Clean a string input for sql injection - Java:
import java.io.*;
public class CleanString {
/**
* This method cleans a string input for sql injection.
* @param input String to clean.
* @return String Obtains the cleaned string.
*/
public String cleanString(String input) {
//Variable to store the cleaned string
String cleanedString = "";
//Clean the string
cleanedString = input.replaceAll("'", "''");
//Return the cleaned string
return cleanedString;
}
/**
* One Example
*/
public static void main(String args[]) throws IOException {
CleanString cleanString= new CleanString ();
//Example
String input = "This is a 'test'";
String cleanedString = cleanString.cleanString(input);
//Output
System.out.println("Cleaned String is :" + cleanedString); //This is a 'test'
}
}
Top comments (0)