This data here is secure from SQL injection.

private boolean validate_login(String username,String password)

{ try

{ Class.forName("com.mysql.jdbc.Driver");

Connection conn = (Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/login?" + "user=root&password=");

PreparedStatement pst = (PreparedStatement) conn.prepareStatement("Select * from login where username=? and password=?");

pst.setString(1, username);

pst.setString(2, password);

ResultSet rs = pst.executeQuery();

if(rs.next()) return true; else return false;

} catch(Exception e)

{ e.printStackTrace();

return false; }

Can you provide a code that access the SQL but not secured?