Skip to content
Snippets Groups Projects
Commit f523b625 authored by Eilert Tunheim's avatar Eilert Tunheim
Browse files

Added check for max 10 characters in input field, for sql injection security,... 

Added check for max 10 characters in input field, for sql injection security, not printing error message to user yet tho
parent 3d74bf60
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 165 additions and 186 deletions
src/main/java/com/application/DB/Constants.java
+ 0
18
View file @ f523b625
package com.application.DB;
import javafx.beans.property.SimpleIntegerProperty;
import javafx.beans.value.ObservableValue;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
......@@ -21,18 +18,6 @@ public final class Constants {
// Today's date
public static final String CURRENT_DATE = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss").format(LocalDateTime.now());
// Start- & end time
public static String START_TIME = "";
public static String STOP_TIME = "";
// Boolean variable to tell if the drying process is finished
public static boolean IS_FINISHED = false;
// User inputs
public static String TREE_SPECIES = "";
public static String DIMENSIONS = "";
public static String SAWSET = "";
public static String MOISTURE_GOAL = "";
public static String TIME_LEFT = "";
// Number of manual moisture checks
......@@ -47,9 +32,6 @@ public final class Constants {
// Non linear regression
public static final double ADJUST_REGRESSION = 5.5;
// Number percentage to display the searching for data
public static ObservableValue<Integer> PERCENTAGE = new SimpleIntegerProperty().asObject();
// Current sawmill settings;
public static final String PROJECT_ID = "sf-drying-optimization";
public static final int LOCATION_ID = 124;
......
src/main/java/com/application/DB/DB.java
+ 37
31
View file @ f523b625
......@@ -6,6 +6,7 @@ import org.joda.time.DateTime;
import java.util.*;
import static com.application.DB.Constants.*;
import static com.application.DB.HelpingFunctions.getNoOfChambers;
/**
* This class is responsible for handling database related activities
......@@ -25,7 +26,8 @@ public class DB {
//getKwh();
//getName();
//getZeroPointDate();
System.out.println(setInputParameters());
//System.out.println(setInputParameters());
getNoOfChambers();
}
......@@ -70,6 +72,9 @@ public class DB {
String valueIDName;
int valueID;
getNoOfChambers();
int chamberNo = 1;
while(true){
......@@ -91,16 +96,16 @@ public class DB {
if (location.getKey() == 124) {
// If location is Valasen, then the database stores furu as fura, swedish.
if (TREE_SPECIES.equalsIgnoreCase("Furu")) {
TREE_SPECIES = "Fura";
if (HelpingFunctions.TREE_SPECIES.equalsIgnoreCase("Furu")) {
HelpingFunctions.TREE_SPECIES = "Fura";
}
locationTables = getValasenTableNames();
valmeticsChamberIDS = getValasenValmeticsChamberIDS();
kwhChamberIDS = getValasenKwhChamberIDS();
}
if (location.getKey() == 174) {
if (TREE_SPECIES.equalsIgnoreCase("Fura")) {
TREE_SPECIES = "Furu";
if (HelpingFunctions.TREE_SPECIES.equalsIgnoreCase("Fura")) {
HelpingFunctions.TREE_SPECIES = "Furu";
}
locationTables = getArjangTableNames();
valmeticsChamberIDS = getArjangValmeticsChamberIDS();
......@@ -124,33 +129,33 @@ public class DB {
//valueID = Integer.parseInt(location.getValue().get(locationTables.get("Kwh")).get("ValueID"));
System.out.printf("Tree species: \t%s\n", TREE_SPECIES);
System.out.printf("Width: \t\t\t%s\n", DIMENSIONS);
System.out.printf("Sawset: \t\t%s\n", SAWSET);
System.out.printf("Moisture: \t\t%s\n", MOISTURE_GOAL);
System.out.printf("Tree species: \t%s\n", HelpingFunctions.TREE_SPECIES);
System.out.printf("Width: \t\t\t%s\n", HelpingFunctions.DIMENSIONS);
System.out.printf("Sawset: \t\t%s\n", HelpingFunctions.SAWSET);
System.out.printf("Moisture: \t\t%s\n", HelpingFunctions.MOISTURE_GOAL);
// Defining the extra sql statements for extra parameters
treeSpecies = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + TREE_SPECIES + "%" + '"' + ") ";
dimensions = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + DIMENSIONS + "%" + '"' + ") ";
sawset = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + SAWSET + "%" + '"' + ") ";
moistureGoal = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + MOISTURE_GOAL + "\\\\%" + "%" + '"' + ") ";
treeSpecies = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + HelpingFunctions.TREE_SPECIES + "%" + '"' + ") ";
dimensions = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + HelpingFunctions.DIMENSIONS + "%" + '"' + ") ";
sawset = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + HelpingFunctions.SAWSET + "%" + '"' + ") ";
moistureGoal = "AND LOWER(" + nameParameter + ") LIKE LOWER(" + '"' + "%" + HelpingFunctions.MOISTURE_GOAL + "\\\\%" + "%" + '"' + ") ";
// 1. Checking if user input is empty.
// 2. Checking if the extraInputParameter variable already contains the extra parameters,
// if so not adding a second time.
// 3. Checking if the while loop have previously removed the parameter, if so, not adding again.
if (!TREE_SPECIES.isEmpty() && !extraInputParameter.contains(treeSpecies) && !treespeciesRemoved) {
if (!HelpingFunctions.TREE_SPECIES.isEmpty() && !extraInputParameter.contains(treeSpecies) && !treespeciesRemoved) {
extraInputParameter += treeSpecies;
}
if (!DIMENSIONS.isEmpty() && !extraInputParameter.contains(dimensions) && !dimensionsRemoved) {
if (!HelpingFunctions.DIMENSIONS.isEmpty() && !extraInputParameter.contains(dimensions) && !dimensionsRemoved) {
extraInputParameter += dimensions;
}
if (!SAWSET.isEmpty() && !extraInputParameter.contains(sawset) && !sawsetRemoved) {
if (!HelpingFunctions.SAWSET.isEmpty() && !extraInputParameter.contains(sawset) && !sawsetRemoved) {
extraInputParameter += sawset;
}
if (!MOISTURE_GOAL.isEmpty() && !extraInputParameter.contains(moistureGoal) && !moistureRemoved) {
if (!HelpingFunctions.MOISTURE_GOAL.isEmpty() && !extraInputParameter.contains(moistureGoal) && !moistureRemoved) {
extraInputParameter += moistureGoal;
}
......@@ -172,6 +177,7 @@ public class DB {
System.out.printf("valueID: \t%d\n",valueID);
//System.out.println("Før results");
Map<Integer, Map<String, Number>> results = new TreeMap<>(getKwh(getZeroPointDate(locationID, extraInputParameter, nameParameter, kilinName, kilinID, startDryingTime, stopDryingTime, valmeticsTableName, limit),
locationID, kwhTableName, KwhName, timestamp, valueIDName, valueID, index));
......@@ -570,29 +576,29 @@ public class DB {
String moistureGoal;
// Checks if variables is not null, if so, formats correctly for the sql statement
if(!START_TIME.equals("")){
startTime = '"'+START_TIME+'"';
if(!HelpingFunctions.START_TIME.equals("")){
startTime = '"'+ HelpingFunctions.START_TIME+'"';
}
if(STOP_TIME != null){
stopTime = '"'+STOP_TIME+'"';
if(HelpingFunctions.STOP_TIME != null){
stopTime = '"'+ HelpingFunctions.STOP_TIME+'"';
}
if(!TREE_SPECIES.equals("")){
treeSpecies = '"'+TREE_SPECIES+'"';
if(!HelpingFunctions.TREE_SPECIES.equals("")){
treeSpecies = '"'+ HelpingFunctions.TREE_SPECIES+'"';
} else {
treeSpecies = null;
}
if(!DIMENSIONS.equals("")){
dimensions = '"'+DIMENSIONS+'"';
if(!HelpingFunctions.DIMENSIONS.equals("")){
dimensions = '"'+ HelpingFunctions.DIMENSIONS+'"';
} else {
dimensions = null;
}
if(!SAWSET.equals("")){
sawset = '"'+SAWSET+'"';
if(!HelpingFunctions.SAWSET.equals("")){
sawset = '"'+ HelpingFunctions.SAWSET+'"';
} else {
sawset = null;
}
if(!MOISTURE_GOAL.equals("")){
moistureGoal = '"'+MOISTURE_GOAL+'"';
if(!HelpingFunctions.MOISTURE_GOAL.equals("")){
moistureGoal = '"'+ HelpingFunctions.MOISTURE_GOAL+'"';
} else {
moistureGoal = null;
}
......@@ -623,8 +629,8 @@ public class DB {
// Sqlstatement
final String sqlStatement = "SELECT `" + KWH_TIMESTAMP_NAME_PARAMETER + "`, `" + KWH_NAME_PARAMETER + "` " +
"FROM `" + PROJECT_ID + "." + LOCATION_ID + "." + KWH_TABLE_NAME + "` " +
"WHERE " + KWH_TIMESTAMP_NAME_PARAMETER + " BETWEEN " + '"' + START_TIME + '"' +
" AND " + '"' + STOP_TIME + '"' +
"WHERE " + KWH_TIMESTAMP_NAME_PARAMETER + " BETWEEN " + '"' + HelpingFunctions.START_TIME + '"' +
" AND " + '"' + HelpingFunctions.STOP_TIME + '"' +
" AND " + KWH_VALUE_ID_NAME_PARAMETER + " = " + KWH_VALUE_ID_VALUE_PARAMETER + " " +
" AND " + KWH_NAME_PARAMETER + " <> 0 " +
" ORDER BY " + KWH_TIMESTAMP_NAME_PARAMETER + " ASC";
......
src/main/java/com/application/DB/HelpingFunctions.java
+ 31
1
View file @ f523b625
......@@ -11,11 +11,21 @@ import java.util.HashMap;
import java.util.Map;
import java.util.TimeZone;
import static com.application.DB.Constants.PROJECT_ID;
import static com.application.DB.Constants.*;
public class HelpingFunctions {
// Start- & end time
public static String START_TIME = "";
public static String STOP_TIME = "";
// Boolean variable to tell if the drying process is finished
public static boolean IS_FINISHED = false;
// User inputs
public static String TREE_SPECIES = "";
public static String DIMENSIONS = "";
public static String SAWSET = "";
public static String MOISTURE_GOAL = "";
static Map<String,String> manMoist = new HashMap<>();
/**
......@@ -149,4 +159,24 @@ public class HelpingFunctions {
}
}
}
public static int getNoOfChambers(){
int valmeticsChamberIDS = 0;
int kwhChamberIDS = 0;
int noOfChambers = 0;
System.out.println("Constants.getSawmills().size(): "+Constants.getSawmills().size());
for (HashMap.Entry<Integer, HashMap<String, HashMap<String, String>>> first : Constants.getSawmills().entrySet()) {
if (first.getKey() == 124) {
valmeticsChamberIDS = getValasenValmeticsChamberIDS().size();
kwhChamberIDS = getValasenKwhChamberIDS().size();
}
if (first.getKey() == 174) {
valmeticsChamberIDS = getArjangValmeticsChamberIDS().size();
kwhChamberIDS = getArjangKwhChamberIDS().size();
}
noOfChambers+= Math.min(valmeticsChamberIDS, kwhChamberIDS);
System.out.println("NO_OF_CHAMBERS: "+noOfChambers);
}
return noOfChambers;
}
}
src/main/java/com/application/GUI/InputPopUpWindow.java
+ 84
129
View file @ f523b625
package com.application.GUI;
import com.application.DB.HelpingFunctions;
import javafx.application.Platform;
import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
......@@ -29,6 +30,8 @@ import static com.application.GUI.LineChartFunctionality.loadSingleSeries;
*/
public class InputPopUpWindow {
private static boolean err = false;
public static void exitDataThread(){
Platform.exit();
System.exit(0);
......@@ -91,7 +94,7 @@ public class InputPopUpWindow {
"4ex"
);
ComboBox<String> sawsetList = new ComboBox<>(sawset);
sawsetList.setPromptText("Select Dimensions");
sawsetList.setPromptText("Select Sawset");
sawsetList.setId("inputDropDownBox");
sawsetList.setEditable(true);
......@@ -107,7 +110,7 @@ public class InputPopUpWindow {
"20%"
);
ComboBox<String> moistureList = new ComboBox<>(moistureGoal);
moistureList.setPromptText("Select Dimensions");
moistureList.setPromptText("Select Moisture Goal");
moistureList.setId("inputDropDownBox");
moistureList.setEditable(true);
......@@ -118,171 +121,124 @@ public class InputPopUpWindow {
startButton.setOnAction(e -> {
// Sets the start time
// Sets the start time
START_TIME = CURRENT_DATE;
HelpingFunctions.START_TIME = CURRENT_DATE;
// Retrieves the user inputs
TREE_SPECIES = treeSpeciesList.getValue();
DIMENSIONS = dimensionsList.getValue();
SAWSET = sawsetList.getValue();
if(moistureList.getValue() != null && moistureList.getValue().contains("%"))
{
MOISTURE_GOAL = moistureList.getValue().replace("%","");
} else {
MOISTURE_GOAL = moistureList.getValue();
}
// Retrieves the user inputs
HelpingFunctions.TREE_SPECIES = treeSpeciesList.getValue();
HelpingFunctions.DIMENSIONS = dimensionsList.getValue();
HelpingFunctions.SAWSET = sawsetList.getValue();
if (moistureList.getValue() != null && moistureList.getValue().contains("%")) {
HelpingFunctions.MOISTURE_GOAL = moistureList.getValue().replace("%", "");
} else {
HelpingFunctions.MOISTURE_GOAL = moistureList.getValue();
}
// If the input is null, sets the value to be empty
if (treeSpeciesList.getValue() == null) {
TREE_SPECIES = "";
}
if (dimensionsList.getValue() == null) {
DIMENSIONS = "";
}
if (sawsetList.getValue() == null) {
SAWSET = "";
}
if (moistureList.getValue() == null) {
MOISTURE_GOAL = "";
}
// If the input is null, sets the value to be empty
if (treeSpeciesList.getValue() == null) {
HelpingFunctions.TREE_SPECIES = "";
} else if (treeSpeciesList.getValue().length() > 10) {
treeSpeciesList.setPromptText("A maximum of 10 characters is allowed!");
err = true;
}
if (dimensionsList.getValue() == null) {
HelpingFunctions.DIMENSIONS = "";
} else if (dimensionsList.getValue().length() > 10) {
dimensionsList.setPromptText("A maximum of 10 characters is allowed!");
err = true;
}
if (sawsetList.getValue() == null) {
HelpingFunctions.SAWSET = "";
} else if (sawsetList.getValue().length() > 10) {
sawsetList.setPromptText("A maximum of 10 characters is allowed!");
err = true;
}
if (moistureList.getValue() == null) {
HelpingFunctions.MOISTURE_GOAL = "";
} else if (moistureList.getValue().length() > 10) {
moistureList.setPromptText("A maximum of 10 characters is allowed!");
err = true;
}
setTreeSpeciesText(TREE_SPECIES);
setDimensionsText(DIMENSIONS);
setSawsetText(SAWSET);
setMoistureGoalText(MOISTURE_GOAL);
window.close();
if (!err) {
/*
FutureTask[] randomNumberTasks = new FutureTask[1];
Callable callable = new CallableExample();
randomNumberTasks[0] = new FutureTask(callable);
Thread t = new Thread(randomNumberTasks[0]);
t.start();
setTreeSpeciesText(HelpingFunctions.TREE_SPECIES);
setDimensionsText(HelpingFunctions.DIMENSIONS);
setSawsetText(HelpingFunctions.SAWSET);
setMoistureGoalText(HelpingFunctions.MOISTURE_GOAL);
try {
System.out.println(randomNumberTasks[0].get());
} catch (InterruptedException | ExecutionException ex) {
ex.printStackTrace();
}
window.close();
});
*/
/*
// Fungerende ny thread!!@@@@@
// Gather data
try {
Thread thread = new Thread(() -> {
try {
//getData();
loadSingleSeries(setInputParameters());
//loadMultipleSeries(setInputParameters());
//loadSingleSeries();
//loadMultipleSeries();
// Henter her data fra databasen
Map<Integer, Map<String, Number>> data = setInputParameters();
Platform.runLater(() -> {
try {
loadSingleSeries(data);
} catch (Exception ex) {
ex.printStackTrace();
}
});
} catch (Exception ex) {
ex.printStackTrace();
}
}
);
*/
/*
try{
Thread thread = new Thread(new Runnable() {
@Override
public void run() {
try {
// Henter her data fra databasen
loadSingleSeries(setInputParameters(false,false,false,false));
//loadSingleSeries();
//loadMultipleSeries();
} catch (Exception ex) {
ex.printStackTrace();
}
}
});
thread.setDaemon(true);
thread.start();
} catch (Exception ex) {
ex.printStackTrace();
}
}
);
*/
// Fungerende ny thread!!@@@@@
// Gather data
try{
Thread thread = new Thread(() -> {
// Retrieve data for current drying period
try {
Thread thread = new Thread(() -> {
try {
while (!HelpingFunctions.IS_FINISHED) {
HelpingFunctions.STOP_TIME = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss").format(LocalDateTime.now());
Map<String, Number> data = getCurrentDrying();
Platform.runLater(() -> {
try {
// Henter her data fra databasen
Map<Integer, Map<String, Number>> data = setInputParameters();
Platform.runLater(() -> {
try {
loadSingleSeries(data);
} catch (Exception ex) {
ex.printStackTrace();
}
});
loadLiveData(data);
} catch (Exception ex) {
ex.printStackTrace();
}
}
);
thread.setDaemon(true);
thread.start();
});
Thread.sleep(1000L * NUMBER_OF_SECONDS_LIVE_DATA);
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
);
thread.setDaemon(true);
thread.start();
// Retrieve data for current drying period
try{
Thread thread = new Thread(() -> {
try {
while(!IS_FINISHED){
STOP_TIME = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss").format(LocalDateTime.now());
Map<String, Number> data = getCurrentDrying();
Platform.runLater(() -> {
try {
loadLiveData(data);
} catch (Exception ex) {
ex.printStackTrace();
}
});
Thread.sleep(1000L *NUMBER_OF_SECONDS_LIVE_DATA);
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
);
thread.setDaemon(true);
thread.start();
} catch (Exception ex) {
ex.printStackTrace();
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
);
/*
// Fungerende ny thread!!@@@@@
try{
......@@ -374,5 +330,4 @@ public class InputPopUpWindow {
window.setScene(scene);
window.showAndWait();
}
}
src/main/java/com/application/GUI/OutputPopUpWindow.java
+ 3
2
View file @ f523b625
package com.application.GUI;
import com.application.DB.DB;
import com.application.DB.HelpingFunctions;
import javafx.geometry.Pos;
import javafx.scene.Scene;
import javafx.scene.control.Button;
......@@ -46,7 +47,7 @@ public class OutputPopUpWindow {
try {
if(!moistureCheckTextField.getCharacters().toString().isEmpty() &&
!moistureCheckTextField.getCharacters().toString().equals("Please enter a value")) {
STOP_TIME = null;
HelpingFunctions.STOP_TIME = null;
DB.pushManMoisture(moistureCheckTextField.getCharacters().toString(), false);
NUMBER_OF_CHECKS++;
window.close();
......@@ -65,7 +66,7 @@ public class OutputPopUpWindow {
try {
if(!moistureCheckTextField.getCharacters().toString().isEmpty() &&
!moistureCheckTextField.getCharacters().toString().equals("Please enter a value")) {
STOP_TIME = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss").format(LocalDateTime.now());
HelpingFunctions.STOP_TIME = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss").format(LocalDateTime.now());
DB.pushManMoisture(moistureCheckTextField.getCharacters().toString(),true);
window.close();
} else {
......
src/main/java/com/application/Main.java
+ 10
5
View file @ f523b625
package com.application;
import com.application.DB.HelpingFunctions;
import com.application.GUI.InputPopUpWindow;
import com.application.GUI.OutputPopUpWindow;
import com.application.GUI.RingProgressIndicator;
......@@ -162,7 +163,7 @@ public class Main extends Application {
treeSpeciesText = new TextField();
treeSpeciesText.setId("sideBarLabelText");
treeSpeciesText.setPromptText("No Input");
treeSpeciesText.setText(TREE_SPECIES);
treeSpeciesText.setText(HelpingFunctions.TREE_SPECIES);
treeSpeciesText.setEditable(false);
Label dimensionsLabel = new Label("Width x Height");
......@@ -170,7 +171,7 @@ public class Main extends Application {
dimensionsText = new TextField();
dimensionsText.setId("sideBarLabelText");
dimensionsText.setPromptText("No Input");
dimensionsText.setText(DIMENSIONS);
dimensionsText.setText(HelpingFunctions.DIMENSIONS);
dimensionsText.setEditable(false);
Label sawsetLabel = new Label("Sawset");
......@@ -178,7 +179,7 @@ public class Main extends Application {
sawsetText = new TextField();
sawsetText.setId("sideBarLabelText");
sawsetText.setPromptText("No Input");
sawsetText.setText(SAWSET);
sawsetText.setText(HelpingFunctions.SAWSET);
sawsetText.setEditable(false);
Label moistureGoalLabel = new Label("Moisture Goal");
......@@ -186,7 +187,7 @@ public class Main extends Application {
moistureGoalText = new TextField();
moistureGoalText.setId("sideBarLabelText");
moistureGoalText.setPromptText("No Input");
moistureGoalText.setText(MOISTURE_GOAL);
moistureGoalText.setText(HelpingFunctions.MOISTURE_GOAL);
moistureGoalText.setEditable(false);
Label timeLeftLabel = new Label("Time Left");
......@@ -226,11 +227,15 @@ public class Main extends Application {
@Override
public void run(){
try {
Thread.sleep(100000);
//Thread.sleep(10000);
wait();
} catch (InterruptedException e) {
e.printStackTrace();
}
while (true){
try {
Thread.sleep(100);
......
target/classes/com/application/DB/Constants.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/DB/DB.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/DB/HelpingFunctions.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/GUI/InputPopUpWindow.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/GUI/OutputPopUpWindow.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/Main$1WorkerThread.class
+ 0
0
View file @ f523b625
No preview for this file type
target/classes/com/application/Main.class
+ 0
0
View file @ f523b625
No preview for this file type
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment