diff --git a/pom.xml b/pom.xml
index f146d29..13ef560 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
org.springframework.boot
spring-boot-starter-parent
- 1.4.2.RELEASE
+ 1.4.1.RELEASE
diff --git a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
index b8aec17..5f0a5fb 100644
--- a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
+++ b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
@@ -37,11 +37,11 @@ public class UserRepository {
* Creates a new user on the database.
*/
public void insert(User user) {
- String sql = "INSERT INTO USER(NAME, EMAIL, PASSWORD) VALUES (?, ?, ?)";
+ String sql1 = "INSERT INTO USER(NAME, EMAIL, PASSWORD) VALUES (?, ?, ?)";
KeyHolder holder = new GeneratedKeyHolder();
this.jdbcTemplate.update((connection) -> {
- PreparedStatement pstmt = connection.prepareStatement(sql);
+ PreparedStatement pstmt = connection.prepareStatement(sql1);
pstmt.setString(1, user.getName());
pstmt.setString(2, user.getEmail().toLowerCase().trim());
pstmt.setString(3, user.getPassword());
@@ -55,7 +55,7 @@ public void insert(User user) {
* @return The user with the provided ID.
*/
public User find(int id) {
- String sql = getBaseQuery() + " WHERE ID = ?";
+ String sql = getBaseQuery() + "WHERE ID = ?";
return this.jdbcTemplate.queryForObject(sql, new Object[] { id }, ROW_MAPPER);
};
@@ -64,7 +64,7 @@ public User find(int id) {
*/
public User find(String email) {
try {
- String sql = getBaseQuery() + " WHERE EMAIL = ?";
+ String sql = getBaseQuery() + "WHERE EMAIL = ?";
return this.jdbcTemplate.queryForObject(sql, new Object[] { email.toLowerCase().trim() }, ROW_MAPPER);
} catch (EmptyResultDataAccessException e) {
return null;