Used SQL queries… Is it normal?

  • Hello, I find in your chatroulette JAVA app this sql query:

    SELECT * FROM sessions s WHERE s.type=1 &&!=\""+id+"\" && " +
    				"(SELECT ip FROM sessions WHERE id=\""+id+"\" LIMIT 1) NOT IN (SELECT ip FROM filters " +
    					"WHERE && DATE_SUB(NOW(), INTERVAL "+FILTER_TIME+" MINUTE)<filter_time) &&="" "="" +="" "(select="" ip="" from="" sessions="" where="""id" limit="" 1)="" not="" in="" (select="" filters="" id="\&quot;&quot;+" id+"\"="" date_sub(now(),="" interval="" "+filter_time+"="" minute)<filter_time)="" "+="" count(*)="" chats="" peer1="" ||="" peer2="" user_prefs="" up="""\&quot;&quot;+id+&quot;\&quot;" (up.pref_value="\&quot;0\&quot;" up.pref_value=" +
    					" (if((select="" sett_value="" user_settings="" sett_name="up.pref_name" is="" null,"="" "up.pref_value,="" 1)))))="+
    					" "order="" by="" rand()="" 1<="" pre="">Is it rational to use such?
    Else I have a lot of spam in my log with error,that generates here:
    	if(res != null) {
    		try {;
    			String userId = res.getString("id");
    			return userId;
    		} catch(SQLException ex) {
    			log.error("Error at findUser", ex);

Log in to reply