Skip to content
Permalink
Browse files Browse the repository at this point in the history
fixed SQL injection vuln in unsanitized search input
shame on you tony
  • Loading branch information
2074786m committed Mar 23, 2015
1 parent 781d517 commit b07b79a
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 4 deletions.
1 change: 0 additions & 1 deletion README
Expand Up @@ -2,4 +2,3 @@
#TODO: automated tests from the book.
#TODO: a non-crawler population script.
#TODO: update specifications to match the project
#TODO: unsanitized search input
8 changes: 5 additions & 3 deletions recordstoreapp/views.py
Expand Up @@ -24,12 +24,14 @@ def contact(request):

def search(request):
context_dict = {}
if 'q' in request.GET and request.GET['q'] != '':
q = request.GET['q']
q = request.GET['q'].replace('%', '').replace('_', '').strip()
if 'q' in request.GET and q != '':
q = '%' + q + '%'
cursor = connection.cursor()
cursor.execute("SELECT id,title,artist,cover FROM recordstoreapp_record WHERE title like '%" + q + "%' or artist like '%" + q + "%' or label like '%" + q + "%' or cat_no like '%" + q + "%';")
cursor.execute("SELECT id,title,artist,cover FROM recordstoreapp_record WHERE title like %s or artist like %s or label like %s or cat_no like %s;", [q,q,q,q])
rec_list=cursor.fetchall()


total=len(rec_list)
pg=int(request.GET['page']) if 'page' in request.GET else 1
ub=min(pg*12, total)
Expand Down
Binary file modified recordstoreapp/views.pyc
Binary file not shown.

0 comments on commit b07b79a

Please sign in to comment.