You are here

function CoderReviewSecurityTest::testSecuritySQLVariableInjection in Coder 7.2

Same name and namespace in other branches
  1. 7 coder_review/tests/coder_review_security.test \CoderReviewSecurityTest::testSecuritySQLVariableInjection()

Tests functionality to detect correct use of SQL variable injection.

File

coder_review/tests/coder_review_security.test, line 50

Class

CoderReviewSecurityTest
Tests the Coder_review functionality to detect security-related rules.

Code

function testSecuritySQLVariableInjection() {
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT * FROM {node_revisions} WHERE nid=$nid");');
  $this
    ->assertCoderReviewPass('  $results = db_query("SELECT * FROM {false_accounts} WHERE uids REGEXP \'^%s,|,%s,|,%s$\'");');
  $this
    ->assertCoderReviewPass('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderReviewPass('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\')"));');
  $this
    ->assertCoderReviewFail('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\') AND nid=$nid"));');
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=$type AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderReviewFail('  $results = db_query(db_rewrite_sql("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=$type AND (r.title REGEXP \'^[^[:alpha:]].*$\')"));');
  $this
    ->assertCoderReviewFail('  $results = db_query("SELECT * FROM {foo} WHERE name=$name");');
  $this
    ->assertCoderReviewFail('  db_query("INSERT INTO {foo} SET name=\'$name\'");');
  $this
    ->assertCoderReviewFail('  $sql = "INSERT INTO {foo} SET name=\'$name\'";');
  $this
    ->assertCoderReviewPass('  db_result(db_query("SELECT filename FROM {system} WHERE name = \'%s\'", "ad_$detail->adtype"));');
}