jskim
/
moumiKnu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
knu project
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
69 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 1420a4cf07
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1420a4cf07'
${ noResults }
moumiKnu/src_bak/kr/co/kihyun/tree/MakeSearchJSon.java

682 lines
30 KiB
Raw Blame History

package kr.co.kihyun.tree;
import java.io.IOException;
import java.sql.ResultSet;
//import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.ArrayList;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kr.co.kihyun.beans.user.HttpSSOLogin;
//import kr.co.kihyun.lang.Encoder;
//import kr.co.kihyun.lang.MInteger;
//import kr.co.kihyun.lang.MLong;
//import kr.co.kihyun.moumi.MoumiConfig;
//import kr.co.kihyun.db.DBManager;
import kr.co.kihyun.lang.MString;
//import java.util.List;
import kr.co.kihyun.db.DBPool;
import kr.co.kihyun.service.StatisticsService;
import kr.co.kihyun.service.vo.SearchVO;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class MakeSearchJSon extends DBPool {
private static final Logger LOG = LoggerFactory.getLogger(StatisticsService.class);
public int dataCnt = 1;
public Connection con = null;
public PrintWriter out = null;
public ArrayList list = new ArrayList();
public StringBuffer sbuf = new StringBuffer();
public String userId = null;
public MakeSearchJSon(HttpServletRequest req, HttpServletResponse res) {
try {
res.setContentType("text/html;charset=UTF-8");
userId = HttpSSOLogin.getLoginID(req);
out = res.getWriter();
String startId = req.getParameter("startId");
String gubun = MString.checkNull(req.getParameter("gubun"), "ORGAN");
String keyWord = req.getParameter("keyWord");
//인코딩 에러 해결
String encoding=req.getCharacterEncoding().toLowerCase();
if(encoding.contains("8859-1")||encoding.contains("8859_1")){
if (keyWord != null) {
keyWord = new String(keyWord.getBytes("8859_1"), "UTF-8");
}
}
list.add("#" + startId);
//2014.08.26 Add By KWON,HAN
if (gubun.equals("USER")) {
getSearchUserData(keyWord);
} else {
//++++++++++++++++++++++++++
if (gubun.equals("GROUP") || gubun.equals("GROUP_AREA") || gubun.equals("GROUP_DEPT")) {
getSearchGroupData(keyWord, gubun, userId);
} else {
getSearchData(keyWord);
}
//++++++++++++++++++++++++++
}
//++++++++++++++++++++++++++
sbuf.append("[");
for (int ii = 0; ii < list.size(); ii++) {
sbuf.append("\"" + list.get(ii) + "\",");
}
sbuf.append("]");
sbuf.deleteCharAt(sbuf.lastIndexOf(","));
out.println(sbuf.toString());
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (IOException ioex) {
ioex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//System.out.println("error exception1:" + ex);
ex.printStackTrace();
}
}
//++++++++++++++++++++++++++
//2014.08.26 Add By KWON,HAN
//++++++++++++++++++++++++++
public void getSearchUserData(String keyWord) {
ResultSet rs = null;
PreparedStatement stmt = null;
//String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%"+keyWord+"%'";
String sql = "";
// sql = sql + "SELECT A.ID \n";
// sql = sql + " , A.NAME \n";
// sql = sql + " , A.DEPT_ID \n";
// sql = sql + " FROM ( SELECT US.ID \n";
sql = sql + " SELECT US.ID \n";
sql = sql + " , sp_cm_dec_fu(US.NAME) AS NAME \n";
sql = sql + " , US.DEPT_ID \n";
sql = sql + " FROM MOUMI_MUSER US \n";
sql = sql + " , MOUMI_DEPT DT \n";
sql = sql + " WHERE US.DEL_TYPE = 'N' \n";
sql = sql + " AND US.DEPT_ID = DT.ID \n";
// sql = sql + " ) A \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql = sql + " WHERE A.ID LIKE '%" + keyWord + "%' \n";
//sql = sql + " OR A.NAME LIKE '%" + keyWord + "%' \n";
// sql = sql + " WHERE A.ID LIKE '%' || " + "?" + " || '%' \n";
sql = sql + " AND US.NAME LIKE ?" + " || '%' \n";
// sql = sql + " AND US.NAME_GENCPT LIKE SP_ENC_GIX_FU(?)" + " || '%' \n";
// sql = sql + " AND US.NAME_GENCPT = SP_ENC_GIX_FU(?) \n";
//==================================================
// System.out.println("makesearch encrpt user name :::;" + sql.toString());
// String sId = "";
String sName = "";
String tmp = "";
try {
con = getConnection();
stmt = con.prepareStatement(sql);
//19.SQL 삽입(getParameter) : Add by KWON,HAN
stmt.setString(1, keyWord);
// stmt.setString(2, keyWord);
//+++++++++++++++++++++++++++++++++++++++
rs = stmt.executeQuery();
/*
// 2014.11.14 by YoungJun,Cho : 로컬에서는 잘되는데, 개발계로 실행시 ResultSet 을 탐색하는 도중에 다른 ResultSet 를 탐색할 경우 자동으로 ResultSet 을 닫아버리는 현상이 발견됨.
while (rs.next()) {
sId = rs.getString(1);
sName = rs.getString(1);
tmp = rs.getString(3);
if (sId == null || sId.equals("")) {
continue;
}
list.add("#" + sId);
dataCnt++;
if (dataCnt > 500) {
return;
}
//상위부서를 찾아서 조직도 트리를 펼친다,
if (tmp == null || tmp.equals("")) {
continue;
}
list.add("#" + tmp);
dataCnt++;
if (dataCnt > 500) {
return;
}
getSearchLoop(tmp);
}
*/
// 2014.11.14 by YoungJun,Cho
// id, name 을 like 검색한 결과를 ResultSet 에 담고 loop 로 탐색하면서, ArrayList(SearchVO 객체)에 저장을 해둔다.
// 기존 ResultSet 은 닫아버리고, ArrayList 를 다시 탐색하면서 상위부서를 찾도록 메서드를 실행한다.
// id, name 을 like 검색한 결과를 저장할 ArrayList 선언.
ArrayList<SearchVO> searchList = new ArrayList<SearchVO>();
// 쿼리 결과를 탐색.
while(rs.next()) {
// sId = rs.getString(1); // id
sName = rs.getString(1); // name
tmp = rs.getString(3); // dept_id
// id 가 없는 경우 skip 하고 다음 record 탐색.
// if (sId == null || sId.equals("")) {
// continue;
// }
// ResultSet 을 탐색한 레코드별로 SearchVO 객체에 저장.
SearchVO tmpSearchUser = new SearchVO();
// tmpSearchUser.setId( sId );
tmpSearchUser.setName( sName );
tmpSearchUser.setDeptId( tmp );
// ArrayList 에 탐색 결과 추가.
searchList.add(tmpSearchUser);
}
// ResultSet 탐색을 모두 마쳤으므로, 닫아버린다.
if (rs != null) {
rs.close();
}
// id, name 을 like 검색한 결과(ArrayList) 를 재탐색(상위부서를 찾기 위해)
for(SearchVO searchData : searchList) {
list.add("#" + searchData.getId());
dataCnt++;
if (dataCnt > 500) {
return;
}
//상위부서를 찾아서 조직도 트리를 펼친다,
if (searchData.getDeptId() == null || searchData.getDeptId().equals("")) {
continue;
}
list.add("#" + searchData.getDeptId());
dataCnt++;
if (dataCnt > 500) {
return;
}
getSearchLoop(searchData.getDeptId());
}
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
ex.printStackTrace();
} finally {
if (rs != null) {
try {
rs.close();
rs = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (stmt != null) {
try {
stmt.close();
stmt = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (con != null) {
try {
con.close();
con = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
}
}
public void getSearchData(String keyWord) {
ResultSet rs = null;
PreparedStatement stmt = null;
//String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE SEL_TYPE='Y' AND NAME LIKE '%"+keyWord+"%'";
//String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%"+keyWord+"%'";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//String sql = "SELECT NVL(UPPER_DEPT, ORGAN) AS UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%" + keyWord + "%'";
String sql = "SELECT NVL(UPPER_DEPT, ORGAN) AS UPPER_DEPT FROM MOUMI_DEPT WHERE NAME LIKE '%' || " + "?" + " || '%' ";
//==================================================
try {
con = getConnection();
stmt = con.prepareStatement(sql);
//19.SQL 삽입(getParameter) : Add by KWON,HAN
stmt.setString(1, keyWord);
//+++++++++++++++++++++++++++++++++++++++
rs = stmt.executeQuery();
/*
// 2014.11.14 by YoungJun,Cho : 로컬에서는 잘되는데, 개발계로 실행시 ResultSet 을 탐색하는 도중에 다른 ResultSet 를 탐색할 경우 자동으로 ResultSet 을 닫아버리는 현상이 발견됨.
while (rs.next()) {
String tmp = rs.getString(1);
if (tmp == null || tmp.equals("")) {
continue;
}
list.add("#" + tmp);
dataCnt++;
if (dataCnt > 500) {
return;
}
getSearchLoop(tmp);
}
*/
// 2014.11.14 by YoungJun,Cho
// name 을 like 검색한 결과를 ResultSet 에 담고 loop 로 탐색하면서, ArrayList(SearchVO 객체)에 저장을 해둔다.
// 기존 ResultSet 은 닫아버리고, ArrayList 를 다시 탐색하면서 상위부서를 찾도록 메서드를 실행한다.
// name 을 like 검색한 결과를 저장할 ArrayList 선언.
ArrayList<SearchVO> searchList = new ArrayList<SearchVO>();
// 쿼리 결과를 탐색.
while(rs.next()) {
String tmpUpperDept = rs.getString(1); // upper_dept
// upper_dept 가 없는 경우 skip 하고 다음 record 탐색.
if (tmpUpperDept == null || tmpUpperDept.equals("")) {
continue;
}
// ResultSet 을 탐색한 레코드별로 SearchVO 객체에 저장.
SearchVO tmpSearch = new SearchVO();
tmpSearch.setUpperDept( tmpUpperDept );
// ArrayList 에 탐색 결과 추가.
searchList.add(tmpSearch);
}
// ResultSet 탐색을 모두 마쳤으므로, 닫아버린다.
if (rs != null) {
rs.close();
}
// id, name 을 like 검색한 결과(ArrayList) 를 재탐색(상위부서를 찾기 위해)
for (SearchVO searchData : searchList) {
String tmpUpperDept = searchData.getUpperDept();
list.add("#" + tmpUpperDept);
dataCnt++;
if (dataCnt > 500) {
return;
}
//상위부서를 찾아서 조직도 트리를 펼친다,
getSearchLoop(tmpUpperDept);
}
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//System.out.println("error exception2:" + ex);
ex.printStackTrace();
} finally {
if (rs != null) {
try {
rs.close();
rs = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (stmt != null) {
try {
stmt.close();
stmt = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (con != null) {
try {
con.close();
con = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
}
}
public void getSearchGroupData(String keyWord, String strGubun, String strUserId) {
ResultSet rs = null;
PreparedStatement stmt = null;
//String sql="SELECT PART_ID FROM MOUMI_USER_DEPT WHERE DEL_TYPE='N' AND NAME LIKE '%"+keyWord+"%'";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//String sql = "SELECT PART_ID FROM MOUMI_USER_DEPT WHERE NAME LIKE '%" + keyWord + "%' \n";
String sql = "SELECT PART_ID FROM MOUMI_USER_DEPT WHERE NAME LIKE '%' || " + "?" + " || '%' \n";
//==================================================
if (strGubun.equals("GROUP")) {
//2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupCommonSql 에서 가져옴
sql += "UNION \n";
sql += "SELECT UP.ID AS PART_ID \n";
sql += " --, UP.NAME AS DEPT_NAME \n";
sql += " --, UP.USER_ID \n";
sql += " --, UP.ID AS DEPT_ID \n";
sql += " --, 'closed' AS STATE \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
sql += " , MOUMI_USER_PART UP \n";
sql += " WHERE DT.ORGAN IS NOT NULL \n";
sql += " AND US.DEPT_ID=DT.ID \n";
sql += " AND (UP.USER_ID=US.ID AND UP.USER_ID IN (SELECT ID FROM MOUMI_MUSER WHERE SYS_AUTH=9)) \n";
sql += " AND UP.USE_YN = 'Y' \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n";
sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n";
//===========================================
sql += " ORDER BY 1 \n";
}
if (strGubun.equals("GROUP_AREA")) {
//2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupAreaSql 에서 가져옴
sql += "UNION \n";
sql += " SELECT UP.ID AS PART_ID \n";
sql += " --, UP.NAME AS DEPT_NAME \n";
sql += " --, UP.USER_ID \n";
sql += " --, UP.ID AS DEPT_ID \n";
sql += " --, 'closed' AS STATE \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
sql += " , MOUMI_DEPT GR \n";
sql += " , MOUMI_USER_PART UP \n";
sql += " WHERE DT.ORGAN IS NOT NULL \n";
sql += " AND US.DEPT_ID=DT.ID \n";
sql += " AND DT.ORGAN = GR.ID \n";
sql += " AND UP.USER_ID=US.ID \n";
sql += " AND UP.USE_YN = 'Y' \n";
sql += " AND UP.USER_ID IN ( \n";
sql += " SELECT US.ID \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
sql += " WHERE US.SYS_AUTH=7 \n";
sql += " AND US.DEPT_ID = DT.ID \n";
sql += " AND DT.ORGAN = ( SELECT GR.ID \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
sql += " , MOUMI_DEPT GR \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql += " WHERE US.ID='" + userId + "' \n";
sql += " WHERE US.ID= " + "?" + " \n";
//===========================================
sql += " AND US.DEPT_ID = DT.ID \n";
sql += " AND DT.ORGAN = GR.ID \n";
sql += " ) \n";
sql += " ) \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n";
sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n";
//==========================================
sql += " ORDER BY 1 \n";
}
if (strGubun.equals("GROUP_DEPT")) {
//2014.09.16 Add by KOWN.HAN : MakeJSon.makeGroupDeptSql 에서 가져옴
sql += "UNION \n";
sql += "SELECT UP.ID AS PART_ID \n";
sql += " --, UP.NAME AS DEPT_NAME \n";
sql += " --, UP.USER_ID \n";
sql += " --, UP.ID AS DEPT_ID \n";
sql += " --, 'closed' AS STATE \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
sql += " , MOUMI_DEPT GR \n";
sql += " , MOUMI_USER_PART UP \n";
sql += " WHERE DT.ORGAN IS NOT NULL \n";
sql += " AND US.DEPT_ID=DT.ID \n";
sql += " AND DT.ORGAN = GR.ID \n";
sql += " AND UP.USER_ID=US.ID \n";
sql += " AND UP.USE_YN = 'Y' \n";
sql += " AND UP.USER_ID IN ( \n";
sql += " select us.id \n";
sql += " from moumi_muser us \n";
sql += " , moumi_dept dt \n";
sql += " where us.dept_id = dt.ID \n";
sql += " and dt.id = ( SELECT dt.ID \n";
sql += " FROM MOUMI_MUSER US \n";
sql += " , MOUMI_DEPT DT \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql += " WHERE US.ID='" + userId + "' \n";
sql += " WHERE US.ID= " + "?" + " \n";
//==========================================
sql += " and US.DEPT_ID = dt.id \n";
sql += " ) \n";
sql += " ) \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//sql += " AND UP.NAME LIKE '%" + keyWord + "%' \n";
sql += " AND UP.NAME LIKE '%' || " + "?" + " || '%' \n";
//===========================================
sql += " ORDER BY 1 \n";
}
// LOG.debug("MakeSearchJSon.getSearchGroupData sql={} \n", sql.toString());
// LOG.debug("userId={}", userId);
// LOG.debug("keyWord={}", keyWord);
try {
con = getConnection();
stmt = con.prepareStatement(sql);
//19.SQL 삽입(getParameter) : Add by KWON,HAN
stmt.setString(1, keyWord);
if (strGubun.equals("GROUP")) {
stmt.setString(2, keyWord);
}
if (strGubun.equals("GROUP_AREA")) {
stmt.setString(2, userId);
stmt.setString(3, keyWord);
}
if (strGubun.equals("GROUP_DEPT")) {
stmt.setString(2, userId);
stmt.setString(3, keyWord);
}
//+++++++++++++++++++++++++++++++++++++++
rs = stmt.executeQuery();
while (rs.next()) {
String tmp = rs.getString(1);
//LOG.debug("tmp={}", tmp);
if (tmp == null || tmp.equals("")) {
continue;
}
list.add("#" + tmp);
dataCnt++;
if (dataCnt > 500) {
return;
}
//2014.09.15 Delete by KWON,HAN : 필요없는 로직임.
//getSearchLoop(tmp);
}
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
ex.printStackTrace();
} finally {
if (rs != null) {
try {
rs.close();
rs = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (stmt != null) {
try {
stmt.close();
stmt = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (con != null) {
try {
con.close();
con = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
}
}
public void getSearchLoop(String tmpp) {
if (dataCnt > 500) {
return;
}
ResultSet rs = null;
PreparedStatement stmt = null;
/*String sql="SELECT UPPER_DEPT FROM MOUMI_DEPT WHERE SEL_TYPE='Y' AND ID='"+tmpp+"' ";
sql+="AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT<>'"+tmpp+"')";*/
String sql = "SELECT UPPER_DEPT \n";
sql += " FROM MOUMI_DEPT \n";
//19.SQL 삽입(getParameter) : Update by KWON,HAN
// sql += " WHERE ID ='" + tmpp + "' \n";
// sql += " AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT <>'" + tmpp + "') \n";
sql += " WHERE ID = " + "?" + " \n";
sql += " AND (UPPER_DEPT IS NOT NULL AND UPPER_DEPT <> " + "?" + ") \n";
//==========================================
// LOG.debug("MakeSearchJSon.getSearchLoop sql={} \n", sql.toString());
// LOG.debug("tmpp={}", tmpp);
try {
stmt = con.prepareStatement(sql);
//19.SQL 삽입(getParameter) : Update by KWON,HAN
//17.SQL 삽입(Database)_CWE-89
stmt.setString(1, tmpp);
stmt.setString(2, tmpp);
//==========================================
rs = stmt.executeQuery();
if (rs.next()) {
String tmp1 = rs.getString(1);
if (tmp1 == null || tmp1.equals("")) {
return;
}
list.add("#" + tmp1);
dataCnt++;
getSearchLoop(tmp1);
}
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
ex.printStackTrace();
} finally {
if (rs != null) {
try {
rs.close();
rs = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
if (stmt != null) {
try {
stmt.close();
stmt = null;
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (SQLException sqlex) {
sqlex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
} catch (Exception ex) {
//31.오류 상황 대응 부재_CWE-390 Add by YOUNGJUN,CHO
ex.printStackTrace();
//++++++++++++++++++++++++++++++++++++++++++++++++
}
}
}
}
}