1. Learn
    2. /
  2. Courses
    3. /
  3. Querying a PostgreSQL Database in Java
Connected

Exercise

Prepared Statements

After discovering the SQL injection vulnerability, CityBook Libraries needs you to secure the book search feature. You'll switch from simple Statement objects to PreparedStatement to prevent injection attacks.

The HikariSetup class is already configured.

Instructions

100 XP
  • Use a placeholder for the title parameter.
  • Create a PreparedStatement from the connection.
  • Set the title parameter for the prepared statement.