[FATAL ] SQL-Injektions werden verhindert

-Es werden  nur Eingaben des Typs '[a-z]+\\.[a- z]+@adolfinum+\\.de$' an die mySQL Tabelle weiter gebeben.

src/main/java/com/github/cato447/AbizeitungVotingSystem/controller/VotingController.java

@@ -68,21 +68,24 @@ public class VotingController {
 
     @RequestMapping("/vote")
     public String VerifyName(@RequestParam String name, Model model) {
-        try {
+        if (name.strip().toLowerCase().matches("[a-z]+\\.[a-z]+@adolfinum+\\.de$")) {
-            Voter voter = voterRepository.findByEmail(name);
+            try {
-            if (voter.getVote_status()) {
+                Voter voter = voterRepository.findByEmail(name.toLowerCase().strip());
-                LOGGER.warn(name + " has already voted");
+                if (voter.getVote_status()) {
-                return "errors/alreadyVoted.html";
+                    LOGGER.warn(name + " has already voted");
-            } else {
+                    return "errors/alreadyVoted.html";
-                List<Candidate> candidates = candidateRepository.findAll();
+                } else {
-                model.addAttribute("candidates", candidates);
+                    List<Candidate> candidates = candidateRepository.findAll();
-                LOGGER.info(name + " is voting now");
+                    model.addAttribute("candidates", candidates);
-                return "voting.html";
+                    LOGGER.info(name + " is voting now");
+                    return "voting.html";
+                }
+            } catch (Exception e) {
+                LOGGER.error(name + " is not allowed to vote");
+                return "errors/notRegistered.html";
             }
-        } catch (Exception e) {
-            LOGGER.error(name + " is not allowed to vote");
-            return "errors/notRegistered.html";
         }
+        return "errors/wrongEmail.html";
     }
 
     @RequestMapping("/processVote")