or they could do something useful
Like tidy up the discarded cassettes and putting them in the bin. Surely that would solve the problem and actually achieve something in the process?
/grumpy old git
11 publicly visible posts • joined 28 Apr 2008
set serveroutput on size 1000000
drop table sql_injection_test
/
create table sql_injection_test
(username varchar2(10),
password varchar2(10))
/
insert into sql_injection_test
(username,
password)
values('user',
'test')
/
create or replace procedure sql_inj_test(in_user VARCHAR2,
in_pwd VARCHAR2) as
v_string varchar2(2000);
found_user varchar2(1);
begin
dbms_output.put_line('first run with bind variables');
v_string := 'select DECODE(count(*),0,'||''''||'N'||''''||','||
''''||'Y'||''''||')'||
' from sql_injection_test '||
' where username = :1 and password = :2';
execute immediate v_string into found_user using in_user, in_pwd;
if found_user = 'Y'
then
dbms_output.put_line('found user, ok to connect');
else
dbms_output.put_line('invalid user. Exit');
end if;
dbms_output.put_line('now run without bind variables');
v_string := 'select DECODE(count(*),0,'||''''||'N'||''''||','||
''''||'Y'||''''||')'||
' from sql_injection_test '||
' where username = '||''''||in_user||''''||
' and password = '||''''||in_pwd||'''';
dbms_output.put_line(v_string);
execute immediate v_string into found_user;
if found_user = 'Y'
then
dbms_output.put_line('found user, ok to connect');
else
dbms_output.put_line('invalid user. Exit');
end if;
end;
/
prompt *** sql_inj_test('user','test') ***
begin
sql_inj_test('user','test');
end;
/
prompt sql_inj_test('user','dunno'||''''||' or '||''''||'a'||''''||' = '||''''||'a');
begin
sql_inj_test('user','dunno'||''''||' or '||''''||'a'||''''||' = '||''''||'a');
end;
/
Sack the 'tard for not using bind variables in his sql code and get someone who knows what they are doing to do the work. It's not as if Tom Kyte hasn't been banging on about this since the beginning of the millenium.
Sick vulture because it could swallow a program spec and puke better code than that.