function DatabaseSelectTestCase::testVulnerableComment
Test query COMMENT system against vulnerabilities.
File
-
modules/
simpletest/ tests/ database_test.test, line 1477
Class
- DatabaseSelectTestCase
- Test the SELECT builder.
Code
function testVulnerableComment() {
$query = db_select('test')->comment('Testing query comments */ SELECT nid FROM {node}; --');
$name_field = $query->addField('test', 'name');
$age_field = $query->addField('test', 'age', 'age');
$result = $query->execute();
$num_records = 0;
foreach ($result as $record) {
$num_records++;
}
$query = (string) $query;
$expected = "/* Testing query comments * / SELECT nid FROM {node}; -- */ SELECT test.name AS name, test.age AS age\nFROM \n{test} test";
$this->assertEqual($num_records, 4, 'Returned the correct number of rows.');
$this->assertEqual($query, $expected, 'The flattened query contains the sanitised comment string.');
$connection = Database::getConnection();
foreach ($this->makeCommentsProvider() as $test_set) {
list($expected, $comments) = $test_set;
$this->assertEqual($expected, $connection->makeComment($comments));
}
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.