MrBesen
/
YoutubeCrawler
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

escaped some sql

This commit is contained in:
mrbesen 2021-10-24 23:10:37 +02:00
parent 9d1d73137e
commit ba270f85f6
Signed by: MrBesen
GPG Key ID: 596B2350DCD67504
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/de/mrbesen/youtubecrawler/DB.java
View File

@ -138,7 +138,7 @@ public class DB implements Runnable {
for(int i = 0; i < input.size(); i++) { for(int i = 0; i < input.size(); i++) {
Video v = input.get(i); Video v = input.get(i);
if(v != null) if(v != null)
tostorebuffer.append(",('").append(v.id).append("','").append(v.length).append("','").append(v.created).append("','").append(v.languageCode).append("','").append(v.categorie).append("','").append(v.title).append("','").append(v.channel).append("','").append(v.tags).append("') "); tostorebuffer.append(",('").append(escape(v.id)).append("',").append(v.length).append(",").append(v.created).append(",'").append(escape(v.languageCode)).append("',").append(v.categorie).append(",'").append(escape(v.title)).append("','").append(escape(v.channel)).append("','").append(escape(v.tags)).append("') ");
} }
} }
} }
@ -157,6 +157,10 @@ public class DB implements Runnable {
} }
} }
private String escape(String e) {
return e.replace("'", "\\'");
}
public void updateVideos(List<Video> input) { public void updateVideos(List<Video> input) {
log.info("Updateing " + input.size() + " videos."); log.info("Updateing " + input.size() + " videos.");
for(Video v : input) { for(Video v : input) {
@ -167,7 +171,7 @@ public class DB implements Runnable {
private void updateVideo(Video v) { private void updateVideo(Video v) {
try { try {
String qu = "UPDATE `videos` SET `length` = '" + v.length + "', `created` = '" + v.created + "', `langcode` = SUBSTR('" + v.languageCode + "', 1, 3) ,`category` = '" + v.categorie + "',`videotitle` = SUBSTR('" + v.title + "',1,100),`channel` = SUBSTR('" + v.channel + "',1,20),`tags` = '" + v.tags.substring(0, v.tags.length() > 40 ? 40 : v.tags.length()) + "' WHERE `id` = '" + v.id + "';"; String qu = "UPDATE `videos` SET `length` = " + v.length + ", `created` = " + v.created + ", `langcode` = SUBSTR('" + v.languageCode + "', 1, 3) ,`category` = " + v.categorie + ",`videotitle` = SUBSTR('" + escape(v.title) + "',1,100),`channel` = SUBSTR('" + escape(v.channel) + "',1,20),`tags` = '" + escape(v.tags) + "' WHERE `id` = '" + escape(v.id) + "';";
update(qu); update(qu);
} catch(NullPointerException e) { } catch(NullPointerException e) {
@ -191,7 +195,7 @@ public class DB implements Runnable {
public void removeVideos(LinkedList<Video> vids) { public void removeVideos(LinkedList<Video> vids) {
log.info("Delete " + vids.size() + " videos."); log.info("Delete " + vids.size() + " videos.");
for(Video s : vids) { for(Video s : vids) {
update("DELETE FROM `videos` WHERE `id`='" + s.id + "';"); update("DELETE FROM `videos` WHERE `id`='" + escape(s.id) + "';");
} }
} }
@ -280,7 +284,7 @@ public class DB implements Runnable {
log.info("store Temp to buffer: " + strings.size()); log.info("store Temp to buffer: " + strings.size());
writetempbuffercurrentsize += strings.size(); writetempbuffercurrentsize += strings.size();
for(String s : strings) { for(String s : strings) {
totempbuffer.append(", ('").append(s).append("')"); totempbuffer.append(", ('").append(escape(s)).append("')");
} }
} }
if(writetempbuffercurrentsize > writebuffersize || force) { if(writetempbuffercurrentsize > writebuffersize || force) {