Java 类org.apache.commons.lang.StringEscapeUtils 实例源码
项目:sierra
文件:MutationCommentsImporter.java
private static String insertRowIntoDB(String rowLine) {
List<String> rowFields =
new ArrayList<String>(Arrays.asList(rowLine.split("\t")));
Gene gene = Gene.valueOf(rowFields.remove(0));
DrugClass drugClass = DrugClass.valueOf(rowFields.remove(0));
int pos = Integer.parseInt(rowFields.remove(0));
int rank = Integer.parseInt(rowFields.remove(0));
String aas = rowFields.remove(0);
MutType mutType = MutType.valueOf(rowFields.remove(0));
String comment = rowFields.remove(0);
StringBuilder statements = new StringBuilder();
statements.append("INSERT INTO `tblCommentsWithVersions` ");
statements.append(
"(Gene, DrugClass, Pos, AAs, Type, " +
"Display, Version, Date, Comment) VALUES ");
statements.append(String.format(
"('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
gene, drugClass, pos, aas, mutType,
rank, VERSION, VERSION.versionDate,
StringEscapeUtils.escapeSql(comment.trim())));
statements.append(';');
return statements.toString();
}
项目:rapidminer
文件:AnnotationDrawUtils.java
/**
* Returns plain text from the editor.
*
* @param editor
* the editor from which to take the text.
* @param onlySelected
* if {@code true} will only return the selected text
* @return the text of the editor converted to plain text
* @throws BadLocationException
* @throws IOException
*/
public static String getPlaintextFromEditor(final JEditorPane editor, final boolean onlySelected) throws IOException,
BadLocationException {
if (editor == null) {
throw new IllegalArgumentException("editor must not be null!");
}
HTMLDocument document = (HTMLDocument) editor.getDocument();
StringWriter writer = new StringWriter();
int start = 0;
int length = document.getLength();
if (onlySelected) {
start = editor.getSelectionStart();
length = editor.getSelectionEnd() - start;
}
editor.getEditorKit().write(writer, document, start, length);
String text = writer.toString();
text = AnnotationDrawUtils.removeStyleFromComment(text);
// switch <br> and <br/> to actual newline (current system)
text = text.replaceAll("<br.*?>", System.lineSeparator());
// kill all other html tags
text = text.replaceAll("\\<.*?>", "");
text = StringEscapeUtils.unescapeHtml(text);
return text;
}
项目:BUbiNG
文件:NamedGraphServerHttpProxy.java
public static void generate(final long hashCode, final StringBuilder content, final CharSequence[] successors, boolean notescurl) {
content.append("<html>\n<head></head>\n<body>\n");
// This helps in making the page text different even for the same number
// of URLs, but not always.
content.append("<h1>").append((char)((hashCode & 0xF) + 'A')).append((char)((hashCode >>> 4 & 0xF) + 'A')).append((char)((hashCode >>> 8 & 0xF) + 'A')).append((char)((hashCode >>> 12 & 0xF) + 'A')).append("</h1>\n");
for (final CharSequence s : successors) {
String ref = s.toString();
if (!notescurl) ref = StringEscapeUtils.escapeHtml(s.toString());
content.append("<p>Lorem ipsum dolor sit amet <a href=\""
+ ref
+ "\">"
+ ref
+ "</a>, consectetur adipisici elit, sed eiusmod tempor incidunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquid ex ea commodi consequat. Quis aute iure reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint obcaecat cupiditat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.\n");
}
content.append("</body>\n</html>\n");
}
项目:logistimo-web-service
文件:OrderExportHandler.java
private StringBuilder getItemSb(MaterialCatalogService mcs, DomainConfig dc, IDemandItem item)
throws ServiceException {
StringBuilder itemSb = new StringBuilder();
IMaterial m = mcs.getMaterial(item.getMaterialId());
itemSb.append(m.getMaterialId() != null ? m.getMaterialId() : CharacterConstants.EMPTY)
.append(CharacterConstants.COMMA)
.append(m.getCustomId() != null ? StringEscapeUtils.escapeCsv(m.getCustomId())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(StringEscapeUtils.escapeCsv(m.getName())).append(CharacterConstants.COMMA)
.append(item.getReason() != null ? StringEscapeUtils.escapeCsv(item.getReason())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(BigUtil.getFormattedValue(item.getQuantity()));
if (!dc.isDisableOrdersPricing()) {
itemSb.append(CharacterConstants.COMMA)
.append(item.getCurrency() != null ? StringEscapeUtils.escapeCsv(item.getCurrency())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(item.getFormattedPrice()).append(CharacterConstants.COMMA)
.append(item.getDiscount()).append(CharacterConstants.COMMA)
.append(item.computeTotalPrice(true));
}
return itemSb;
}
项目:logistimo-web-service
文件:OrderExportHandler.java
StringBuilder getLocationSb(DomainConfig dc, IKiosk c, Locale locale) {
StringBuilder locationSb = new StringBuilder();
locationSb.append(c.getCountry() != null ? StringEscapeUtils.escapeCsv(c.getCountry())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getState() != null ? StringEscapeUtils.escapeCsv(c.getState())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getDistrict() != null ? StringEscapeUtils.escapeCsv(c.getDistrict())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getTaluk() != null ? StringEscapeUtils.escapeCsv(c.getTaluk())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getCity() != null ? StringEscapeUtils.escapeCsv(c.getCity())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getStreet() != null ? StringEscapeUtils.escapeCsv(c.getStreet())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(c.getPinCode() != null ? StringEscapeUtils.escapeCsv(c.getPinCode())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(order.getLatitude() != null ? order.getLatitude() : CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(order.getLongitude() != null ? order.getLongitude() : CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(order.getGeoAccuracy() != null ? NumberUtil.getDoubleValue(order.getGeoAccuracy()) : CharacterConstants.EMPTY)
.append(CharacterConstants.COMMA)
.append(order.getGeoErrorCode() != null ? StringEscapeUtils.escapeCsv(GeoUtil.getGeoErrorMessage(order.getGeoErrorCode(), locale))
: CharacterConstants.EMPTY);
return locationSb;
}
项目:Yidu
文件:ReviewServiceImpl.java
/**
* 创建检索条件
*
* @param searchBean
* 检索条件
* @param hql
* hql
* @param params
* 参数
*/
private void buildCondtion(ReviewSearchBean searchBean, StringBuffer hql, List<Object> params) {
if (Utils.isDefined(searchBean.getArticleno())) {
hql.append(" AND articleno = ? ");
params.add(searchBean.getArticleno());
}
if (Utils.isDefined(searchBean.getArticlename())) {
hql.append(" AND articlename like ? ");
params.add("%" + StringEscapeUtils.escapeSql(searchBean.getArticlename()) + "%");
}
if (Utils.isDefined(searchBean.getLoginid())) {
hql.append(" AND loginid like ?");
params.add("%" + StringEscapeUtils.escapeSql(searchBean.getLoginid()) + "%");
}
if (Utils.isDefined(searchBean.getChaptername())) {
hql.append(" AND chaptername like ? ");
params.add("%" + StringEscapeUtils.escapeSql(searchBean.getChaptername()) + "%");
}
}
项目:lams
文件:GradebookService.java
/**
* Returns the lesson status string which is a reference to an image
*
* @param learnerProgress
* @return
*/
private String getLessonStatusStr(LearnerProgress learnerProgress) {
String status = "-";
final String IMAGES_DIR = Configuration.get(ConfigurationKeys.SERVER_URL) + "images";
if (learnerProgress != null) {
if (learnerProgress.isComplete()) {
status = "<i class='fa fa-check text-success'></i>";
} else if ((learnerProgress.getAttemptedActivities() != null)
&& (learnerProgress.getAttemptedActivities().size() > 0)) {
String currentActivityTitle = learnerProgress.getCurrentActivity() == null ? ""
: StringEscapeUtils.escapeHtml(learnerProgress.getCurrentActivity().getTitle());
status = "<i class='fa fa-cog' title='" + currentActivityTitle + "'></i>";
}
}
return status;
}
项目:lams
文件:PeerreviewServiceImpl.java
@Override
public StyledCriteriaRatingDTO getUsersRatingsCommentsByCriteriaIdDTO(Long toolContentId, Long toolSessionId,
RatingCriteria criteria, Long currentUserId, boolean skipRatings, int sorting, String searchString,
boolean getAllUsers, boolean getByUser) {
if (skipRatings) {
return ratingService.convertToStyledDTO(criteria, currentUserId, getAllUsers, null);
}
List<Object[]> rawData = peerreviewUserDao.getRatingsComments(toolContentId, toolSessionId, criteria,
currentUserId, null, null, sorting, searchString, getByUser, ratingService,
userManagementService);
for (Object[] raw : rawData) {
raw[raw.length - 2] = (Object) StringEscapeUtils.escapeCsv((String)raw[raw.length - 2]);
}
// if !getByUser -> is get current user's ratings from other users ->
// convertToStyledJSON.getAllUsers needs to be true otherwise current user (the only one in the set!) is dropped
return ratingService.convertToStyledDTO(criteria, currentUserId, !getByUser || getAllUsers, rawData);
}
项目:lams
文件:IMSPOXRequest.java
public static HttpPost buildReplaceResult(String url, String key, String secret, String sourcedid, String score, String resultData, Boolean isUrl) throws IOException, OAuthException, GeneralSecurityException {
String dataXml = "";
if (resultData != null) {
String format = isUrl ? resultDataUrl : resultDataText;
dataXml = String.format(format, StringEscapeUtils.escapeXml(resultData));
}
//*LAMS* the following line was added by LAMS and also messageIdentifier was added to the line after it
String messageIdentifier = UUID.randomUUID().toString();
String xml = String.format(replaceResultMessage, messageIdentifier, StringEscapeUtils.escapeXml(sourcedid),
StringEscapeUtils.escapeXml(score), dataXml);
HttpParameters parameters = new HttpParameters();
String hash = getBodyHash(xml);
parameters.put("oauth_body_hash", URLEncoder.encode(hash, "UTF-8"));
CommonsHttpOAuthConsumer signer = new CommonsHttpOAuthConsumer(key, secret);
HttpPost request = new HttpPost(url);
request.setHeader("Content-Type", "application/xml");
request.setEntity(new StringEntity(xml, "UTF-8"));
signer.setAdditionalParameters(parameters);
signer.sign(request);
return request;
}
项目:aliyun-maxcompute-data-collectors
文件:NetezzaExternalTableExportJob.java
@Override
protected void propagateOptionsToJob(Job job) {
Configuration conf = job.getConfiguration();
String nullValue = options.getInNullStringValue();
if (nullValue != null) {
conf.set(DirectNetezzaManager.NETEZZA_NULL_VALUE,
StringEscapeUtils.unescapeJava(nullValue));
}
conf.setInt(DelimiterSet.INPUT_FIELD_DELIM_KEY,
options.getInputFieldDelim());
conf.setInt(DelimiterSet.INPUT_RECORD_DELIM_KEY,
options.getInputRecordDelim());
conf.setInt(DelimiterSet.INPUT_ENCLOSED_BY_KEY,
options.getInputEnclosedBy());
// Netezza uses \ as the escape character. Force the use of it
int escapeChar = options.getInputEscapedBy();
if (escapeChar > 0) {
if (escapeChar != '\\') {
LOG.info(
"Setting escaped char to \\ for Netezza external table export");
}
conf.setInt(DelimiterSet.INPUT_ESCAPED_BY_KEY, '\\');
}
conf.setBoolean(DelimiterSet.INPUT_ENCLOSE_REQUIRED_KEY,
options.isOutputEncloseRequired());
}
项目:lams
文件:LessonDAO.java
@SuppressWarnings("unchecked")
@Override
public List<User> getLearnersByLesson(Long lessonId, String searchPhrase, Integer limit, Integer offset,
boolean orderAscending) {
StringBuilder queryTextBuilder = new StringBuilder("SELECT users ").append(LessonDAO.LOAD_LEARNERS_BY_LESSON);
if (!StringUtils.isBlank(searchPhrase)) {
String[] tokens = searchPhrase.trim().split("\\s+");
for (String token : tokens) {
token = StringEscapeUtils.escapeSql(token).replace("\\", "\\\\");
queryTextBuilder.append(" AND (users.firstName LIKE '%").append(token)
.append("%' OR users.lastName LIKE '%").append(token).append("%' OR users.login LIKE '%")
.append(token).append("%')");
}
}
String order = orderAscending ? "ASC" : "DESC";
queryTextBuilder.append(" ORDER BY users.firstName ").append(order).append(", users.lastName ").append(order)
.append(", users.login ").append(order);
Query query = getSession().createQuery(queryTextBuilder.toString()).setLong("lessonId", lessonId);
if (limit != null) {
query.setMaxResults(limit);
}
if (offset != null) {
query.setFirstResult(offset);
}
return query.list();
}
项目:lams
文件:LessonDAO.java
@Override
public Integer getCountLearnersByLesson(long lessonId, String searchPhrase) {
StringBuilder queryTextBuilder = new StringBuilder("SELECT COUNT(*) ")
.append(LessonDAO.LOAD_LEARNERS_BY_LESSON);
if (!StringUtils.isBlank(searchPhrase)) {
String[] tokens = searchPhrase.trim().split("\\s+");
for (String token : tokens) {
token = StringEscapeUtils.escapeSql(token).replace("\\", "\\\\");
queryTextBuilder.append(" AND (users.firstName LIKE '%").append(token)
.append("%' OR users.lastName LIKE '%").append(token).append("%' OR users.login LIKE '%")
.append(token).append("%')");
}
}
Query query = getSession().createQuery(queryTextBuilder.toString()).setLong("lessonId", lessonId);
Object value = query.uniqueResult();
return ((Number) value).intValue();
}
项目:shop-manager
文件:XssHttpServletRequestWrapper.java
@Override
public String[] getParameterValues(String name) {
String[] values = super.getParameterValues(name);
if(values != null) {
int length = values.length;
String[] escapseValues = new String[length];
for(int i = 0; i < length; i++){
escapseValues[i] = StringEscapeUtils.escapeHtml(values[i]);
}
return escapseValues;
}
return super.getParameterValues(name);
}
项目:hadoop
文件:Graph.java
private static String wrapSafeString(String label) {
if (label.indexOf(',') >= 0) {
if (label.length()>14) {
label = label.replaceAll(",", ",\n");
}
}
label = "\"" + StringEscapeUtils.escapeJava(label) + "\"";
return label;
}
项目:hadoop-oss
文件:ReconfigurationServlet.java
private void printHeader(PrintWriter out, String nodeName) {
out.print("<html><head>");
out.printf("<title>%s Reconfiguration Utility</title>%n",
StringEscapeUtils.escapeHtml(nodeName));
out.print("</head><body>\n");
out.printf("<h1>%s Reconfiguration Utility</h1>%n",
StringEscapeUtils.escapeHtml(nodeName));
}
项目:tac-kbp-eal
文件:FancierDiffLogger.java
private void logDocumentContext(final String originalDocText, final Response response,
StringBuilder out) {
out.append("<h3>Context:</h3>");
out.append("<div>");
out.append(StringEscapeUtils.escapeHtml(this.context(originalDocText, response)));
out.append("</div>");
out.append("<br>");
}
项目:airsonic
文件:WikiTag.java
public int doEndTag() throws JspException {
String result;
synchronized (RENDER_ENGINE) {
result = RENDER_ENGINE.render(StringEscapeUtils.unescapeXml(text), RENDER_CONTEXT);
}
try {
pageContext.getOut().print(result);
} catch (IOException x) {
throw new JspTagException(x);
}
return EVAL_PAGE;
}
项目:airsonic
文件:EscapeJavaScriptTag.java
public int doEndTag() throws JspException {
try {
pageContext.getOut().print(StringEscapeUtils.escapeJavaScript(string));
} catch (IOException x) {
throw new JspTagException(x);
}
return EVAL_PAGE;
}
项目:scanning
文件:ActivemqConnectorServiceJsonMarshallingTest.java
@After
public void tearDown() throws Exception {
if (json != null) {
// So we can see what's going on
// System.out.println("JSON: " + json);
// To make it easy to replace expected JSON values in the code when we're sure they're correct
@SuppressWarnings("unused")
String javaLiteralForJSONString = '"' + StringEscapeUtils.escapeJava(json) + '"';
// System.out.println("Java literal:\n" + javaLiteralForJSONString);
}
json = null;
marshaller = null;
ActivemqConnectorService.setJsonMarshaller(null);
}
项目:ProjectAres
文件:PacketTracer.java
@Override
public PacketDataSerializer a(String s) {
value("String", StringEscapeUtils.escapeJava(s));
try {
mute = true;
return super.a(s);
} finally {
mute = false;
}
}
项目:goobi-viewer-indexer
文件:MetadataHelper.java
/**
*
* @param fieldValue
* @return
*/
public static String applyValueDefaultModifications(String fieldValue) {
String ret = fieldValue;
if (StringUtils.isNotEmpty(ret)) {
// Remove any prior HTML escaping, otherwise strings like '&amp;' might occur
ret = StringEscapeUtils.unescapeHtml(ret);
}
return ret;
}
项目:logistimo-web-service
文件:MessageLogExportHandler.java
@Override
public String toCSV(Locale locale, String timezone, DomainConfig dc, String type) {
String str = "";
String status = "";
String name;
String ph;
try {
UsersService as = Services.getService(UsersServiceImpl.class, locale);
try {
IUserAccount u = as.getUserAccount(messageLog.getUserId());
MessageService smsService = MessageService.getInstance(MessageService.SMS, u.getCountry());
name = u.getFullName();
ph = u.getMobilePhoneNumber();
status = smsService.getStatusMessage(messageLog.getStatus(), locale);
} catch (ObjectNotFoundException e) {
name = messageLog.getUserId() + "(" + "User deleted" + ")";
ph = "";
}
str += name + ",";
str += ph + ",";
str += messageLog.getEventType() + "," + StringEscapeUtils.escapeCsv( messageLog.getMessage()) + ",";
str += status + ",";
str += LocalDateUtil.format(messageLog.getTimestamp(), locale, timezone);
} catch (MessageHandlingException ignored) {
// ignore
}
return str;
}
项目:logistimo-web-service
文件:OrderExportHandler.java
private StringBuilder getAccountingSb(DomainConfig dc) {
StringBuilder accSb = null;
if (dc.isAccountingEnabled() && !dc.isDisableOrdersPricing()) {
accSb = new StringBuilder();
//accSb.append(Order.getFormattedPrice(getPaid())).append(CharacterConstants.COMMA)
accSb.append(order.getPaymentOption() != null ? order.getPaymentOption() : CharacterConstants.EMPTY)
.append(CharacterConstants.COMMA)
.append(order.getPaid() != null ? BigUtil.getFormattedValue(order.getPaid()) : 0).append(CharacterConstants.COMMA)
.append(order.getPaidStatus() != null ? StringEscapeUtils.escapeCsv(order.getPaidStatus()) : CharacterConstants.EMPTY)
.append(CharacterConstants.COMMA)
.append(order.getPaymentHistory() != null ? StringEscapeUtils.escapeCsv(order.getPaymentHistory()) : CharacterConstants.EMPTY);
}
return accSb;
}
项目:logistimo-web-service
文件:OrderExportHandler.java
private StringBuilder getTagSb(DomainConfig dc) {
StringBuilder tagSb = new StringBuilder();
List<String> ktgs = order.getTags(TagUtil.TYPE_ENTITY);
List<String> otgs = order.getTags(TagUtil.TYPE_ORDER);
tagSb.append(
ktgs != null && !ktgs.isEmpty() ? StringEscapeUtils.escapeCsv(StringUtil.getCSV(ktgs))
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(otgs != null && !otgs.isEmpty() ? StringEscapeUtils
.escapeCsv(StringUtil.getCSV(otgs)) : CharacterConstants.EMPTY);
return tagSb;
}
项目:logistimo-web-service
文件:KioskExportHandler.java
private StringBuilder constructKioskDetails(IKiosk kiosk) {
StringBuilder ksb = new StringBuilder();
if (kiosk != null) {
ksb.append(kiosk.getKioskId()).append(CharacterConstants.COMMA)
.append(kiosk.getCustomId() != null ? StringEscapeUtils.escapeCsv(kiosk.getCustomId())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(StringEscapeUtils.escapeCsv(kiosk.getName())).append(CharacterConstants.COMMA)
.append(kiosk.getCountry() != null ? StringEscapeUtils.escapeCsv(kiosk.getCountry())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getState() != null ? StringEscapeUtils.escapeCsv(kiosk.getState())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getDistrict() != null ? StringEscapeUtils.escapeCsv(kiosk.getDistrict())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getTaluk() != null ? StringEscapeUtils.escapeCsv(kiosk.getTaluk())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getCity() != null ? StringEscapeUtils.escapeCsv(kiosk.getCity())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getStreet() != null ? StringEscapeUtils.escapeCsv(kiosk.getStreet())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getPinCode() != null ? StringEscapeUtils.escapeCsv(kiosk.getPinCode())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA)
.append(kiosk.getLatitude()).append(CharacterConstants.COMMA)
.append(kiosk.getLongitude()).append(CharacterConstants.COMMA)
.append(kiosk.getGeoAccuracy()).append(CharacterConstants.COMMA)
.append(kiosk.getGeoError() != null ? StringEscapeUtils.escapeCsv(kiosk.getGeoError())
: CharacterConstants.EMPTY).append(CharacterConstants.COMMA);
} else {
ksb.append(",,,,,,,,,,,,,,");
}
return ksb;
}
项目:Android_Code_Arbiter
文件:XssServlet1.java
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String input1 = req.getParameter("input1");
resp.getWriter().write(input1);
resp.getWriter().write(ESAPI.encoder().encodeForHTML(input1));
resp.getWriter().write(StringEscapeUtils.escapeHtml(input1));
}
项目:Equella
文件:MetaScriptWrapper.java
@SuppressWarnings("nls")
@Override
public void add(String name, String content)
{
StringBuilder tag = new StringBuilder();
tag.append("<meta name=\"");
tag.append(StringEscapeUtils.escapeHtml(name));
tag.append("\" content=\"");
tag.append(StringEscapeUtils.escapeHtml(content));
tag.append("\">\n");
render.addHeaderMarkup(tag.toString());
}
项目:morf
文件:MySqlDialect.java
/**
* Backslashes in MySQL denote escape sequences and have to themselves be escaped.
*
* @see http://dev.mysql.com/doc/refman/5.0/en/string-literals.html
* @see org.alfasoftware.morf.jdbc.SqlDialect#makeStringLiteral(java.lang.String)
*/
@Override
protected String makeStringLiteral(String literalValue) {
if (StringUtils.isEmpty(literalValue)) {
return "NULL";
}
return String.format("'%s'", StringUtils.replace(StringEscapeUtils.escapeSql(literalValue), "\\", "\\\\"));
}
项目:lams
文件:SurveyUserDAOHibernate.java
private void buildNameSearch(String searchString, StringBuilder sqlBuilder) {
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
sqlBuilder.append(" WHERE (user.first_name LIKE '%").append(escToken)
.append("%' OR user.last_name LIKE '%").append(escToken).append("%' OR user.login_name LIKE '%")
.append(escToken).append("%') ");
}
}
}
项目:lams
文件:GBUserGridRowDTO.java
public GBUserGridRowDTO(User user) {
this.id = user.getUserId().toString();
this.rowName = StringEscapeUtils.escapeHtml(user.getLastName() + " " + user.getFirstName());
this.firstName = user.getFirstName();
this.lastName = user.getLastName();
this.login = user.getLogin();
this.setPortraitId(user.getPortraitUuid());
}
项目:lams
文件:GradebookService.java
/**
* Returns the activity status string which is a reference to an image
*
* @param learnerProgress
* @param activity
* @return
*/
private String getActivityStatusStr(LearnerProgress learnerProgress, Activity activity) {
final String IMAGES_DIR = Configuration.get(ConfigurationKeys.SERVER_URL) + "images";
if (learnerProgress != null) {
byte statusByte = learnerProgress.getProgressState(activity);
if (statusByte == LearnerProgress.ACTIVITY_ATTEMPTED && learnerProgress.getCurrentActivity() != null) {
return "<i class='fa fa-cog' title='"
+ StringEscapeUtils.escapeHtml(learnerProgress.getCurrentActivity().getTitle()) + "'></i>";
} else if (statusByte == LearnerProgress.ACTIVITY_COMPLETED) {
return "<i class='fa fa-check text-success'></i>";
}
}
return "-";
}
项目:lams
文件:AssessmentEscapeUtils.java
private static void escapeQuotesInQuestionResult(AssessmentQuestionResult questionResult) {
String answerString = questionResult.getAnswerString();
if (answerString != null) {
String answerStringEscaped = StringEscapeUtils.escapeJavaScript(answerString);
questionResult.setAnswerStringEscaped(answerStringEscaped);
}
AssessmentQuestion question = questionResult.getAssessmentQuestion();
String title = question.getTitle();
if (title != null) {
String titleEscaped = StringEscapeUtils.escapeJavaScript(title);
question.setTitleEscaped(titleEscaped);
}
for (AssessmentQuestionOption option : question.getOptions()) {
String questionStr = option.getQuestion();
if (questionStr != null) {
String questionEscaped = StringEscapeUtils.escapeJavaScript(questionStr);
option.setQuestionEscaped(questionEscaped);
}
String optionStr = option.getOptionString();
if (optionStr != null) {
String optionEscaped = StringEscapeUtils.escapeJavaScript(optionStr);
option.setOptionStringEscaped(optionEscaped);
}
}
}
项目:lams
文件:PeerreviewUserDAOHibernate.java
private void buildNameSearch(String searchString, StringBuilder sqlBuilder, boolean whereDone) {
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
sqlBuilder.append(whereDone ? " AND ( " : " WHERE ( ")
.append("user.first_name LIKE '%").append(escToken)
.append("%' OR user.last_name LIKE '%").append(escToken).append("%' OR user.login_name LIKE '%")
.append(escToken).append("%') ");
}
}
}
项目:lams
文件:PeerreviewUserDAOHibernate.java
@Override
public List<Object[]> getPagedUsers(Long toolSessionId, Integer page, Integer size, int sorting,
String searchString) {
String GET_USERS_FOR_SESSION = "SELECT user.uid, user.hidden, CONCAT(user.firstName, ' ', user.lastName) FROM "
+ PeerreviewUser.class.getName() + " user WHERE user.session.sessionId = :toolSessionId ";
String sortingOrder = "";
switch (sorting) {
case PeerreviewConstants.SORT_BY_NO:
sortingOrder = " ORDER BY user.uid";
break;
case PeerreviewConstants.SORT_BY_USERNAME_ASC:
sortingOrder = " ORDER BY user.firstName ASC";
break;
case PeerreviewConstants.SORT_BY_USERNAME_DESC:
sortingOrder = " ORDER BY user.firstName DESC";
break;
}
StringBuilder bldr = new StringBuilder(GET_USERS_FOR_SESSION);
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
bldr.append(" AND ( ").append("user.firstName LIKE '%").append(escToken)
.append("%' OR user.lastName LIKE '%").append(escToken).append("%' OR user.loginName LIKE '%")
.append(escToken).append("%') ");
}
}
bldr.append(sortingOrder);
String queryString = bldr.toString();
Query query = getSession().createQuery(queryString)
.setLong("toolSessionId", toolSessionId);
if ( page != null && size != null ) {
query.setFirstResult(page * size).setMaxResults(size);
}
return (List<Object[]>) query.list();
}
项目:lams
文件:PeerreviewServiceImpl.java
@Override
public List<Object[]> getCommentsCounts(Long toolContentId, Long toolSessionId, RatingCriteria criteria,
Integer page, Integer size, int sorting, String searchString) {
List<Object[]> rawData = peerreviewUserDao.getCommentsCounts(toolContentId, toolSessionId, criteria, page, size,
sorting, searchString, userManagementService);
// raw data: user_id, comment_count, first_name last_name, portrait id
for (Object[] raw : rawData) {
raw[2] = (Object) StringEscapeUtils.escapeCsv((String)raw[2]);
}
return rawData;
}
项目:lams
文件:EmailNotificationsAction.java
/**
* Refreshes user list.
*/
public ActionForward getUsers(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws IOException, ServletException, JSONException {
Map<String, Object> map = new HashMap<String, Object>();
copySearchParametersFromRequestToMap(request, map);
Long lessonId = (Long) map.get(AttributeNames.PARAM_LESSON_ID);
Integer orgId = (Integer) map.get(AttributeNames.PARAM_ORGANISATION_ID);
if (lessonId != null) {
if (!getSecurityService().isLessonMonitor(lessonId, getCurrentUser().getUserID(),
"get users for lesson email notifications", false)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "The user is not a monitor in the lesson");
return null;
}
} else if (orgId != null) {
if (!getSecurityService().isGroupMonitor(orgId, getCurrentUser().getUserID(),
"get users for course email notifications", false)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "The user is not a monitor in the organisation");
return null;
}
}
IMonitoringService monitoringService = MonitoringServiceProxy
.getMonitoringService(getServlet().getServletContext());
int searchType = (Integer) map.get("searchType");
Long activityId = (Long) map.get(AttributeNames.PARAM_ACTIVITY_ID);
Integer xDaystoFinish = (Integer) map.get("daysToDeadline");
String[] lessonIds = (String[]) map.get("lessonIDs");
Collection<User> users = monitoringService.getUsersByEmailNotificationSearchType(searchType, lessonId,
lessonIds, activityId, xDaystoFinish, orgId);
JSONArray cellarray = new JSONArray();
JSONObject responcedata = new JSONObject();
responcedata.put("total", "" + users.size());
responcedata.put("page", "" + 1);
responcedata.put("records", "" + users.size());
for (User user : users) {
JSONArray cell = new JSONArray();
cell.put(StringEscapeUtils.escapeHtml(user.getFirstName()) + " "
+ StringEscapeUtils.escapeHtml(user.getLastName()) + " ["
+ StringEscapeUtils.escapeHtml(user.getLogin()) + "]");
JSONObject cellobj = new JSONObject();
cellobj.put("id", "" + user.getUserId());
cellobj.put("cell", cell);
cellarray.put(cellobj);
}
responcedata.put("rows", cellarray);
response.setContentType("application/json;charset=utf-8");
response.getWriter().print(new String(responcedata.toString()));
return null;
}
项目:lams
文件:DacoUserDAOHibernate.java
private void buildNameSearch(StringBuilder queryText, String searchString) {
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
queryText.append(" AND (user.first_name LIKE '%").append(escToken)
.append("%' OR user.last_name LIKE '%").append(escToken).append("%' OR user.login_name LIKE '%")
.append(escToken).append("%')");
}
}
}
项目:lams
文件:VoteUsrAttemptDAO.java
private void buildNameSearch(String searchString, StringBuilder sqlBuilder, boolean useWhere) {
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
sqlBuilder.append(useWhere ? " WHERE " : " AND ").append("(user.fullname LIKE '%").append(escToken)
.append("%' OR user.username LIKE '%").append(escToken).append("%') ");
}
}
}
项目:lams
文件:VoteUsrAttemptDAO.java
private void buildCombinedSearch(String searchStringVote, String searchStringUsername, StringBuilder sqlBuilder) {
if (!StringUtils.isBlank(searchStringVote)) {
String[] tokens = searchStringVote.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
sqlBuilder.append(" WHERE (userEntry LIKE '%").append(escToken).append("%') ");
}
} else {
buildNameSearch(searchStringUsername, sqlBuilder, true);
}
}
项目:lams
文件:UserDAO.java
private static void addNameSearch(StringBuilder queryBuilder, String entityName, String searchPhrase) {
if (!StringUtils.isBlank(searchPhrase)) {
String[] tokens = searchPhrase.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token).replace("\\", "\\\\");
queryBuilder.append(" AND (").append(entityName).append(".firstName LIKE '%").append(escToken)
.append("%' OR ").append(entityName).append(".lastName LIKE '%").append(escToken)
.append("%' OR ").append(entityName).append(".login LIKE '%").append(escToken).append("%' OR ")
.append(entityName).append(".email LIKE '%").append(escToken).append("%')");
}
}
}