Removing characters from string in java

Question

Removing characters between single quotes. I am trying this.

If I entered sa' or '1'='1 then output should be ' or ' '='. I am working on sql injection project. What they require is removing characters from single quotes.

By using prepared statement we can prevent injection. But before that I want to remove characters between single quotes. How to do this. Is there any easy way.

StringBuilder strBuilder = new StringBuilder();
String [] ary = uname.split("");
int j = 1;
for (int i = 0 ; i < ary.length ; i++) {
    if (ary[i].equals("'")) {
        if (j == 1) {
            strBuilder = new StringBuilder();
            strBuilder.append(ary[i]);
            j++;
        }
        else if (j % 2 == 0) {
            strBuilder.append(ary[i]);
            j++;
        }
        else if (j % 3 == 0) {
            strBuilder.append(ary[i]);
        }
        else if (j % 4 == 0) {
            strBuilder.append(ary[i]);
            break;
        }
    }
    else {
        strBuilder.append(ary[i]);
    }
}
uname = strBuilder.toString();
System.out.println("uname: " + uname);

Answer 1

This is a simple implementation for removing specific characters from a string. The time complexity is O(n + m).

Note: This is only for ASCII characters.

String s = "Battle 123";
String remove = "e1";
System.out.println(removeCharacters(s,remove));


public static String removeCharacters(String sentence, String remove){
    if(sentence == null) return null;
    if(sentence != null && remove == null) return sentence;
    char[] s = sentence.toCharArray();
    char[] r = remove.toCharArray();
    int dest = 0;
    boolean[] asciiFlags = new boolean[128];        //False

    for(int i = 0;i < r.length; i++){
        asciiFlags[r[i]] = true;
    }

    for(int src =0;src<s.length;src++){
        if(!asciiFlags[s[src]]){
            s[dest++] = s[src];
        }   
    }
    return new String(s,0,dest);
}

Answer 2

I think this is the best way,

public static String removeUntil(String str, String c, int st)
{
    StringBuilder sb = new StringBuilder(str);
    str = sb.reverse().toString();
    for(int i = 0;i<st;i++)
        str = str.substring(0,str.lastIndexOf(c));
    sb = new StringBuilder(str);
    str = sb.reverse().toString();
    return str;
}

for ex:

removeUntil("I.want.to.remove.this.string.until.third.dot", ".", 3)

then result of it = "remove.this.string.until.third.dot";

Answer 3

You could do something like this, read each char one by one in the string in a loop and check if that character is ' If it is then keep on deleting the following characters in the string until the ' character comes again...

The pseudo code will be like this:

char string(10)="Da`ks`H"
for(int x=0, x<string_length, x++){
    if(string[x]=='){
        while(string[x]!='){
            delete
        }
    }
}

and if you are wondering how you can delete then you can do one thing: make a new string and in that copy the chars if the chars are not between ' so in this case it would be like:

char string(10)="Da`ks`H"
char newstring(10)
for(int x=0, x<string_length, x++){
    if(string[x]=='){
        while(string[x]!='){
            delete
        }
    }
    else{
        string[x]=newstring[x]
    }
}

Note: Above (^) I am not showing the actual code but it is just to make you understand the logic, syntax does not belong to any language

Answer 4

Not quite sure what you are doing with your code . Code will never enter else if(j%4==0) block because if this condition is true then else if(j%2==0) will obviously be true.

If you just want to skip characters between single quotes use a boolean flag. Set it to true at index it is encountered and set it to false it is encountered next. Eliminate characters in between. Repeat this till your String is parsed.