5. Used SQL queries… Is it normal?

Used SQL queries… Is it normal?

  • D

    Hello, I find in your chatroulette JAVA app this sql query:

    SELECT * FROM sessions s WHERE s.type=1 && s.id!=\""+id+"\" && " +
				"(SELECT ip FROM sessions WHERE id=\""+id+"\" LIMIT 1) NOT IN (SELECT ip FROM filters " +
					"WHERE id=s.id && DATE_SUB(NOW(), INTERVAL "+FILTER_TIME+" MINUTE)<filter_time) &&="" "="" +="" "(select="" ip="" from="" sessions="" where="" s.id="id" limit="" 1)="" not="" in="" (select="" filters="" id="\&quot;&quot;+" id+"\"="" date_sub(now(),="" interval="" "+filter_time+"="" minute)<filter_time)="" "+="" count(*)="" chats="" peer1="s.id" ||="" peer2="s.id)=0" user_prefs="" up="" up.id="\&quot;&quot;+id+&quot;\&quot;" (up.pref_value="\&quot;0\&quot;" up.pref_value=" +
					" (if((select="" sett_value="" user_settings="" sett_name="up.pref_name" is="" null,"="" "up.pref_value,="" 1)))))="+
					" "order="" by="" rand()="" 1<="" pre="">Is it rational to use such?

Else I have a lot of spam in my log with error,that generates here:

    	if(res != null) {
		try {
			res.next();

			String userId = res.getString("id");
			return userId;
		} catch(SQLException ex) {
			log.error("Error at findUser", ex);
		}
	}
    0
Log in to reply