, HOUR_MAX);
                 passwordReset.execute();
             }
                 passwordReset.setInt(1, HOUR_MAX);
                 passwordReset.execute();
             }

diff --git a/src/club/wpia/gigi/util/Notary.java b/src/club/wpia/gigi/util/Notary.java
index da80752259cbf9c6edf01043ccefaa4c97b04129..36f1fa48c3c603c3c1dd5ed7ab3a30437bf5d2a1 100644 (file)
--- a/src/club/wpia/gigi/util/Notary.java
+++ b/src/club/wpia/gigi/util/Notary.java
@@ -45,7 +45,7 @@ public class Notary {
     }
 
     public static boolean checkVerificationIsPossible(User agent, Name target) {
     }
 
     public static boolean checkVerificationIsPossible(User agent, Name target) {

-        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` where `to`=? and `from`=? and `method` = ? ::`notaryType` AND `deleted` IS NULL AND `when` > (now() - interval '1 days' * ?)")) {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `notary` where `to`=? and `from`=? and `method` = ? ::`notaryType` AND `deleted` IS NULL AND `when` > (now() - interval '1 days' * ?::INTEGER)")) {

             ps.setInt(1, target.getId());
             ps.setInt(2, agent.getId());
             ps.setEnum(3, VerificationType.FACE_TO_FACE);
             ps.setInt(1, target.getId());
             ps.setInt(2, agent.getId());
             ps.setEnum(3, VerificationType.FACE_TO_FACE);