Skip to content

Commit

Permalink
add exercices
Browse files Browse the repository at this point in the history
  • Loading branch information
@donsez
donsez committed Nov 8, 2024
1 parent 1781084 commit a0dd785
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 0 deletions.
Binary file added jdbc-postgresql/1705992627213.jpg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
25 changes: 25 additions & 0 deletions jdbc-postgresql/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,30 @@ or
java -cp $APP_CLASSPATH $MAIN_CLASS
```

## Exercice: pass SELECT query as program argument

Duplicate `src/main/java/com/mkyong/jdbc/JDBCExample2.java` in `src/main/java/com/mkyong/jdbc/GenericQuery.java`

Pass the `SQL_SELECT` string as program argument.

Use `[getObject(int)](https://docs.oracle.com/javase/6/docs/api/java/sql/ResultSet.html#getObject(int))` for printing the column values

Then use `ResultSetMetaData` for printing the column names.
```java
ResultSetMetaData metaData = rs.getMetaData();
Integer columnCount = metaData.getColumnCount();
String tableName = getTableName(columnNumber); //
String columnName = getColumnName(columnNumber); // to get the name of the column
String columnLabel = getColumnLabel(int columnNumber); // to get the name of the column
String tableName = getColumnLabel(int columnNumber); // to access the label of the column, which is specified after AS in the SQL query
```

## Exercice: SQL injection

Write a program exposed to [SQL injection](https://fr.wikipedia.org/wiki/Injection_SQL).

![](1705992627213.jpg)
(Source Gizmodo)

## Extra: JDBC URL

Expand Down Expand Up @@ -132,3 +154,6 @@ git diff pom.xml

## References
* https://jdbc.postgresql.org/documentation/use/



0 comments on commit a0dd785

Please sign in to comment.