From b03870c0aa9562c430f02e6803dce4784139b25d Mon Sep 17 00:00:00 2001 From: Paldiu Date: Fri, 19 Mar 2021 10:39:58 -0500 Subject: [PATCH] SQL Fixes :) --- .../bridge/CoreProtectBridge.java | 16 ++++++++-------- .../totalfreedommod/world/WorldRestrictions.java | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/main/java/me/totalfreedom/totalfreedommod/bridge/CoreProtectBridge.java b/src/main/java/me/totalfreedom/totalfreedommod/bridge/CoreProtectBridge.java index 8c60857d..dc846cd1 100644 --- a/src/main/java/me/totalfreedom/totalfreedommod/bridge/CoreProtectBridge.java +++ b/src/main/java/me/totalfreedom/totalfreedommod/bridge/CoreProtectBridge.java @@ -1,11 +1,7 @@ package me.totalfreedom.totalfreedommod.bridge; import java.io.File; -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.ResultSet; -import java.sql.SQLException; -import java.sql.Statement; +import java.sql.*; import java.text.DecimalFormat; import java.util.Arrays; import java.util.Collections; @@ -228,11 +224,12 @@ public class CoreProtectBridge extends FreedomService String database = ConfigEntry.COREPROTECT_MYSQL_DATABASE.getString(); String url = host + ":" + port + "/" + database + "?user=" + username + "&password=" + password + "&useSSL=false"; connection = DriverManager.getConnection("jdbc:sql://" + url); - final Statement statement = connection.createStatement(); + final PreparedStatement statement = connection.prepareStatement("SELECT id FROM co_world WHERE world = ?"); statement.setQueryTimeout(30); // Obtain world ID from CoreProtect database - ResultSet resultSet = statement.executeQuery("SELECT id FROM co_world WHERE world = '" + world.getName() + "'"); + statement.setString(1, world.getName()); + ResultSet resultSet = statement.executeQuery(); String worldID = null; while (resultSet.next()) { @@ -250,7 +247,10 @@ public class CoreProtectBridge extends FreedomService // Iterate through each table and delete their data if the world ID matches for (String table : tables) { - statement.executeQuery("DELETE FROM " + table + " WHERE wid = " + worldID); + final PreparedStatement statement1 = connection.prepareStatement("DELETE FROM ? WHERE wid = ?"); + statement1.setString(1, table); + statement1.setString(2, worldID); + statement1.executeQuery(); } connection.close(); diff --git a/src/main/java/me/totalfreedom/totalfreedommod/world/WorldRestrictions.java b/src/main/java/me/totalfreedom/totalfreedommod/world/WorldRestrictions.java index df5e6f0a..f1869635 100644 --- a/src/main/java/me/totalfreedom/totalfreedommod/world/WorldRestrictions.java +++ b/src/main/java/me/totalfreedom/totalfreedommod/world/WorldRestrictions.java @@ -139,7 +139,7 @@ public class WorldRestrictions extends FreedomService event.setCancelled(true); } - if (command.equals("coreprotect") || command.equals("core") || command.equals("co")) + if (command.equalsIgnoreCase("coreprotect") || command.equalsIgnoreCase("core") || command.equalsIgnoreCase("co")) { player.sendMessage(ChatColor.RED + "Only " + allowed + " are allowed to use CoreProtect here."); event.setCancelled(true);