use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.
the class ExtensionAntiCSRF method sessionChanged.
@Override
public void sessionChanged(Session session) {
if (session == null) {
// Closedown
return;
}
synchronized (valueToToken) {
valueToToken.clear();
}
// search for tokens...
try {
List<Integer> list = getModel().getDb().getTableHistory().getHistoryIdsOfHistType(session.getSessionId(), HistoryReference.TYPE_PROXIED, HistoryReference.TYPE_ZAP_USER);
HistoryFilter filter = new HistoryFilter();
filter.setTags(Arrays.asList(new String[] { TAG }));
AntiCsrfDetectScanner antiCsrfDetectScanner = new AntiCsrfDetectScanner(this);
for (Integer i : list) {
HistoryReference hRef = historyReferenceFactory.createHistoryReference(i.intValue());
if (filter.matches(hRef)) {
HttpMessage msg = hRef.getHttpMessage();
String response = msg.getResponseHeader().toString() + msg.getResponseBody().toString();
Source src = new Source(response);
if (msg.isResponseFromTargetHost()) {
antiCsrfDetectScanner.scanHttpResponseReceive(msg, hRef.getHistoryId(), src);
}
}
}
} catch (DatabaseException | HttpMalformedHeaderException e) {
log.error(e.getMessage(), e);
}
}
use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.
the class SqlTableTag method insert.
/* (non-Javadoc)
* @see org.parosproxy.paros.db.paros.TableTag#insert(long, java.lang.String)
*/
@Override
public synchronized RecordTag insert(long historyId, String tag) throws DatabaseException {
SqlPreparedStatementWrapper psInsertTag = null;
try {
psInsertTag = DbSQL.getSingleton().getPreparedStatement("tag.ps.insert");
psInsertTag.getPs().setLong(1, historyId);
psInsertTag.getPs().setString(2, tag);
psInsertTag.getPs().executeUpdate();
try (ResultSet rs = psInsertTag.getLastInsertedId()) {
rs.next();
long id = rs.getLong(1);
return read(id);
}
} catch (SQLException e) {
throw new DatabaseException(e);
} finally {
DbSQL.getSingleton().releasePreparedStatement(psInsertTag);
}
}
use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.
the class SqlTableTag method deleteTagsForHistoryID.
/* (non-Javadoc)
* @see org.parosproxy.paros.db.paros.TableTag#deleteTagsForHistoryID(long)
*/
@Override
public void deleteTagsForHistoryID(long historyId) throws DatabaseException {
SqlPreparedStatementWrapper psDeleteTagsForHistoryId = null;
try {
psDeleteTagsForHistoryId = DbSQL.getSingleton().getPreparedStatement("tag.ps.deletetagsforhid");
psDeleteTagsForHistoryId.getPs().setLong(1, historyId);
psDeleteTagsForHistoryId.getPs().execute();
} catch (SQLException e) {
throw new DatabaseException(e);
} finally {
DbSQL.getSingleton().releasePreparedStatement(psDeleteTagsForHistoryId);
}
}
use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.
the class ExtensionAlert method getAllAlerts.
public List<Alert> getAllAlerts() {
List<Alert> allAlerts = new ArrayList<>();
TableAlert tableAlert = getModel().getDb().getTableAlert();
Vector<Integer> v;
try {
// TODO this doesnt work, but should be used when its fixed :/
//v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
v = tableAlert.getAlertList();
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
Alert alert = new Alert(recAlert);
if (alert.getHistoryRef() != null) {
// Only use the alert if it has a history reference.
if (!allAlerts.contains(alert)) {
allAlerts.add(alert);
}
}
}
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
}
return allAlerts;
}
use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.
the class ExtensionAlert method deleteHistoryReferenceAlerts.
public void deleteHistoryReferenceAlerts(HistoryReference hRef) {
List<Alert> alerts = hRef.getAlerts();
SiteMap siteTree = this.getModel().getSession().getSiteTree();
synchronized (this.getTreeModel()) {
for (int i = 0; i < alerts.size(); i++) {
Alert alert = alerts.get(i);
this.getTreeModel().deletePath(alert);
this.getFilteredTreeModel().deletePath(alert);
try {
getModel().getDb().getTableAlert().deleteAlert(alert.getAlertId());
} catch (DatabaseException e) {
logger.error("Failed to delete alert with ID: " + alert.getAlertId(), e);
}
}
SiteNode node = hRef.getSiteNode();
if (node == null) {
node = siteTree.findNode(hRef.getURI(), hRef.getMethod(), hRef.getRequestBody());
}
if (node != null) {
node.deleteAlerts(alerts);
}
alerts.clear();
this.recalcAlerts();
}
hrefs.remove(Integer.valueOf(hRef.getHistoryId()));
}
Aggregations