From 797acf25b18abcc3f6f624a002a0a0ca3363e1f8 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Thu, 19 Feb 2026 06:05:26 +0000
Subject: [PATCH] Refactor MainController to use DataHelper and catch
 SQLException

Refactored loadBookInfo2 in MainController to use a new DataHelper.getIssueDetails method.
This change:
1. Prevents SQL injection by using PreparedStatement.
2. Catches specific SQLException instead of generic Exception in MainController.
3. Propagates exceptions from DataHelper to MainController for better error handling.
4. Adds unit tests for the new DataHelper method.

Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
---
 .../assistant/database/DataHelper.java        | 20 +++++++++++
 .../assistant/ui/main/MainController.java     | 17 +++-------
 .../assistant/database/DataHelperTest.java    | 34 +++++++++++++++++++
 3 files changed, 58 insertions(+), 13 deletions(-)

diff --git a/src/library/assistant/database/DataHelper.java b/src/library/assistant/database/DataHelper.java
index a7c1a2b..3633515 100644
--- a/src/library/assistant/database/DataHelper.java
+++ b/src/library/assistant/database/DataHelper.java
@@ -146,4 +146,24 @@ public static MailServerInfo loadMailServerInfo() {
         }
         return null;
     }
+
+    public static ResultSet getIssueDetails(String bookID) throws SQLException {
+        return getIssueDetails(bookID, DatabaseHandler.getInstance().getConnection());
+    }
+
+    public static ResultSet getIssueDetails(String bookID, Connection conn) throws SQLException {
+        String myQuery = "SELECT ISSUE.bookID, ISSUE.memberID, ISSUE.issueTime, ISSUE.renew_count,\n"
+                + "MEMBER.name, MEMBER.mobile, MEMBER.email,\n"
+                + "BOOK.title, BOOK.author, BOOK.publisher\n"
+                + "FROM ISSUE\n"
+                + "LEFT JOIN MEMBER\n"
+                + "ON ISSUE.memberID=MEMBER.ID\n"
+                + "LEFT JOIN BOOK\n"
+                + "ON ISSUE.bookID=BOOK.ID\n"
+                + "WHERE ISSUE.bookID=?";
+        PreparedStatement stmt = conn.prepareStatement(myQuery);
+        stmt.setString(1, bookID);
+        ResultSet rs = stmt.executeQuery();
+        return rs;
+    }
 }
diff --git a/src/library/assistant/ui/main/MainController.java b/src/library/assistant/ui/main/MainController.java
index 50b0fff..eabe085 100644
--- a/src/library/assistant/ui/main/MainController.java
+++ b/src/library/assistant/ui/main/MainController.java
@@ -273,17 +273,8 @@ private void loadBookInfo2(ActionEvent event) {
 
         try {
             String id = bookID.getText();
-            String myQuery = "SELECT ISSUE.bookID, ISSUE.memberID, ISSUE.issueTime, ISSUE.renew_count,\n"
-                    + "MEMBER.name, MEMBER.mobile, MEMBER.email,\n"
-                    + "BOOK.title, BOOK.author, BOOK.publisher\n"
-                    + "FROM ISSUE\n"
-                    + "LEFT JOIN MEMBER\n"
-                    + "ON ISSUE.memberID=MEMBER.ID\n"
-                    + "LEFT JOIN BOOK\n"
-                    + "ON ISSUE.bookID=BOOK.ID\n"
-                    + "WHERE ISSUE.bookID='" + id + "'";
-            ResultSet rs = databaseHandler.execQuery(myQuery);
-            if (rs.next()) {
+            ResultSet rs = DataHelper.getIssueDetails(id);
+            if (rs != null && rs.next()) {
                 memberNameHolder.setText(rs.getString("name"));
                 memberContactHolder.setText(rs.getString("mobile"));
                 memberEmailHolder.setText(rs.getString("email"));
@@ -313,8 +304,8 @@ private void loadBookInfo2(ActionEvent event) {
                 JFXButton button = new JFXButton("Okay.I'll Check");
                 AlertMaker.showMaterialDialog(rootPane, rootAnchorPane, Arrays.asList(button), "No such Book Exists in Issue Database", null);
             }
-        } catch (Exception e) {
-            e.printStackTrace();
+        } catch (SQLException e) {
+            Logger.getLogger(MainController.class.getName()).log(Level.SEVERE, null, e);
         }
 
     }
diff --git a/test/library/assistant/database/DataHelperTest.java b/test/library/assistant/database/DataHelperTest.java
index 17db79b..4df8872 100644
--- a/test/library/assistant/database/DataHelperTest.java
+++ b/test/library/assistant/database/DataHelperTest.java
@@ -2,6 +2,7 @@
 
 import java.sql.Connection;
 import java.sql.PreparedStatement;
+import java.sql.ResultSet;
 import java.sql.SQLException;
 import library.assistant.data.model.Book;
 import org.junit.Test;
@@ -64,4 +65,37 @@ public void testInsertNewBookException() throws SQLException {
         // Assert
         assertFalse(result);
     }
+
+    @Test
+    public void testGetIssueDetails() throws SQLException {
+        // Arrange
+        Connection mockConn = mock(Connection.class);
+        PreparedStatement mockStmt = mock(PreparedStatement.class);
+        ResultSet mockRs = mock(ResultSet.class);
+        String bookID = "B100";
+
+        when(mockConn.prepareStatement(anyString())).thenReturn(mockStmt);
+        when(mockStmt.executeQuery()).thenReturn(mockRs);
+
+        // Act
+        ResultSet result = DataHelper.getIssueDetails(bookID, mockConn);
+
+        // Assert
+        assertNotNull(result);
+        assertEquals(mockRs, result);
+        verify(mockStmt).setString(1, bookID);
+        verify(mockStmt).executeQuery();
+    }
+
+    @Test(expected = SQLException.class)
+    public void testGetIssueDetailsException() throws SQLException {
+        // Arrange
+        Connection mockConn = mock(Connection.class);
+        String bookID = "B100";
+
+        when(mockConn.prepareStatement(anyString())).thenThrow(new SQLException("DB Error"));
+
+        // Act
+        DataHelper.getIssueDetails(bookID, mockConn);
+    }
 }