package kr.co.kihyun.tree; import java.io.IOException; import java.sql.ResultSet; //import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.SQLException; import java.util.ArrayList; //import javax.servlet.ServletException; //import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import kr.co.kihyun.beans.user.HttpSSOLogin; //import kr.co.kihyun.lang.Encoder; //import kr.co.kihyun.lang.MInteger; //import kr.co.kihyun.lang.MLong; //import kr.co.kihyun.moumi.MoumiConfig; //import kr.co.kihyun.db.DBManager; import kr.co.kihyun.lang.MString; //import java.util.List; import kr.co.kihyun.db.DBPool; import kr.co.kihyun.service.StatisticsService; import kr.co.kihyun.service.vo.SearchVO; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class MakeSearchJSon extends DBPool { private static final Logger LOG = LoggerFactory.getLogger(StatisticsService.class); public int dataCnt = 1; public Connection con = null; public PrintWriter out = null; public ArrayList list = new ArrayList(); public StringBuffer sbuf = new StringBuffer(); public String userId = null; public MakeSearchJSon(HttpServletRequest req, HttpServletResponse res) { try { res.setContentType("text/html;charset=UTF-8"); userId = HttpSSOLogin.getLoginID(req); out = res.getWriter(); String startId = req.getParameter("startId"); String gubun = MString.checkNull(req.getParameter("gubun"), "ORGAN"); String keyWord = req.getParameter("keyWord"); //인코딩 에러 해결 String encoding=req.getCharacterEncoding().toLowerCase(); if(encoding.contains("8859-1")||encoding.contains("8859_1")){ if (keyWord != null) { keyWord = new String(keyWord.getBytes("8859_1"), "UTF-8"); } } list.add("#" + startId); //2014.08.26 Add By KWON,HAN if (gubun.equals("USER")) { getSearchUserData(keyWord); } else { //++++++++++++++++++++++++++ if (gubun.equals("GROUP") || gubun.equals("GROUP_AREA") || gubun.equals("GROUP_DEPT")) { getSearchGroupData(keyWord, gubun, userId); } else { getSearchData(keyWord); } //++++++++++++++++++++++++++ } //++++++++++++++++++++++++++ sbuf.append("["); for (int ii = 0; ii < list.size(); ii++) { sbuf.append("\"" + list.get(ii) + "\","); } sbuf.append("]"); sbuf.deleteCharAt(sbuf.lastIndexOf(",")); out.println(sbuf.toString()); //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (IOException ioex) { ioex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //System.out.println("error exception1:" + ex); ex.printStackTrace(); } } //++++++++++++++++++++++++++ //2014.08.26 Add By KWON,HAN //++++++++++++++++++++++++++ public void getSearchUserData(String keyWord) { ResultSet rs = null; PreparedStatement stmt = null; //String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%"+keyWord+"%'"; String sql = ""; // sql = sql + "SELECT A.ID \n"; // sql = sql + " , A.NAME \n"; // sql = sql + " , A.DEPT_ID \n"; // sql = sql + " FROM ( SELECT US.ID \n"; sql = sql + " SELECT US.ID \n"; sql = sql + " , sp_cm_dec_fu(US.NAME) AS NAME \n"; sql = sql + " , US.DEPT_ID \n"; sql = sql + " FROM MOUMI_MUSER US \n"; sql = sql + " , MOUMI_DEPT DT \n"; sql = sql + " WHERE US.DEL_TYPE = 'N' \n"; sql = sql + " AND US.DEPT_ID = DT.ID \n"; // sql = sql + " ) A \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql = sql + " WHERE A.ID LIKE '%" + keyWord + "%' \n"; //sql = sql + " OR A.NAME LIKE '%" + keyWord + "%' \n"; // sql = sql + " WHERE A.ID LIKE '%' || " + "?" + " || '%' \n"; sql = sql + " AND US.NAME LIKE ?" + " || '%' \n"; // sql = sql + " AND US.NAME_GENCPT LIKE SP_ENC_GIX_FU(?)" + " || '%' \n"; // sql = sql + " AND US.NAME_GENCPT = SP_ENC_GIX_FU(?) \n"; //================================================== // System.out.println("makesearch encrpt user name :::;" + sql.toString()); // String sId = ""; String sName = ""; String tmp = ""; try { con = getConnection(); stmt = con.prepareStatement(sql); //19.SQL 삽입(getParameter) : Add by KWON,HAN stmt.setString(1, keyWord); // stmt.setString(2, keyWord); //+++++++++++++++++++++++++++++++++++++++ rs = stmt.executeQuery(); /* // 2014.11.14 by YoungJun,Cho : 로컬에서는 잘되는데, 개발계로 실행시 ResultSet 을 탐색하는 도중에 다른 ResultSet 를 탐색할 경우 자동으로 ResultSet 을 닫아버리는 현상이 발견됨. while (rs.next()) { sId = rs.getString(1); sName = rs.getString(1); tmp = rs.getString(3); if (sId == null || sId.equals("")) { continue; } list.add("#" + sId); dataCnt++; if (dataCnt > 500) { return; } //상위부서를 찾아서 조직도 트리를 펼친다, if (tmp == null || tmp.equals("")) { continue; } list.add("#" + tmp); dataCnt++; if (dataCnt > 500) { return; } getSearchLoop(tmp); } */ // 2014.11.14 by YoungJun,Cho // id, name 을 like 검색한 결과를 ResultSet 에 담고 loop 로 탐색하면서, ArrayList(SearchVO 객체)에 저장을 해둔다. // 기존 ResultSet 은 닫아버리고, ArrayList 를 다시 탐색하면서 상위부서를 찾도록 메서드를 실행한다. // id, name 을 like 검색한 결과를 저장할 ArrayList 선언. ArrayList searchList = new ArrayList(); // 쿼리 결과를 탐색. while(rs.next()) { // sId = rs.getString(1); // id sName = rs.getString(1); // name tmp = rs.getString(3); // dept_id // id 가 없는 경우 skip 하고 다음 record 탐색. // if (sId == null || sId.equals("")) { // continue; // } // ResultSet 을 탐색한 레코드별로 SearchVO 객체에 저장. SearchVO tmpSearchUser = new SearchVO(); // tmpSearchUser.setId( sId ); tmpSearchUser.setName( sName ); tmpSearchUser.setDeptId( tmp ); // ArrayList 에 탐색 결과 추가. searchList.add(tmpSearchUser); } // ResultSet 탐색을 모두 마쳤으므로, 닫아버린다. if (rs != null) { rs.close(); } // id, name 을 like 검색한 결과(ArrayList) 를 재탐색(상위부서를 찾기 위해) for(SearchVO searchData : searchList) { list.add("#" + searchData.getId()); dataCnt++; if (dataCnt > 500) { return; } //상위부서를 찾아서 조직도 트리를 펼친다, if (searchData.getDeptId() == null || searchData.getDeptId().equals("")) { continue; } list.add("#" + searchData.getDeptId()); dataCnt++; if (dataCnt > 500) { return; } getSearchLoop(searchData.getDeptId()); } //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { ex.printStackTrace(); } finally { if (rs != null) { try { rs.close(); rs = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (stmt != null) { try { stmt.close(); stmt = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (con != null) { try { con.close(); con = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } } } public void getSearchData(String keyWord) { ResultSet rs = null; PreparedStatement stmt = null; //String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE SEL_TYPE='Y' AND NAME LIKE '%"+keyWord+"%'"; //String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%"+keyWord+"%'"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //String sql = "SELECT NVL(UPPER_DEPT, ORGAN) AS UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%" + keyWord + "%'"; String sql = "SELECT NVL(UPPER_DEPT, ORGAN) AS UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%' || " + "?" + " || '%' "; //================================================== try { con = getConnection(); stmt = con.prepareStatement(sql); //19.SQL 삽입(getParameter) : Add by KWON,HAN stmt.setString(1, keyWord); //+++++++++++++++++++++++++++++++++++++++ rs = stmt.executeQuery(); /* // 2014.11.14 by YoungJun,Cho : 로컬에서는 잘되는데, 개발계로 실행시 ResultSet 을 탐색하는 도중에 다른 ResultSet 를 탐색할 경우 자동으로 ResultSet 을 닫아버리는 현상이 발견됨. while (rs.next()) { String tmp = rs.getString(1); if (tmp == null || tmp.equals("")) { continue; } list.add("#" + tmp); dataCnt++; if (dataCnt > 500) { return; } getSearchLoop(tmp); } */ // 2014.11.14 by YoungJun,Cho // name 을 like 검색한 결과를 ResultSet 에 담고 loop 로 탐색하면서, ArrayList(SearchVO 객체)에 저장을 해둔다. // 기존 ResultSet 은 닫아버리고, ArrayList 를 다시 탐색하면서 상위부서를 찾도록 메서드를 실행한다. // name 을 like 검색한 결과를 저장할 ArrayList 선언. ArrayList searchList = new ArrayList(); // 쿼리 결과를 탐색. while(rs.next()) { String tmpUpperDept = rs.getString(1); // upper_dept // upper_dept 가 없는 경우 skip 하고 다음 record 탐색. if (tmpUpperDept == null || tmpUpperDept.equals("")) { continue; } // ResultSet 을 탐색한 레코드별로 SearchVO 객체에 저장. SearchVO tmpSearch = new SearchVO(); tmpSearch.setUpperDept( tmpUpperDept ); // ArrayList 에 탐색 결과 추가. searchList.add(tmpSearch); } // ResultSet 탐색을 모두 마쳤으므로, 닫아버린다. if (rs != null) { rs.close(); } // id, name 을 like 검색한 결과(ArrayList) 를 재탐색(상위부서를 찾기 위해) for (SearchVO searchData : searchList) { String tmpUpperDept = searchData.getUpperDept(); list.add("#" + tmpUpperDept); dataCnt++; if (dataCnt > 500) { return; } //상위부서를 찾아서 조직도 트리를 펼친다, getSearchLoop(tmpUpperDept); } //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //System.out.println("error exception2:" + ex); ex.printStackTrace(); } finally { if (rs != null) { try { rs.close(); rs = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (stmt != null) { try { stmt.close(); stmt = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (con != null) { try { con.close(); con = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } } } public void getSearchGroupData(String keyWord, String strGubun, String strUserId) { ResultSet rs = null; PreparedStatement stmt = null; //String sql="SELECT PART_ID FROM MOUMI_USER_DEPT WHERE DEL_TYPE='N' AND NAME LIKE '%"+keyWord+"%'"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //String sql = "SELECT PART_ID FROM MOUMI_USER_DEPT WHERE NAME LIKE '%" + keyWord + "%' \n"; String sql = "SELECT PART_ID FROM MOUMI_USER_DEPT WHERE NAME LIKE '%' || " + "?" + " || '%' \n"; //================================================== if (strGubun.equals("GROUP")) { //2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupCommonSql 에서 가져옴 sql += "UNION \n"; sql += "SELECT UP.ID AS PART_ID \n"; sql += " --, UP.NAME AS DEPT_NAME \n"; sql += " --, UP.USER_ID \n"; sql += " --, UP.ID AS DEPT_ID \n"; sql += " --, 'closed' AS STATE \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; sql += " , MOUMI_USER_PART UP \n"; sql += " WHERE DT.ORGAN IS NOT NULL \n"; sql += " AND US.DEPT_ID=DT.ID \n"; sql += " AND (UP.USER_ID=US.ID AND UP.USER_ID IN (SELECT ID FROM MOUMI_MUSER WHERE SYS_AUTH=9)) \n"; sql += " AND UP.USE_YN = 'Y' \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n"; sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n"; //=========================================== sql += " ORDER BY 1 \n"; } if (strGubun.equals("GROUP_AREA")) { //2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupAreaSql 에서 가져옴 sql += "UNION \n"; sql += " SELECT UP.ID AS PART_ID \n"; sql += " --, UP.NAME AS DEPT_NAME \n"; sql += " --, UP.USER_ID \n"; sql += " --, UP.ID AS DEPT_ID \n"; sql += " --, 'closed' AS STATE \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; sql += " , MOUMI_DEPT GR \n"; sql += " , MOUMI_USER_PART UP \n"; sql += " WHERE DT.ORGAN IS NOT NULL \n"; sql += " AND US.DEPT_ID=DT.ID \n"; sql += " AND DT.ORGAN = GR.ID \n"; sql += " AND UP.USER_ID=US.ID \n"; sql += " AND UP.USE_YN = 'Y' \n"; sql += " AND UP.USER_ID IN ( \n"; sql += " SELECT US.ID \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; sql += " WHERE US.SYS_AUTH=7 \n"; sql += " AND US.DEPT_ID = DT.ID \n"; sql += " AND DT.ORGAN = ( SELECT GR.ID \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; sql += " , MOUMI_DEPT GR \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql += " WHERE US.ID='" + userId + "' \n"; sql += " WHERE US.ID= " + "?" + " \n"; //=========================================== sql += " AND US.DEPT_ID = DT.ID \n"; sql += " AND DT.ORGAN = GR.ID \n"; sql += " ) \n"; sql += " ) \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n"; sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n"; //========================================== sql += " ORDER BY 1 \n"; } if (strGubun.equals("GROUP_DEPT")) { //2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupDeptSql 에서 가져옴 sql += "UNION \n"; sql += "SELECT UP.ID AS PART_ID \n"; sql += " --, UP.NAME AS DEPT_NAME \n"; sql += " --, UP.USER_ID \n"; sql += " --, UP.ID AS DEPT_ID \n"; sql += " --, 'closed' AS STATE \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; sql += " , MOUMI_DEPT GR \n"; sql += " , MOUMI_USER_PART UP \n"; sql += " WHERE DT.ORGAN IS NOT NULL \n"; sql += " AND US.DEPT_ID=DT.ID \n"; sql += " AND DT.ORGAN = GR.ID \n"; sql += " AND UP.USER_ID=US.ID \n"; sql += " AND UP.USE_YN = 'Y' \n"; sql += " AND UP.USER_ID IN ( \n"; sql += " select us.id \n"; sql += " from moumi_muser us \n"; sql += " , moumi_dept dt \n"; sql += " where us.dept_id = dt.ID \n"; sql += " and dt.id = ( SELECT dt.ID \n"; sql += " FROM MOUMI_MUSER US \n"; sql += " , MOUMI_DEPT DT \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql += " WHERE US.ID='" + userId + "' \n"; sql += " WHERE US.ID= " + "?" + " \n"; //========================================== sql += " and US.DEPT_ID = dt.id \n"; sql += " ) \n"; sql += " ) \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN //sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n"; sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n"; //=========================================== sql += " ORDER BY 1 \n"; } // LOG.debug("MakeSearchJSon.getSearchGroupData sql={} \n", sql.toString()); // LOG.debug("userId={}", userId); // LOG.debug("keyWord={}", keyWord); try { con = getConnection(); stmt = con.prepareStatement(sql); //19.SQL 삽입(getParameter) : Add by KWON,HAN stmt.setString(1, keyWord); if (strGubun.equals("GROUP")) { stmt.setString(2, keyWord); } if (strGubun.equals("GROUP_AREA")) { stmt.setString(2, userId); stmt.setString(3, keyWord); } if (strGubun.equals("GROUP_DEPT")) { stmt.setString(2, userId); stmt.setString(3, keyWord); } //+++++++++++++++++++++++++++++++++++++++ rs = stmt.executeQuery(); while (rs.next()) { String tmp = rs.getString(1); //LOG.debug("tmp={}", tmp); if (tmp == null || tmp.equals("")) { continue; } list.add("#" + tmp); dataCnt++; if (dataCnt > 500) { return; } //2014.09.15 Delete by KWON,HAN : 필요없는 로직임. //getSearchLoop(tmp); } //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { ex.printStackTrace(); } finally { if (rs != null) { try { rs.close(); rs = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (stmt != null) { try { stmt.close(); stmt = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (con != null) { try { con.close(); con = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } } } public void getSearchLoop(String tmpp) { if (dataCnt > 500) { return; } ResultSet rs = null; PreparedStatement stmt = null; /*String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE SEL_TYPE='Y' AND ID='"+tmpp+"' "; sql+="AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT<>'"+tmpp+"')";*/ String sql = "SELECT UPPER_DEPT \n"; sql += " FROM MOUMI_DEPT \n"; //19.SQL 삽입(getParameter) : Update by KWON,HAN // sql += " WHERE ID ='" + tmpp + "' \n"; // sql += " AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT <>'" + tmpp + "') \n"; sql += " WHERE ID = " + "?" + " \n"; sql += " AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT <> " + "?" + ") \n"; //========================================== // LOG.debug("MakeSearchJSon.getSearchLoop sql={} \n", sql.toString()); // LOG.debug("tmpp={}", tmpp); try { stmt = con.prepareStatement(sql); //19.SQL 삽입(getParameter) : Update by KWON,HAN //17.SQL 삽입(Database)_CWE-89 stmt.setString(1, tmpp); stmt.setString(2, tmpp); //========================================== rs = stmt.executeQuery(); if (rs.next()) { String tmp1 = rs.getString(1); if (tmp1 == null || tmp1.equals("")) { return; } list.add("#" + tmp1); dataCnt++; getSearchLoop(tmp1); } //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { ex.printStackTrace(); } finally { if (rs != null) { try { rs.close(); rs = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } if (stmt != null) { try { stmt.close(); stmt = null; //44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO } catch (SQLException sqlex) { sqlex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } catch (Exception ex) { //31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO ex.printStackTrace(); //++++++++++++++++++++++++++++++++++++++++++++++++ } } } } }