Package com.alibaba.druid.wall

Examples of com.alibaba.druid.wall.WallProvider.checkValid()

28
29
30
31
32
33
34
35
36
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(false);

        String sql = "SELECT name, '******' password, createTime from user where name like 'admin%' AND (SELECT 6384 FROM(SELECT COUNT(*),CONCAT(0x3a64686c3a,(SELECT (CASE WHEN (3252 = 3252) THEN 1 ELSE 0 END)),0x3a766f723a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'=''";

        Assert.assertFalse(provider.checkValid(sql));
    }

}
View Full Code Here
32
33
34
35
36
37
38
39
40
41
42
public class MySqlWallTest76 extends TestCase {

    public void test_false() throws Exception {
        WallProvider provider = new MySqlWallProvider();
       
        Assert.assertFalse(provider.checkValid(//
        "SELECT * FROM T WHERE FID = ? OR GREATEST(2,0) = 2"));

        Assert.assertEquals(1, provider.getTableStats().size());
    }

View Full Code Here
28
29
30
31
32
33
34
35
36
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(false);

        String sql = "select * from t where id = ? or substr(bin(97>>5), -1, 1)";

        Assert.assertFalse(provider.checkValid(sql));
    }

}
View Full Code Here
33
34
35
36
37
38
39
40
41
42
43
    public void test_true() throws Exception {
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(true);

        Assert.assertTrue(provider.checkValid(//
        "select * from T--"));

        Assert.assertEquals(1, provider.getTableStats().size());
    }

View Full Code Here
26
27
28
29
30
31
32
33
34
    public void test_false() throws Exception {
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(true);
       
        Assert.assertFalse(provider.checkValid("select * from t where id = 1 /*!30000union all select 2*/"));
    }

}
View Full Code Here
32
33
34
35
36
37
38
39
40
41
42
public class MySqlWallTest_ifnull_2 extends TestCase {

    public void test_false() throws Exception {
        WallProvider provider = new MySqlWallProvider();
       
        Assert.assertFalse(provider.checkValid(//
        "SELECT * FROM T WHERE FID = ? OR IFNULL(CAST(CURRENT_USER() AS CHAR))"));

        Assert.assertEquals(1, provider.getTableStats().size());
    }

View Full Code Here
26
27
28
29
30
31
32
33
34
35
36
    public void testMySql() throws Exception {
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setDropTableAllow(true);

        Assert.assertTrue(provider.checkValid(sql));
        WallTableStat tableStat = provider.getTableStat("t");
        Assert.assertEquals(1, tableStat.getDropCount());
    }

    public void testOracle() throws Exception {
View Full Code Here
35
36
37
38
39
40
41
42
43
44
45
    public void testOracle() throws Exception {
        WallProvider provider = new OracleWallProvider();
        provider.getConfig().setDropTableAllow(true);

        Assert.assertTrue(provider.checkValid(sql));
        WallTableStat tableStat = provider.getTableStat("t");
        Assert.assertEquals(1, tableStat.getDropCount());
    }

    public void testPG() throws Exception {
View Full Code Here
44
45
46
47
48
49
50
51
52
53
54
    public void testPG() throws Exception {
        WallProvider provider = new PGWallProvider();
        provider.getConfig().setDropTableAllow(true);

        Assert.assertTrue(provider.checkValid(sql));
        WallTableStat tableStat = provider.getTableStat("t");
        Assert.assertEquals(1, tableStat.getDropCount());
    }

    public void testSQLServer() throws Exception {
View Full Code Here
53
54
55
56
57
58
59
60
61
62
63
    public void testSQLServer() throws Exception {
        WallProvider provider = new SQLServerWallProvider();
        provider.getConfig().setDropTableAllow(true);

        Assert.assertTrue(provider.checkValid(sql));
        WallTableStat tableStat = provider.getTableStat("t");
        Assert.assertEquals(1, tableStat.getDropCount());
    }

}
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.