0

Removing characters between single quotes. I am trying this.

If I entered sa' or '1'='1 then output should be ' or ' '='. I am working on sql injection project. What they require is removing characters from single quotes.

By using prepared statement we can prevent injection. But before that I want to remove characters between single quotes. How to do this. Is there any easy way.

StringBuilder strBuilder = new StringBuilder();
String [] ary = uname.split("");
int j = 1;
for (int i = 0 ; i < ary.length ; i++) {
    if (ary[i].equals("'")) {
        if (j == 1) {
            strBuilder = new StringBuilder();
            strBuilder.append(ary[i]);
            j++;
        }
        else if (j % 2 == 0) {
            strBuilder.append(ary[i]);
            j++;
        }
        else if (j % 3 == 0) {
            strBuilder.append(ary[i]);
        }
        else if (j % 4 == 0) {
            strBuilder.append(ary[i]);
            break;
        }
    }
    else {
        strBuilder.append(ary[i]);
    }
}
uname = strBuilder.toString();
System.out.println("uname: " + uname);
Improve this question
1
  • You could achieve what you want by using string.replace() method instead of doing all this. Google for "string replace java" and head to the javadoc Commented May 17, 2014 at 4:44

4 Answers 4

Reset to default
1

Not quite sure what you are doing with your code . Code will never enter else if(j%4==0) block because if this condition is true then else if(j%2==0) will obviously be true.

If you just want to skip characters between single quotes use a boolean flag. Set it to true at index it is encountered and set it to false it is encountered next. Eliminate characters in between. Repeat this till your String is parsed.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You could do something like this, read each char one by one in the string in a loop and check if that character is ' If it is then keep on deleting the following characters in the string until the ' character comes again...

The pseudo code will be like this:

char string(10)="Da`ks`H"
for(int x=0, x<string_length, x++){
    if(string[x]=='){
        while(string[x]!='){
            delete
        }
    }
}

and if you are wondering how you can delete then you can do one thing: make a new string and in that copy the chars if the chars are not between ' so in this case it would be like:

char string(10)="Da`ks`H"
char newstring(10)
for(int x=0, x<string_length, x++){
    if(string[x]=='){
        while(string[x]!='){
            delete
        }
    }
    else{
        string[x]=newstring[x]
    }
}

Note: Above (^) I am not showing the actual code but it is just to make you understand the logic, syntax does not belong to any language

Improve this answer

Comments

0

I think this is the best way,

public static String removeUntil(String str, String c, int st)
{
    StringBuilder sb = new StringBuilder(str);
    str = sb.reverse().toString();
    for(int i = 0;i<st;i++)
        str = str.substring(0,str.lastIndexOf(c));
    sb = new StringBuilder(str);
    str = sb.reverse().toString();
    return str;
}

for ex:

removeUntil("I.want.to.remove.this.string.until.third.dot", ".", 3)

then result of it = "remove.this.string.until.third.dot";

Improve this answer

Comments

0

This is a simple implementation for removing specific characters from a string. The time complexity is O(n + m).

Note: This is only for ASCII characters.

String s = "Battle 123";
String remove = "e1";
System.out.println(removeCharacters(s,remove));


public static String removeCharacters(String sentence, String remove){
    if(sentence == null) return null;
    if(sentence != null && remove == null) return sentence;
    char[] s = sentence.toCharArray();
    char[] r = remove.toCharArray();
    int dest = 0;
    boolean[] asciiFlags = new boolean[128];        //False

    for(int i = 0;i < r.length; i++){
        asciiFlags[r[i]] = true;
    }

    for(int src =0;src<s.length;src++){
        if(!asciiFlags[s[src]]){
            s[dest++] = s[src];
        }   
    }
    return new String(s,0,dest);
}
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.