Skip to content

Instantly share code, notes, and snippets.

@nipunthathsara

nipunthathsara/SqliController.java

Last active June 20, 2022 18:38
Show Gist options
  • Save nipunthathsara/94d30a99592a896665f5e1d42f71903b to your computer and use it in GitHub Desktop.
Save nipunthathsara/94d30a99592a896665f5e1d42f71903b to your computer and use it in GitHub Desktop.
Download ZIP
Medium SQLI - COntroller class
Raw
SqliController.java
@Controller
public class SqliController {
@Autowired
private SqliModel sqliModel;
@GetMapping("/home/{id}")
public String home(@PathVariable String id, Model model) {
List<Page> pages = sqliModel.getPage(id);
model.addAttribute("page", pages.get(0));
return "index";
}
}
Raw
SqliModel.java
public List<Page> getPage(String pageId){
String sql = "SELECT pageId, title, content FROM pages WHERE pageId="+pageId;
List<Page> pages = jdbcTemplate.query(sql, (resultSet, rowNum) -> new Page(resultSet.getInt("pageId"),resultSet.getString("title"), resultSet.getString("content")));
return pages;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment