Changed file db loading in order to work with standalone Tomcat

dschadow · dschadow · commit f96651af3ad9 · 2015-02-21T15:52:20.000+01:00
Signed-off-by: Dominik Schadow &lt;dominikschadow@googlemail.com&gt;
diff --git a/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsDAO.java b/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsDAO.java
@@ -57,7 +57,7 @@ private Account queryAccount(int id) {
         ResultSet rs = null;
 
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/accountsDB; shutdown=true", "sa", "");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/accountsDB; shutdown=true", "sa", "");
             pstmt = con.prepareStatement(query);
             pstmt.setInt(1, id);
 
@@ -110,7 +110,7 @@ private List<String> queryAccounts(int userId) {
         ResultSet rs = null;
 
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/accountsDB; shutdown=true", "sa", "");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/accountsDB; shutdown=true", "sa", "");
             pstmt = con.prepareStatement(query);
             pstmt.setInt(1, userId);
 
diff --git a/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsIntegerDAO.java b/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsIntegerDAO.java
@@ -69,7 +69,7 @@ private List<String> queryAccounts(User user) {
         ResultSet rs = null;
 
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/accountsDB; shutdown=true", "sa", "");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/accountsDB; shutdown=true", "sa", "");
             pstmt = con.prepareStatement(query);
             pstmt.setInt(1, user.getUserId());
 
diff --git a/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsRandomDAO.java b/Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsRandomDAO.java
@@ -67,7 +67,7 @@ private List<String> queryAccounts(User user) {
         ResultSet rs = null;
 
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/accountsDB; shutdown=true", "sa", "");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/accountsDB; shutdown=true", "sa", "");
             pstmt = con.prepareStatement(query);
             pstmt.setInt(1, user.getUserId());
 
diff --git a/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/PreparedStatementServlet.java b/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/PreparedStatementServlet.java
@@ -18,6 +18,7 @@
 package de.dominikschadow.webappsecurity.servlets;
 
 import de.dominikschadow.webappsecurity.domain.Customer;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -28,6 +29,7 @@
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.sql.*;
@@ -49,8 +51,9 @@ public class PreparedStatementServlet extends HttpServlet {
     @PostConstruct
     public void init() {
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/customerDB; shutdown=true", "sa", "");
-        } catch (SQLException ex) {
+        	Class.forName("org.hsqldb.jdbcDriver");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/customerDB; shutdown=true", "sa", "");
+        } catch (ClassNotFoundException | SQLException ex) {
             logger.error(ex.getMessage(), ex);
         }
     }
diff --git a/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementEscapingServlet.java b/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementEscapingServlet.java
@@ -18,6 +18,7 @@
 package de.dominikschadow.webappsecurity.servlets;
 
 import de.dominikschadow.webappsecurity.domain.Customer;
+
 import org.owasp.esapi.ESAPI;
 import org.owasp.esapi.codecs.OracleCodec;
 import org.slf4j.Logger;
@@ -30,6 +31,7 @@
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.sql.*;
@@ -51,8 +53,9 @@ public class StatementEscapingServlet extends HttpServlet {
     @PostConstruct
     public void init() {
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/customerDB; shutdown=true", "sa", "");
-        } catch (SQLException ex) {
+        	Class.forName("org.hsqldb.jdbcDriver");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/customerDB; shutdown=true", "sa", "");
+        } catch (ClassNotFoundException | SQLException ex) {
             logger.error(ex.getMessage(), ex);
         }
     }
diff --git a/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementServlet.java b/Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementServlet.java
@@ -18,6 +18,7 @@
 package de.dominikschadow.webappsecurity.servlets;
 
 import de.dominikschadow.webappsecurity.domain.Customer;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -28,6 +29,7 @@
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.sql.*;
@@ -49,8 +51,9 @@ public class StatementServlet extends HttpServlet {
     @PostConstruct
     public void init() {
         try {
-            con = DriverManager.getConnection("jdbc:hsqldb:file:src/main/resources/customerDB; shutdown=true", "sa", "");
-        } catch (SQLException ex) {
+        	Class.forName("org.hsqldb.jdbcDriver");
+            con = DriverManager.getConnection("jdbc:hsqldb:res:/customerDB; shutdown=true", "sa", "");
+        } catch (ClassNotFoundException | SQLException ex) {
             logger.error(ex.getMessage(), ex);
         }
     }
diff --git a/Ch06_SQLInjection/src/main/resources/hibernate.cfg.xml b/Ch06_SQLInjection/src/main/resources/hibernate.cfg.xml
@@ -5,7 +5,7 @@
 <hibernate-configuration>
     <session-factory>
         <property name="connection.driver_class">org.hsqldb.jdbcDriver</property>
-        <property name="connection.url">jdbc:hsqldb:file:src/main/resources/customerDB</property>
+        <property name="connection.url">jdbc:hsqldb:res:/customerDB</property>
         <property name="connection.username">sa</property>
         <property name="connection.password"></property>
         <property name="dialect">org.hibernate.dialect.HSQLDialect</property>
diff --git a/Ch07_XSS/src/main/resources/hibernate.cfg.xml b/Ch07_XSS/src/main/resources/hibernate.cfg.xml
@@ -5,7 +5,7 @@
 <hibernate-configuration>
     <session-factory>
         <property name="connection.driver_class">org.hsqldb.jdbcDriver</property>
-        <property name="connection.url">jdbc:hsqldb:file:src/main/resources/customerDB</property>
+        <property name="connection.url">jdbc:hsqldb:res:/customerDB</property>
         <property name="connection.username">sa</property>
         <property name="connection.password"></property>
         <property name="dialect">org.hibernate.dialect.HSQLDialect</property>
