You are here

function CoderReviewSecurityTest::testSecuritySQLVariableInjection in Coder 7

Same name and namespace in other branches
  1. 7.2 coder_review/tests/coder_review_security.test \CoderReviewSecurityTest::testSecuritySQLVariableInjection()

File

coder_review/tests/coder_review_security.test, line 33

Class

CoderReviewSecurityTest

Code

function testSecuritySQLVariableInjection() {
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT * FROM {node_revisions} WHERE nid=$nid");');
  $this
    ->assertCoderReviewPass('  $results = db_query("SELECT * FROM {false_accounts} WHERE uids REGEXP \'^%s,|,%s,|,%s$\'");');
  $this
    ->assertCoderReviewPass('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderReviewPass('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\')"));');
  $this
    ->assertCoderReviewFail('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\') AND nid=$nid"));');
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=$type AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderReviewFail('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=$type AND (r.title REGEXP \'^[^[:alpha:]].*$\')"));');
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT * FROM {foo} WHERE name=$name");');
  $this
    ->assertCoderReviewFail('  db_query("INSERT INTO {foo} SET name=\'$name\'");');
  $this
    ->assertCoderReviewFail('  $sql = "INSERT INTO {foo} SET name=\'$name\'";');
  $this
    ->assertCoderReviewPass('  db_result(db_query("SELECT filename FROM {system} WHERE name = \'%s\'", "ad_$detail->adtype"));');
}