Removing characters from string in java -
removing characters between single quotes. trying this.
if entered sa' or '1'='1 output should ' or ' '='. working on sql injection project. require removing characters single quotes.
by using prepared statement can prevent injection. before want remove characters between single quotes. how this. there easy way.
stringbuilder strbuilder = new stringbuilder(); string [] ary = uname.split(""); int j = 1; (int = 0 ; < ary.length ; i++) { if (ary[i].equals("'")) { if (j == 1) { strbuilder = new stringbuilder(); strbuilder.append(ary[i]); j++; } else if (j % 2 == 0) { strbuilder.append(ary[i]); j++; } else if (j % 3 == 0) { strbuilder.append(ary[i]); } else if (j % 4 == 0) { strbuilder.append(ary[i]); break; } } else { strbuilder.append(ary[i]); } } uname = strbuilder.tostring(); system.out.println("uname: " + uname);
not quite sure doing code . code never enter else if(j%4==0) block because if condition true else if(j%2==0) true.
if want skip characters between single quotes use boolean flag. set true @ index encountered , set false encountered next. eliminate characters in between. repeat till string parsed.
Comments
Post a Comment