change to report/Report.java 's getgroupedkeywords method

efc98cab · Alex Ebadirad · ca50b0d9 · efc98cab
Commit efc98cab authored 13 years ago by Alex Ebadirad
--- a/Report/src/org/sleuthkit/autopsy/report/Report.java
+++ b/Report/src/org/sleuthkit/autopsy/report/Report.java
@@ -46,37 +46,30 @@ public String getGroupedKeywordHit() {
        Case currentCase = Case.getCurrentCase(); // get the most updated case
        SleuthkitCase tempDb = currentCase.getSleuthkitCase();
        try {
+            String temp1 = "CREATE TABLE report_keyword AS SELECT value_text as keyword,blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 10;";
-            ResultSet uniqueresults = tempDb.runQuery("SELECT DISTINCT value_text from blackboard_attributes where attribute_type_id = '10' order by value_text ASC");
+            String temp2 = "CREATE TABLE report_preview AS SELECT value_text as preview, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 11;";
+            String temp3 = "CREATE TABLE report_exp AS SELECT value_text as exp, blackboard_attributes.attribute_type_id, blackboard_attributes.artifact_id FROM blackboard_attributes WHERE attribute_type_id = 12;";
+            String temp4 = "CREATE TABLE report_name AS SELECT name, report_keyword.artifact_id from tsk_files,blackboard_artifacts, report_keyword WHERE blackboard_artifacts.artifact_id = report_keyword.artifact_id AND blackboard_artifacts.obj_id = tsk_files.obj_id;";
+            String temp5 = "CREATE table report AS SELECT keyword,preview,exp, name from report_keyword INNER JOIN report_preview ON report_keyword.artifact_id=report_preview.artifact_id INNER JOIN report_exp ON report_preview.artifact_id=report_exp.artifact_id INNER JOIN report_name ON report_exp.artifact_id=report_name.artifact_id;";
+            tempDb.runQuery(temp1+temp2+temp3+temp4+temp5);
+            ResultSet uniqueresults = tempDb.runQuery("select keyword, preview, exp, name FROM report ORDER BY keyword ASC");
+           String keyword = "";
            while (uniqueresults.next()) { 
-               table.append("<strong>").append(uniqueresults.getString("value_text")).append("</strong>");
+                if(uniqueresults.getString("value_text") == null ? keyword == null : uniqueresults.getString("keyword").equals(keyword))
-                table.append("<table><thead><tr><th>").append("File Name").append("</th><th>Preview</th><th>Keyword List</th></tr><tbody>");
+                {
-                ArrayList<BlackboardArtifact> artlist = new ArrayList<BlackboardArtifact>();
-                ResultSet tempresults = tempDb.runQuery("select DISTINCT artifact_id from blackboard_attributes where attribute_type_id = '10' and value_text = '" + uniqueresults.getString(1) + "'");
-                while (tempresults.next()) {
-                    artlist.add(tempDb.getBlackboardArtifact(tempresults.getLong(1)));
                }
+                else{
-                for (BlackboardArtifact art : artlist) {
+               keyword = uniqueresults.getString("keyword");
-                    String filename = tempDb.getFsContentById(art.getObjectID()).getName();
+               table.append("<strong>").append(keyword).append("</strong>");
-                    String preview = "";
+               table.append("<table><thead><tr><th>").append("File Name").append("</th><th>Preview</th><th>Keyword List</th></tr><tbody>");
-                    String set = "";
-                    table.append("<tr><td>").append(filename).append("</td>");
-                    ArrayList<BlackboardAttribute> tempatts = art.getAttributes();
-                    for (BlackboardAttribute att : tempatts) {
-                        if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_REGEXP.getTypeID()) {
-                            preview = "<td>" + att.getValueString() + "</td>";
-                        }
-                        if (att.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW.getTypeID()) {
-                            set = "<td>" + att.getValueString() + "</td>";
-                        }
-                    }
-                    table.append(preview).append(set).append("</tr>");
                }
+               table.append("<tr><td>").append(uniqueresults.getString("name")).append("</td>");
-                table.append("</tbody></table><br /><br />");
+                table.append("<td>").append(uniqueresults.getString("preview")).append("</td>").append("<td>").append(uniqueresults.getString("exp")).append("</td>").append("</tr>");
+               table.append("</tbody></table><br /><br />");
            }
+            tempDb.runQuery("DROP TABLE report_keyword; DROP TABLE report_preview; DROP TABLE report_exp; DROP TABLE report_name; DROP TABLE report;");
        } catch (Exception e) {
            Logger.getLogger(Report.class.getName()).log(Level.WARNING, "Exception occurred", e);
        }