From f714526248e637b1b7be1199709e7c9e90ee8636 Mon Sep 17 00:00:00 2001 From: zhangyuheng Date: Tue, 21 May 2024 13:00:12 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E4=BA=86=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=BA=93=E6=9F=A5=E8=AF=A2=E6=96=B9=E5=BC=8F=EF=BC=8C=E9=81=BF?= =?UTF-8?q?=E5=85=8D=E6=B3=A8=E5=85=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../miniplayertitle/dtos/PlayerInfoDTO.java | 16 ++++---- .../miniplayertitle/dtos/PlayerTitleDTO.java | 14 +++---- .../miniplayertitle/dtos/TitleDTO.java | 16 ++++---- .../miniplayertitle/dtos/TitleShopDTO.java | 37 ++++++++----------- 4 files changed, 38 insertions(+), 45 deletions(-) diff --git a/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerInfoDTO.java b/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerInfoDTO.java index 9eaaf8d..63bb94c 100644 --- a/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerInfoDTO.java +++ b/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerInfoDTO.java @@ -13,8 +13,8 @@ public class PlayerInfoDTO { public static PlayerInfoDTO get(UUID uuid) { String sql = ""; - sql = "SELECT uuid, coin, using_title_id FROM mplt_player_info WHERE uuid = '" + uuid.toString() + "';"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql = "SELECT uuid, coin, using_title_id FROM mplt_player_info WHERE uuid = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, uuid)) { if (rs.next()) return getPlayerInfoDTO(rs); else return create(uuid); } catch (Exception e) { @@ -26,9 +26,9 @@ public class PlayerInfoDTO { private static PlayerInfoDTO create(UUID uuid) { String sql = ""; sql = "INSERT INTO mplt_player_info (uuid, coin) " + - "VALUES ('" + uuid.toString() + "', " + MiniPlayerTitle.config.getDefaultCoin() + ") " + + "VALUES (?, ?) " + "ON CONFLICT DO NOTHING;"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + try (ResultSet rs = MiniPlayerTitle.database.query(sql, uuid, MiniPlayerTitle.config.getDefaultCoin())) { return get(uuid); } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("创建玩家信息失败", e, sql); @@ -54,8 +54,8 @@ public class PlayerInfoDTO { public boolean setUsingTitle(TitleDTO title) { String sql = ""; - sql = "UPDATE mplt_player_info SET using_title_id = " + title.getId() + " WHERE uuid = '" + uuid.toString() + "';"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql = "UPDATE mplt_player_info SET using_title_id = ? WHERE uuid = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, title.getId(), uuid)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("设置玩家使用称号失败", e, sql); @@ -69,8 +69,8 @@ public class PlayerInfoDTO { public boolean setCoin(Integer coin) { String sql = ""; - sql = "UPDATE mplt_player_info SET coin = " + coin + " WHERE uuid = '" + uuid.toString() + "';"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql = "UPDATE mplt_player_info SET coin = ? WHERE uuid = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, coin, uuid)) { this.coin = coin; return true; } catch (Exception e) { diff --git a/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerTitleDTO.java b/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerTitleDTO.java index d8fb9ca..5b68b12 100644 --- a/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerTitleDTO.java +++ b/src/main/java/cn/lunadeer/miniplayertitle/dtos/PlayerTitleDTO.java @@ -52,13 +52,13 @@ public class PlayerTitleDTO { sql += "INSERT INTO mplt_player_title (player_uuid, title_id, expire_at_y, expire_at_m, expire_at_d) "; if (expire_at == null) { - sql += "VALUES ('" + player_uuid.toString() + "', " + title.getId() + ", -1, -1, -1) "; + sql += "VALUES (?, ? , -1, -1, -1) "; } else { - sql += "VALUES ('" + player_uuid.toString() + "', " + title.getId() + ", " + expire_at.getYear() + ", " + expire_at.getMonthValue() + ", " + expire_at.getDayOfMonth() + ") "; + sql += "VALUES (?, ?, " + expire_at.getYear() + ", " + expire_at.getMonthValue() + ", " + expire_at.getDayOfMonth() + ") "; } sql += "RETURNING " + "id, player_uuid, title_id, expire_at_y, expire_at_m, expire_at_d;"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + try (ResultSet rs = MiniPlayerTitle.database.query(sql, player_uuid, title.getId())) { if (rs.next()) { return getRs(rs); } @@ -71,8 +71,8 @@ public class PlayerTitleDTO { public static PlayerTitleDTO get(Integer id) { String sql = ""; sql += "SELECT id, player_uuid, title_id, expire_at_y, expire_at_m, expire_at_d FROM mplt_player_title " + - "WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + "WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, id)) { if (rs.next()) { return getRs(rs); } @@ -101,9 +101,9 @@ public class PlayerTitleDTO { public static List getAllOf(UUID player_uuid) { String sql = ""; sql += "SELECT id, player_uuid, title_id, expire_at_y, expire_at_m, expire_at_d FROM mplt_player_title " + - "WHERE player_uuid = '" + player_uuid.toString() + "';"; + "WHERE player_uuid = ?;"; List playerTitles = new ArrayList<>(); - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + try (ResultSet rs = MiniPlayerTitle.database.query(sql, player_uuid)) { while (rs.next()) { playerTitles.add(getRs(rs)); } diff --git a/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleDTO.java b/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleDTO.java index 4e1da35..db570f6 100644 --- a/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleDTO.java +++ b/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleDTO.java @@ -30,10 +30,10 @@ public class TitleDTO { public static TitleDTO create(String title, String description) { String sql = ""; sql += "INSERT INTO mplt_title (title, description) " + - "VALUES ('" + title + "', '" + description + "') " + + "VALUES (?, ?) " + "RETURNING " + "id, title, description;"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + try (ResultSet rs = MiniPlayerTitle.database.query(sql, title, description)) { if (rs.next()) return getTitleDTO(rs); } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("创建称号失败", e, sql); @@ -43,8 +43,8 @@ public class TitleDTO { public static boolean delete(int id) { String sql = ""; - sql += "DELETE FROM mplt_title WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "DELETE FROM mplt_title WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, id)) { if (rs != null && rs.next()) { return true; } @@ -126,8 +126,8 @@ public class TitleDTO { public boolean updateTitle(String title) { String sql = ""; - sql += "UPDATE mplt_title SET title = '" + title + "' WHERE id = " + this.id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title SET title = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, title, this.id)) { if (rs != null && rs.next()) { this.title = title; return true; @@ -140,8 +140,8 @@ public class TitleDTO { public boolean updateDescription(String description) { String sql = ""; - sql += "UPDATE mplt_title SET description = '" + description + "' WHERE id = " + this.id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title SET description = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, description, this.id)) { if (rs != null && rs.next()) { this.description = description; return true; diff --git a/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleShopDTO.java b/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleShopDTO.java index eefe554..eece69c 100644 --- a/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleShopDTO.java +++ b/src/main/java/cn/lunadeer/miniplayertitle/dtos/TitleShopDTO.java @@ -29,8 +29,8 @@ public class TitleShopDTO { public boolean setPrice(int price) { String sql = ""; - sql += "UPDATE mplt_title_shop SET price = " + price + " WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title_shop SET price = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, price, id)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("设置称号商店价格失败", e, sql); @@ -44,8 +44,8 @@ public class TitleShopDTO { public boolean setDays(int days) { String sql = ""; - sql += "UPDATE mplt_title_shop SET days = " + days + " WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title_shop SET days = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, days, id)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("设置称号商店天数失败", e, sql); @@ -59,8 +59,8 @@ public class TitleShopDTO { public boolean setAmount(int amount) { String sql = ""; - sql += "UPDATE mplt_title_shop SET amount = " + amount + " WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title_shop SET amount = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, amount, id)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("设置称号商店数量失败", e, sql); @@ -73,20 +73,13 @@ public class TitleShopDTO { } public boolean setSaleEndAt(LocalDateTime dateTime) { - String sql = ""; - sql += "UPDATE mplt_title_shop SET sale_end_at_y = " + dateTime.getYear() + ", sale_end_at_m = " + dateTime.getMonthValue() + ", sale_end_at_d = " + dateTime.getDayOfMonth() + " WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { - return true; - } catch (Exception e) { - MiniPlayerTitle.database.handleDatabaseError("设置称号商店销售结束时间失败", e, sql); - } - return false; + return setSaleEndAt(dateTime.getYear(), dateTime.getMonthValue(), dateTime.getDayOfMonth()); } public boolean setSaleEndAt(int y, int m, int d) { String sql = ""; - sql += "UPDATE mplt_title_shop SET sale_end_at_y = " + y + ", sale_end_at_m = " + m + ", sale_end_at_d = " + d + " WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "UPDATE mplt_title_shop SET sale_end_at_y = ?, sale_end_at_m = ?, sale_end_at_d = ? WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, y, m, d, id)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("设置称号商店销售结束时间失败", e, sql); @@ -97,8 +90,8 @@ public class TitleShopDTO { public static TitleShopDTO get(Integer id) { String sql = ""; sql += "SELECT id, title_id, price, days, amount, sale_end_at_y, sale_end_at_m, sale_end_at_d " + - "FROM mplt_title_shop WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + "FROM mplt_title_shop WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, id)) { if (rs.next()) { return getTitleShop(rs); } @@ -145,10 +138,10 @@ public class TitleShopDTO { public static TitleShopDTO create(TitleDTO title) { String sql = ""; sql += "INSERT INTO mplt_title_shop (title_id, price, days, amount, sale_end_at_y, sale_end_at_m, sale_end_at_d) " + - "VALUES (" + title.getId() + ", 0, -1, 0, -1, -1, -1) " + + "VALUES (?, 0, -1, 0, -1, -1, -1) " + "RETURNING " + "id, title_id, price, days, amount, sale_end_at_y, sale_end_at_m, sale_end_at_d;"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + try (ResultSet rs = MiniPlayerTitle.database.query(sql, title.getId())) { if (rs.next()) { return getTitleShop(rs); } @@ -160,8 +153,8 @@ public class TitleShopDTO { public boolean delete() { String sql = ""; - sql += "DELETE FROM mplt_title_shop WHERE id = " + id + ";"; - try (ResultSet rs = MiniPlayerTitle.database.query(sql)) { + sql += "DELETE FROM mplt_title_shop WHERE id = ?;"; + try (ResultSet rs = MiniPlayerTitle.database.query(sql, id)) { return true; } catch (Exception e) { MiniPlayerTitle.database.handleDatabaseError("删除称号商店失败", e, sql);