Skip to content

B
business-java
Commit 4b15d72e authored by vvengurlekar's avatar vvengurlekar
Browse files
Options

FinCommon.java - changes done to make sql queries parameterized 


git-svn-id: http://15.206.35.175/svn/proteus/business-java/trunk@198729 ce508802-f39f-4f6c-b175-0d175dae99d5
parent 9f228f12
Hide whitespace changes
Inline Side-by-side
Showing with 283 additions and 141 deletions
webitm-fin/ibase/webitm/ejb/fin/FinCommon.java
View file @ 4b15d72e
...@@ -13825,7 +13825,8 @@ public class FinCommon ...@@ -13825,7 +13825,8 @@ public class FinCommon
String sql = null; String sql = null;
PreparedStatement pstmt = null; PreparedStatement pstmt = null;
ResultSet rs = null; ResultSet rs = null;
//Changed by Varsha V on 22-03-19 to make query parameterised--[START]
String emptyVal = " ";
System.out.println("In getAcctDetrTtype --> purpose :: " + purpose + " itemCode :: " + itemCode); System.out.println("In getAcctDetrTtype --> purpose :: " + purpose + " itemCode :: " + itemCode);
System.out.println(" itemSer :: " + itemSer + " tranType :: " + tranType); System.out.println(" itemSer :: " + itemSer + " tranType :: " + tranType);
try try
...@@ -13833,12 +13834,17 @@ public class FinCommon ...@@ -13833,12 +13834,17 @@ public class FinCommon
if (purpose.equalsIgnoreCase("D-ISS")) if (purpose.equalsIgnoreCase("D-ISS"))
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13852,12 +13858,17 @@ public class FinCommon ...@@ -13852,12 +13858,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13872,12 +13883,17 @@ public class FinCommon ...@@ -13872,12 +13883,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13892,12 +13908,17 @@ public class FinCommon ...@@ -13892,12 +13908,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '"+itemSer+"' " +" and item_ser = ? "
+" and tran_type = '"+tranType+"' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13912,12 +13933,17 @@ public class FinCommon ...@@ -13912,12 +13933,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '"+itemSer+"' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13932,10 +13958,13 @@ public class FinCommon ...@@ -13932,10 +13958,13 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist " sql = "select acct_code__iss,cctr_code__iss FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_ser = '"+itemSer+"' " ; +" and item_ser = ? " ;
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemSer);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13951,12 +13980,17 @@ public class FinCommon ...@@ -13951,12 +13980,17 @@ public class FinCommon
if (purpose.equalsIgnoreCase("D-RCP")) if (purpose.equalsIgnoreCase("D-RCP"))
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13970,12 +14004,17 @@ public class FinCommon ...@@ -13970,12 +14004,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -13990,12 +14029,17 @@ public class FinCommon ...@@ -13990,12 +14029,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14010,12 +14054,17 @@ public class FinCommon ...@@ -14010,12 +14054,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14030,12 +14079,17 @@ public class FinCommon ...@@ -14030,12 +14079,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14050,10 +14104,13 @@ public class FinCommon ...@@ -14050,10 +14104,13 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist " sql = "select acct_code__rcp,cctr_code__rcp FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_ser = '" + itemSer + "' " ; +" and item_ser = ? " ;
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemSer);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14069,12 +14126,17 @@ public class FinCommon ...@@ -14069,12 +14126,17 @@ public class FinCommon
if (purpose.equalsIgnoreCase("D-INV")) if (purpose.equalsIgnoreCase("D-INV"))
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14088,12 +14150,17 @@ public class FinCommon ...@@ -14088,12 +14150,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14108,12 +14175,17 @@ public class FinCommon ...@@ -14108,12 +14175,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14128,12 +14200,17 @@ public class FinCommon ...@@ -14128,12 +14200,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14148,12 +14225,17 @@ public class FinCommon ...@@ -14148,12 +14225,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14168,10 +14250,13 @@ public class FinCommon ...@@ -14168,10 +14250,13 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist " sql = "select acct_code__inv,cctr_code__inv FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_ser = '" + itemSer + "' " ; +" and item_ser = ? " ;
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemSer);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14187,12 +14272,17 @@ public class FinCommon ...@@ -14187,12 +14272,17 @@ public class FinCommon
if (purpose.equalsIgnoreCase("D-COGT")) if (purpose.equalsIgnoreCase("D-COGT"))
{ {
sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14206,12 +14296,17 @@ public class FinCommon ...@@ -14206,12 +14296,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14226,12 +14321,17 @@ public class FinCommon ...@@ -14226,12 +14321,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14246,12 +14346,17 @@ public class FinCommon ...@@ -14246,12 +14346,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14266,12 +14371,17 @@ public class FinCommon ...@@ -14266,12 +14371,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql ="select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql ="select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14286,10 +14396,13 @@ public class FinCommon ...@@ -14286,10 +14396,13 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist " sql = "select acct_code__cogt,cctr_code__cogt FROM item_acct_detr_dist "
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_ser = '" + itemSer + "' " ; +" and item_ser = ? " ;
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemSer);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14305,12 +14418,17 @@ public class FinCommon ...@@ -14305,12 +14418,17 @@ public class FinCommon
if (purpose.equalsIgnoreCase("D-BRTR")) if (purpose.equalsIgnoreCase("D-BRTR"))
{ {
sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14324,12 +14442,17 @@ public class FinCommon ...@@ -14324,12 +14442,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14344,12 +14467,17 @@ public class FinCommon ...@@ -14344,12 +14467,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = '" + itemCode + "' " +" and item_code = ? "
+" and item_ser = ' ' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemCode);
pstmt.setString(4, emptyVal);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14364,12 +14492,17 @@ public class FinCommon ...@@ -14364,12 +14492,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = '" + tranType + "' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, tranType);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14384,12 +14517,17 @@ public class FinCommon ...@@ -14384,12 +14517,17 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql ="select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql ="select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_code = ' ' " +" and item_code = ? "
+" and item_ser = '" + itemSer + "' " +" and item_ser = ? "
+" and tran_type = ' ' "; +" and tran_type = ? ";
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, emptyVal);
pstmt.setString(4, itemSer);
pstmt.setString(5, emptyVal);
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
...@@ -14404,10 +14542,14 @@ public class FinCommon ...@@ -14404,10 +14542,14 @@ public class FinCommon
if(acctCode == null || acctCode.trim().length() == 0) if(acctCode == null || acctCode.trim().length() == 0)
{ {
sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist" sql = "select acct_code__brtr,cctr_code__brtr FROM item_acct_detr_dist"
+" WHERE site_code__from = '" + siteCodeFrom + "' " +" WHERE site_code__from = ? "
+" and site_code__to = '" + siteCodeTo + "' " +" and site_code__to = ? "
+" and item_ser = '" + itemSer + "' " ; +" and item_ser = ? " ;
pstmt = conn.prepareStatement(sql); pstmt = conn.prepareStatement(sql);
pstmt.setString(1, siteCodeFrom);
pstmt.setString(2, siteCodeTo);
pstmt.setString(3, itemSer);
//Changed by Varsha V on 22-03-19 to make query parameterised--[END]
rs = pstmt.executeQuery(); rs = pstmt.executeQuery();
if (rs.next()) if (rs.next())
{ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment