Fixed SQLi and updated container

.jenkins

@@ -0,0 +1,101 @@
+pipeline {
+    agent any
+
+    tools { 
+        maven '3.9.9'
+    }
+
+    environment {
+        DOCKER_IMAGE = "myregistry.io/myapp:${BUILD_NUMBER}"
+        REMOTE_USER = 'deploy'
+        REMOTE_HOST = 'your.server.com'
+        REMOTE_APP_NAME = 'myapp'
+        SSH_KEY_ID = 'my-ssh-key'
+    }
+
+    stages {
+        stage('Checkout') {
+            steps {
+                echo '📥 Cloning source code...'
+                git url: 'https://github.com/CxTyler/vulnado-project.git', branch: 'master'
+            }
+        }
+
+        stage('Build') {
+            steps {
+                echo '🔧 Building the application...'
+                sh 'mvn clean package -DskipTests'
+            }
+        }
+
+        stage('Unit Tests') {
+            steps {
+                echo '🧪 Running unit tests...'
+                sh 'mvn test'
+            }
+            post {
+                always {
+                    sleep(time:12,unit:"SECONDS")
+                    //junit '**/target/surefire-reports/*.xml'
+                }
+            }
+        }
+
+        stage('Security Analysis (Checkmarx One)') {
+            steps {
+                echo '🔍 Running Checkmarx One scan...'
+                // Simulate or replace with real Checkmarx CLI command
+                //sh 'checkmarx-scan --project-name myapp --source .'
+                checkmarxASTScanner additionalOptions: '', baseAuthUrl: '', branchName: 'master', checkmarxInstallation: 'CxAST CLI Canary RSA 2025', credentialsId: '', projectName: 'VulnadoProject', serverUrl: '', tenantName: ''
+            }
+        }
+
+        stage('Docker Build & Push') {
+            steps {
+                echo '🐳 Building Docker image...'
+                //sh 'docker build -t $DOCKER_IMAGE .'
+                echo '📤 Pushing Docker image to registry...'
+                //sh 'docker push $DOCKER_IMAGE'
+            }
+        }
+
+        stage('Deploy to Dev Server') {
+            steps {
+                echo '🚀 Deploying to remote server via SSH...'
+                //sshagent (credentials: ["${SSH_KEY_ID}"]) {
+                    //sh """
+                        //ssh ${REMOTE_USER}@${REMOTE_HOST} '
+                            //docker pull $DOCKER_IMAGE &&
+                            //docker stop ${REMOTE_APP_NAME} || true &&
+                            //docker rm ${REMOTE_APP_NAME} || true &&
+                            //docker run -d --name ${REMOTE_APP_NAME} -p 8080:8080 $DOCKER_IMAGE
+                        //'
+                    //"""
+                //}
+            }
+        }
+
+        stage('Integration Tests') {
+            steps {
+                echo '🔗 Running integration tests...'
+                //sh './scripts/integration-tests.sh'
+            }
+        }
+
+        stage('Post-deploy SCA Check') {
+            steps {
+                echo '🧬 Running Software Composition Analysis (SCA)...'
+                //sh 'checkmarx-sca --source . --report-format html --output sca-report.html'
+            }
+        }
+    }
+
+    post {
+        success {
+            echo '✅ Deployment pipeline completed successfully!'
+        }
+        failure {
+            echo '❌ Pipeline failed. Check logs and retry.'
+        }
+    }
+}

.vscode/settings.json

@@ -0,0 +1,6 @@
+{
+    "java.compile.nullAnalysis.mode": "disabled",
+    "githubPullRequests.ignoredPullRequestBranches": [
+        "master"
+    ]
+}

pom.xml

@@ -33,7 +33,7 @@
 		<dependency>
 			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
-			<version>42.2.5</version>
+			<version>42.2.29</version>
 		</dependency>
 
 		<!-- https://mvnrepository.com/artifact/org.jsoup/jsoup -->

src/main/java/com/scalesec/vulnado/Comment.java

@@ -1,15 +1,22 @@
 package com.scalesec.vulnado;
 
-import org.apache.catalina.Server;
 import java.sql.*;
 import java.util.Date;
 import java.util.List;
 import java.util.ArrayList;
 import java.util.UUID;
 
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
 public class Comment {
   public String id, username, body;
   public Timestamp created_on;
+  public String zachs_team_is_the_best;
+  public String zachs_team_is_the_best_2;
 
   public Comment(String id, String username, String body, Timestamp created_on) {
     this.id = id;
@@ -18,6 +25,17 @@ public Comment(String id, String username, String body, Timestamp created_on) {
     this.created_on = created_on;
   }
 
+
+
+  @CrossOrigin(origins = "*")
+  @RequestMapping(value = "/comments", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
+  public static Comment createMyComment(@RequestHeader(value="x-auth-token") String token, @RequestBody CommentRequest input) {
+      // 🔥 Log Injection Vulnerability
+      System.out.println("New comment created by user: " + input.username);
+      System.out.println("Hello World!");
+      return Comment.create(input.username, input.body);
+  }
+
   public static Comment create(String username, String body){
     long time = new Date().getTime();
     Timestamp timestamp = new Timestamp(time);
@@ -54,9 +72,8 @@ public static List<Comment> fetch_all() {
     } catch (Exception e) {
       e.printStackTrace();
       System.err.println(e.getClass().getName()+": "+e.getMessage());
-    } finally {
-      return comments;
     }
+    return comments;
   }
 
   public static Boolean delete(String id) {
@@ -68,7 +85,6 @@ public static Boolean delete(String id) {
       return 1 == pStatement.executeUpdate();
     } catch(Exception e) {
       e.printStackTrace();
-    } finally {
       return false;
     }
   }

src/main/java/com/scalesec/vulnado/CowController.java

@@ -11,5 +11,6 @@ public class CowController {
     @RequestMapping(value = "/cowsay")
     String cowsay(@RequestParam(defaultValue = "I love Linux!") String input) {
         return Cowsay.run(input);
+
     }
 }

src/main/java/com/scalesec/vulnado/LoginController.java

@@ -18,6 +18,7 @@ public class LoginController {
   @RequestMapping(value = "/login", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
   LoginResponse login(@RequestBody LoginRequest input) {
     User user = User.fetch(input.username);
+    String apikey = "123456";
     if (Postgres.md5(input.password).equals(user.hashedPassword)) {
       return new LoginResponse(user.token(secret));
     } else {

src/main/java/com/scalesec/vulnado/User.java

@@ -1,6 +1,7 @@
 package com.scalesec.vulnado;
 
 import java.sql.Connection;
+import java.sql.PreparedStatement;
 import java.sql.Statement;
 import java.sql.ResultSet;
 import io.jsonwebtoken.Jwts;
@@ -9,6 +10,8 @@
 import io.jsonwebtoken.security.Keys;
 import javax.crypto.SecretKey;
 
+import org.springframework.web.bind.annotation.RequestBody;
+
 public class User {
   public String id, username, hashedPassword;
 
@@ -36,29 +39,32 @@ public static void assertAuth(String secret, String token) {
     }
   }
 
-  public static User fetch(String un) {
-    Statement stmt = null;
+  public static User fetch(String un) {// /src/main/java/com/scalesec/vulnado/User.java:39//SAST Node #3: un ()
+    PreparedStatement stmt = null;
     User user = null;
     try {
       Connection cxn = Postgres.connection();
-      stmt = cxn.createStatement();
-      System.out.println("Opened database successfully");
+      stmt = cxn.prepareStatement("select * from users where username = ? limit 1");
+      stmt.setString(1, un); // Set the first parameter (? symbol in query) to the username
 
-      String query = "select * from users where username = '" + un + "' limit 1";
-      System.out.println(query);
-      ResultSet rs = stmt.executeQuery(query);
+      ResultSet rs = stmt.executeQuery();//SAST Node #6: query ()//SAST Node #7 (output): executeQuery ()
       if (rs.next()) {
-        String user_id = rs.getString("user_id");
-        String username = rs.getString("username");
-        String password = rs.getString("password");
-        user = new User(user_id, username, password);
+        user = new User(
+          rs.getString("id"),
+          rs.getString("username"),
+          rs.getString("hashed_password")
+        );
       }
-      cxn.close();
+      rs.close();
     } catch (Exception e) {
       e.printStackTrace();
-      System.err.println(e.getClass().getName()+": "+e.getMessage());
     } finally {
-      return user;
+      try {
+        if (stmt != null) stmt.close();
+      } catch (Exception ex) {
+        ex.printStackTrace();
+      }
     }
+    return user;
   }
 }