Examples of com.alibaba.druid.wall.WallProvider.checkValid()

Class com.alibaba.druid.wall.WallProvider

Examples of com.alibaba.druid.wall.WallProvider.checkValid()

com.alibaba.druid.wall.WallProvider.checkValid()

                     + " and s.qualifier IN ('TRK', 'BRC')"//
                     + " AND status='P'" //
                     + " AND islast=0" //
                     + " AND NOT EXISTS (select m.id from project_measures m WHERE m.snapshot_id=s.id)";


        Assert.assertTrue(provider.checkValid(sql));


    }


}

View Full Code Here

public class MySqlWallTest88 extends TestCase {


    public void test_false() throws Exception {
        WallProvider provider = new MySqlWallProvider();
        
        Assert.assertTrue(provider.checkValid(//
        "DROP INDEX `PRIMARY` ON t;"));


        Assert.assertEquals(1, provider.getTableStats().size());
        Assert.assertTrue(provider.getTableStats().containsKey("t"));
    }

View Full Code Here

        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(false);


        String sql = "select * from t where id = ? or bin(1) = 1";


        Assert.assertFalse(provider.checkValid(sql));
    }


}

View Full Code Here


    public void test_false() throws Exception {
        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setSchemaCheck(true);


        Assert.assertFalse(provider.checkValid(//
        "SELECT email, passwd, login_id, full_name" +
        " FROM members" +
        " WHERE member_id = 3 AND 0<(SELECT COUNT(*) FROM tabname);"));


        Assert.assertEquals(2, provider.getTableStats().size());

View Full Code Here

        WallProvider provider = new MySqlWallProvider();
        provider.getConfig().setCommentAllow(false);


        String sql = "select * from t where id = ? or 97 & 1";


        Assert.assertFalse(provider.checkValid(sql));
    }


}

View Full Code Here


    public void test_false() {
        WallProvider provider = initWallProvider();
        {
            String sql = "SELECT KL_ArticleContent,KL_ArticleTitle FROM dbo.KL_Article WHERE KL_ArticleId =13 And (Select Top 1 unicode(substring(isNull(cast(name as varchar(8000)),char(32)),7,1)) From (Select Top 9 [dbid],[name] From master..sysdatabases Order by [dbid] desc) T Order by [dbid]) between 105 and 105";
            Assert.assertFalse(provider.checkValid(sql));
        }
        {
            String sql = "SELECT KL_ArticleContent,KL_ArticleTitle FROM dbo.KL_Article WHERE KL_ArticleId =13 and (select unicode(substring(isNull(cast(db_name() as varchar(8000)),char(32)),1,1))) between 105 and 108";
            Assert.assertFalse(provider.checkValid(sql));
        }

View Full Code Here

            String sql = "SELECT KL_ArticleContent,KL_ArticleTitle FROM dbo.KL_Article WHERE KL_ArticleId =13 And (Select Top 1 unicode(substring(isNull(cast(name as varchar(8000)),char(32)),7,1)) From (Select Top 9 [dbid],[name] From master..sysdatabases Order by [dbid] desc) T Order by [dbid]) between 105 and 105";
            Assert.assertFalse(provider.checkValid(sql));
        }
        {
            String sql = "SELECT KL_ArticleContent,KL_ArticleTitle FROM dbo.KL_Article WHERE KL_ArticleId =13 and (select unicode(substring(isNull(cast(db_name() as varchar(8000)),char(32)),1,1))) between 105 and 108";
            Assert.assertFalse(provider.checkValid(sql));
        }
    }


    public void test_false1() throws Exception {
        WallProvider provider = initWallProvider();

View Full Code Here


    public void test_false1() throws Exception {
        WallProvider provider = initWallProvider();
        {
            String sql = "select OrderId,Order_Time,oResult,oState,show_Exp_Num,Is_Exp_Print,sel_Exp_Id,Order_Th,Th_Audit_Time,Th_Delay_Days from Pro_Order_List where OrderId='2012110125252' AND HOST_NAME()=HOST_NAME() AND 'kbwg'='kbwg'";
            Assert.assertFalse(provider.checkValid(sql));
        }
    }


    public void test_false2() throws Exception {
        WallProvider provider = initWallProvider();

View Full Code Here

                         + "         WHERE (id =(SELECT id FROM sysobjects WHERE (name = 'content')))" //
                         + "                 AND (name NOT IN ('billid', 'itemno', 'tableid', 'rpid'))" //
                         + "         ))" //
                         + "     AND (characteristic.closed = 0)" //
                         + "ORDER BY content_sort.sort, characteristic.code";
            Assert.assertFalse(provider.checkValid(sql));
        }
    }


    public void test_false3() throws Exception {
        WallProvider provider = initWallProvider();

View Full Code Here

            String sql = "SELECT rpid, columnname, chnname, type, textfield" //
                         + "     , valuefield, ddlbtable, ddlbwhere, ddlbsort, datatype "//
                         + "FROM characteristic "//
                         + "WHERE (closed = 0)" //
                         + "     AND ((SELECT COUNT(*) FROM sysobjects WHERE (id IN (SELECT id FROM syscolumns WHERE name = columnname)) AND (name = 'content')) > 0) ORDER BY code";
            Assert.assertFalse(provider.checkValid(sql));
        }
    }


    public void test_true2() throws Exception {
        WallProvider provider = initWallProvider();

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.