package injection.sample1_SPARQL_Injection;

import injection.SampleBase;

import com.hp.hpl.jena.query.Query;
import com.hp.hpl.jena.query.QueryFactory;
import com.hp.hpl.jena.query.QuerySolution;
import com.hp.hpl.jena.rdf.model.Model;
import com.hp.hpl.jena.sparql.ParameterizedString;

public class Sample1sol extends SampleBase {
	private final String FILE_PATH = "files/injection.owl";
	
	public static void main(String [] args) throws Exception{
		Sample1sol sample = new Sample1sol();
		String result = sample.run("Pablo Orduna");
		System.out.println(result);
	}
	
	public String run(String name) throws Exception{
		Model model = this.loadModel(FILE_PATH);
		
		String queryString = 
			"PREFIX injection: <http://www.morelab.deusto.es/injection.owl#> " +
			"SELECT ?name1 ?name2 " +
			"WHERE {" +
			"      ?p1 a injection:Person . " +
			"      ?p2 a injection:Person . " +
			"      ?p1 injection:fullName ${name} . " +
			"      ?p1 injection:isFriendOf ?p2 . " +
			"      ?p1 injection:fullName ?name1 . " +
			"      ?p2 injection:fullName ?name2 . " +
			"}";
		ParameterizedString ps = new ParameterizedString(queryString);
		ps.setString("name", name);
		Query query = QueryFactory.create(ps);
		QuerySolution solution = this.retrieveFirstResult(query, model);
		if(solution == null)
			return null;
		
		return solution.getLiteral("name1").getString();
	}	
}