Skip to content
Permalink
Browse files Browse the repository at this point in the history
data a funcionar mas sem proteger sql injection
  • Loading branch information
amdinis committed Nov 12, 2014
1 parent fcdb18b commit aa128b2
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 9 deletions.
8 changes: 4 additions & 4 deletions Cnn-EJB/ejbModule/ejbs/NewsBean.java
Expand Up @@ -93,8 +93,8 @@ public List<News> newsFromAuthor(String author, String region){
* @return lista de notícias ordenadas
*/
public List<News> newsMoreRecentThan(String date){
Query query = em.createQuery("SELECT n FROM News n WHERE n.date > :d ORDER BY date DESC");
query.setParameter("d", date);
Query query = em.createQuery("SELECT n FROM News n WHERE n.date > '"+date+"' ORDER BY date DESC");
//query.setParameter("d", date);

@SuppressWarnings("unchecked")
List<News> news = query.getResultList();
Expand All @@ -103,9 +103,9 @@ public List<News> newsMoreRecentThan(String date){
}

public List<News> newsMoreRecentThan(String date, String region){
Query query = em.createQuery("SELECT n FROM News n WHERE n.region LIKE :r AND n.date > :d ORDER BY date DESC");
Query query = em.createQuery("SELECT n FROM News n WHERE n.region LIKE :r AND n.date > '"+date+"' ORDER BY date DESC");
query.setParameter("r", region);
query.setParameter("d", date);
//query.setParameter("d", date);

@SuppressWarnings("unchecked")
List<News> news = query.getResultList();
Expand Down
5 changes: 1 addition & 4 deletions Cnn-Web/WebContent/AllNews.jsp
Expand Up @@ -113,9 +113,6 @@
<div class="panel-body">
<!-- Autor(es) -->
<!--
<c:set var="string2" value="This is second String."/>
<c:set var="numAuthors" value="${fn:length(string2)}"/>
<p>Length of String (2) : ${numAuthors}</p>
<c:if test="${numAuthors > 0}">
by
Expand All @@ -131,7 +128,7 @@
</c:otherwise>
</c:choose>
</c:if>
-->
-->
<!-- Data -->
on
<fmt:formatDate pattern="yyyy/MM/dd HH:mm" value="${news.date}" />
Expand Down
1 change: 1 addition & 0 deletions Cnn-Web/WebContent/DateNews.jsp
Expand Up @@ -54,6 +54,7 @@

<%
String date = session.getAttribute("date").toString();
//System.out.println("DATA: " + date);
%>
<h1>News more recent than <%= date %></h1>

Expand Down
2 changes: 1 addition & 1 deletion Cnn-Web/WebContent/Menu.jsp
Expand Up @@ -112,7 +112,7 @@

<form action="DateNewsServlet" method="GET" id="login_form" onsubmit="return validateForm('date')">
<p>
List news more recent than <input type="text" name="date" id="date" />
List news more recent than <input type="datetime-local" name="date" id="date" />
<input type="SUBMIT" value="Ok" />
</p>
</form>
Expand Down

0 comments on commit aa128b2

Please sign in to comment.