From a25f6f19d2ec80ebf08b6a677f3f084c966d74b4 Mon Sep 17 00:00:00 2001
From: Elvira Shorko <101182210+eShorko@users.noreply.github.com>
Date: Wed, 3 Jul 2024 11:44:53 +0200
Subject: [PATCH 1/3] Update pom.xml

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index f146d29..13ef560 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.4.2.RELEASE</version>
+		<version>1.4.1.RELEASE</version>
 	</parent>
 
 	<properties>

From 743f2afa5900ae310836f10aaeea92d4fc672e16 Mon Sep 17 00:00:00 2001
From: Elvira Shorko <101182210+eShorko@users.noreply.github.com>
Date: Wed, 3 Jul 2024 12:19:20 +0200
Subject: [PATCH 2/3] Update UserRepository.java

---
 .../vulnerablejavawebapp/repository/UserRepository.java       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
index b8aec17..fa111ad 100644
--- a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
+++ b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
@@ -37,11 +37,11 @@ public class UserRepository {
 	 * Creates a new user on the database.
 	 */
 	public void insert(User user) {
-		String sql = "INSERT INTO USER(NAME, EMAIL, PASSWORD) VALUES (?, ?, ?)";
+		String sql1 = "INSERT INTO USER(NAME, EMAIL, PASSWORD) VALUES (?, ?, ?)";
 		KeyHolder holder = new GeneratedKeyHolder();
 		
 		this.jdbcTemplate.update((connection) -> {
-			PreparedStatement pstmt = connection.prepareStatement(sql);
+			PreparedStatement pstmt = connection.prepareStatement(sql1);
 			pstmt.setString(1, user.getName());
 			pstmt.setString(2, user.getEmail().toLowerCase().trim());
 			pstmt.setString(3, user.getPassword());

From 75e20cba5d92978944b8c60805b498d3fe5e5f09 Mon Sep 17 00:00:00 2001
From: Elvira Shorko <101182210+eShorko@users.noreply.github.com>
Date: Wed, 3 Jul 2024 12:22:25 +0200
Subject: [PATCH 3/3] Update UserRepository.java

---
 .../vulnerablejavawebapp/repository/UserRepository.java       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
index fa111ad..5f0a5fb 100644
--- a/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
+++ b/src/main/java/com/github/rafaelrpinto/vulnerablejavawebapp/repository/UserRepository.java
@@ -55,7 +55,7 @@ public void insert(User user) {
 	 * @return The user with the provided ID.
 	 */
 	public User find(int id) {
-		String sql = getBaseQuery() + " WHERE ID = ?";
+		String sql = getBaseQuery() + "WHERE ID = ?";
 		return this.jdbcTemplate.queryForObject(sql, new Object[] { id }, ROW_MAPPER);
 	};
 	
@@ -64,7 +64,7 @@ public User find(int id) {
 	 */
 	public User find(String email) {
 		try {
-			String sql = getBaseQuery() + " WHERE EMAIL = ?";
+			String sql = getBaseQuery() + "WHERE EMAIL = ?";
 			return this.jdbcTemplate.queryForObject(sql, new Object[] { email.toLowerCase().trim() }, ROW_MAPPER);
 		} catch (EmptyResultDataAccessException e) {
 			return null;