Posted on

Clean a string input for sql injection in Java

Clean a string input for sql injection - Java:

import java.io.*;

public class CleanString {
   * This method cleans a string input for sql injection.
   * @param input String to clean.
   * @return String Obtains the cleaned string.
   public String cleanString(String input) {
       //Variable to store the cleaned string
       String cleanedString = "";
       //Clean the string
       cleanedString = input.replaceAll("'", "''");
       //Return the cleaned string
       return cleanedString;

   * One Example
   public static void main(String args[]) throws IOException {

      CleanString  cleanString= new CleanString ();
      String input = "This is a 'test'";
      String cleanedString = cleanString.cleanString(input);
      System.out.println("Cleaned String is :" + cleanedString); //This is a 'test'
Enter fullscreen mode Exit fullscreen mode

Latest comments (0)