diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..f301aa5
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.example</groupId>
+    <artifactId>sql-injection-demo</artifactId>
+    <version>1.0.0</version>
+    <packaging>jar</packaging>
+
+    <properties>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.xerial</groupId>
+            <artifactId>sqlite-jdbc</artifactId>
+            <version>3.45.1.0</version>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/src/main/java/com/example/demo/ProductSearch.java b/src/main/java/com/example/demo/ProductSearch.java
new file mode 100644
index 0000000..033b932
--- /dev/null
+++ b/src/main/java/com/example/demo/ProductSearch.java
@@ -0,0 +1,36 @@
+package com.example.demo;
+
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.Statement;
+
+public class ProductSearch {
+
+    private static final String DB_URL = "jdbc:sqlite:shop.db";
+
+    public static void searchByName(String name) throws Exception {
+        Connection conn = DriverManager.getConnection(DB_URL);
+        Statement stmt = conn.createStatement();
+
+        String query = "SELECT id, name, price FROM products WHERE name LIKE '%"
+                + name + "%'";
+
+        ResultSet rs = stmt.executeQuery(query);
+        while (rs.next()) {
+            System.out.println(rs.getInt("id") + " | " + rs.getString("name")
+                    + " | " + rs.getDouble("price"));
+        }
+        rs.close();
+        stmt.close();
+        conn.close();
+    }
+
+    public static void deleteById(String id) throws Exception {
+        Connection conn = DriverManager.getConnection(DB_URL);
+        Statement stmt = conn.createStatement();
+        stmt.executeUpdate("DELETE FROM products WHERE id = " + id);
+        stmt.close();
+        conn.close();
+    }
+}
diff --git a/src/main/java/com/example/demo/UserLogin.java b/src/main/java/com/example/demo/UserLogin.java
new file mode 100644
index 0000000..6594424
--- /dev/null
+++ b/src/main/java/com/example/demo/UserLogin.java
@@ -0,0 +1,42 @@
+package com.example.demo;
+
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.Statement;
+import java.util.Scanner;
+
+public class UserLogin {
+
+    private static final String DB_URL = "jdbc:sqlite:users.db";
+
+    public static void main(String[] args) throws Exception {
+        Scanner scanner = new Scanner(System.in);
+        System.out.print("Username: ");
+        String username = scanner.nextLine();
+        System.out.print("Password: ");
+        String password = scanner.nextLine();
+
+        if (login(username, password)) {
+            System.out.println("Login successful");
+        } else {
+            System.out.println("Login failed");
+        }
+    }
+
+    public static boolean login(String username, String password) throws Exception {
+        Connection conn = DriverManager.getConnection(DB_URL);
+        Statement stmt = conn.createStatement();
+
+        String query = "SELECT * FROM users WHERE username = '" + username
+                + "' AND password = '" + password + "'";
+
+        ResultSet rs = stmt.executeQuery(query);
+        boolean found = rs.next();
+
+        rs.close();
+        stmt.close();
+        conn.close();
+        return found;
+    }
+}