You are here

function CoderSecurityTest::testSecuritySQLVariableInjection in Coder 6

Same name and namespace in other branches
  1. 6.2 tests/coder_security.test \CoderSecurityTest::testSecuritySQLVariableInjection()

File

tests/coder_security.test, line 28

Class

CoderSecurityTest

Code

function testSecuritySQLVariableInjection() {
  $this
    ->assertCoderFail('  $results = db_query("SELECT * FROM {node} WHERE nid=$nid");');
  $this
    ->assertCoderPass('  $results = db_query("SELECT * FROM {false_accounts} WHERE uids REGEXP \'^%s,|,%s,|,%s$\'");');
  $this
    ->assertCoderPass('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderFail('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=\'%s\' AND (r.title REGEXP \'^[^[:alpha:]].*$\') AND nid=$nid");');
  $this
    ->assertCoderFail('  $results = db_query("SELECT COUNT(n.nid) FROM {node} n INNER JOIN {node_revisions} r USING (nid, vid) WHERE n.type=$type AND (r.title REGEXP \'^[^[:alpha:]].*$\')");');
  $this
    ->assertCoderFail('  $results = db_query("SELECT * FROM {foo} WHERE name=$name");');
  $this
    ->assertCoderFail('  db_query("INSERT INTO {foo} SET name=\'$name\'");');
  $this
    ->assertCoderFail('  $sql = "INSERT INTO {foo} SET name=\'$name\'";');
  $this
    ->assertCoderPass('  update_sql("INSERT INTO {foo} SET name=\'$name\'");');
  $this
    ->assertCoderPass('  db_result(db_query("SELECT filename FROM {system} WHERE name = \'%s\'", "ad_$detail->adtype"));');
}