Patched src/com/ibm/security/appscan/altoromutual/util/DBUtil.java

Author: patched.codes[bot]

src/com/ibm/security/appscan/altoromutual/util/DBUtil.java

@@ -212,16 +212,17 @@ public static ArrayList<Feedback> getFeedback (long feedbackId){
 	public static boolean isValidUser(String user, String password) throws SQLException{
 		if (user == null || password == null || user.trim().length() == 0 || password.trim().length() == 0)
 			return false; 
-		
+			
 		Connection connection = getConnection();
-		Statement statement = connection.createStatement();
+		PreparedStatement preparedStatement = connection.prepareStatement("SELECT COUNT(*) FROM PEOPLE WHERE USER_ID = ? AND PASSWORD = ?");
+		preparedStatement.setString(1, user);
+		preparedStatement.setString(2, password);
 
-		ResultSet resultSet =statement.executeQuery("SELECT COUNT(*)FROM PEOPLE WHERE USER_ID = '"+ user +"' AND PASSWORD='" + password + "'"); /* BAD - user input should always be sanitized */
+		ResultSet resultSet = preparedStatement.executeQuery();
 
 		if (resultSet.next()){
-			
-				if (resultSet.getInt(1) > 0)
-					return true;
+			if (resultSet.getInt(1) > 0)
+				return true;
 		}
 		return false;
 	}
@@ -236,11 +237,12 @@ public static boolean isValidUser(String user, String password) throws SQLExcept
 	public static User getUserInfo(String username) throws SQLException{
 		if (username == null || username.trim().length() == 0)
 			return null; 
-		
+			
 		Connection connection = getConnection();
-		Statement statement = connection.createStatement();
-		ResultSet resultSet =statement.executeQuery("SELECT FIRST_NAME,LAST_NAME,ROLE FROM PEOPLE WHERE USER_ID = '"+ username +"' "); /* BAD - user input should always be sanitized */
-
+		PreparedStatement statement = connection.prepareStatement("SELECT FIRST_NAME,LAST_NAME,ROLE FROM PEOPLE WHERE USER_ID = ? ");
+		statement.setString(1, username);
+		ResultSet resultSet = statement.executeQuery();
+	
 		String firstName = null;
 		String lastName = null;
 		String roleString = null;