From fd3b2e951400bf69ca9394d752118b6a3c039516 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 20 Jan 2017 14:10:46 +0300 Subject: juick-server: database tags should not be escaped now --- .../main/java/com/juick/service/TagServiceImpl.java | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'juick-server') diff --git a/juick-server/src/main/java/com/juick/service/TagServiceImpl.java b/juick-server/src/main/java/com/juick/service/TagServiceImpl.java index 61f23d71..cb345ceb 100644 --- a/juick-server/src/main/java/com/juick/service/TagServiceImpl.java +++ b/juick-server/src/main/java/com/juick/service/TagServiceImpl.java @@ -4,7 +4,6 @@ import com.juick.Tag; import com.juick.server.helpers.TagStats; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.ArrayUtils; -import org.apache.commons.lang3.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.core.RowMapper; @@ -16,7 +15,10 @@ import org.springframework.transaction.annotation.Transactional; import org.springframework.util.Assert; import javax.inject.Inject; -import java.sql.*; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -49,7 +51,7 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { List list = getJdbcTemplate().query( "SELECT synonym_id,name FROM tags WHERE tag_id=?", (rs, num) -> { - Tag ret = new Tag(StringEscapeUtils.unescapeHtml4(rs.getString(2))); + Tag ret = new Tag(rs.getString(2)); ret.TID = tid; ret.SynonymID = rs.getInt(1); return ret; @@ -69,12 +71,12 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { List list = getJdbcTemplate().query( "SELECT tag_id, synonym_id, name FROM tags WHERE name = ?", (rs, rowNum) -> { - Tag ret1 = new Tag(StringEscapeUtils.unescapeHtml4(rs.getString(3))); + Tag ret1 = new Tag(rs.getString(3)); ret1.TID = rs.getInt(1); ret1.SynonymID = rs.getInt(2); return ret1; }, - StringEscapeUtils.escapeHtml4(tag)); + tag); Tag ret = list.isEmpty() ? null : list.get(0); @@ -124,7 +126,7 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { PreparedStatement stmt = con.prepareStatement( "INSERT INTO tags(name) VALUES (?)", Statement.RETURN_GENERATED_KEYS); - stmt.setString(1, StringEscapeUtils.escapeHtml4(name)); + stmt.setString(1, name); return stmt; }, holder); @@ -136,7 +138,7 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { @Override public TagStats mapRow(ResultSet rs, int rowNum) throws SQLException { - Tag t = new Tag(StringEscapeUtils.unescapeHtml4(rs.getString(1))); + Tag t = new Tag(rs.getString(1)); TagStats s = new TagStats(); s.setTag(t); s.setUsageCount(rs.getInt(2)); @@ -171,7 +173,6 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { return getJdbcTemplate().queryForList( "SELECT name FROM tags WHERE top=1 ORDER BY name ASC", String.class) .stream() - .map(StringEscapeUtils::unescapeHtml4) .collect(Collectors.toList()); } @@ -239,7 +240,7 @@ public class TagServiceImpl extends BaseJdbcService implements TagService { "SELECT tags.tag_id,synonym_id,name,stat_messages FROM tags " + "INNER JOIN messages_tags ON (messages_tags.message_id = ? AND messages_tags.tag_id = tags.tag_id)", (rs, num) -> { - com.juick.Tag t = new com.juick.Tag(StringEscapeUtils.unescapeHtml4(rs.getString(3))); + com.juick.Tag t = new com.juick.Tag(rs.getString(3)); t.TID = rs.getInt(1); t.SynonymID = rs.getInt(2); TagStats s = new TagStats(); -- cgit v1.2.3