Examples with MySqlWallProvider com.alibaba.druid.wall.spi.MySqlWallProvider used on opensource projects

Example 76 with MySqlWallProvider

use of com.alibaba.druid.wall.spi.MySqlWallProvider in project druid by alibaba.

the class MySqlWallTest_comment method test_false.

public void test_false() throws Exception {
    WallProvider provider = new MySqlWallProvider();
    provider.getConfig().setCommentAllow(false);
    Assert.assertTrue(provider.checkValid("/* this is comment */ SELECT id FROM t "));
    Assert.assertTrue(provider.checkValid("-- this is comment \n SELECT * FROM t"));
    Assert.assertTrue(provider.checkValid("#this is comment \n SELECT * FROM t"));
    Assert.assertFalse(provider.checkValid("/*!40101fff*/ select * from t"));
    Assert.assertTrue(provider.checkValid("SELECT * FROM t where a=1 #this is comment \n and b=1"));
    Assert.assertTrue(provider.checkValid("SELECT * FROM t where a=1 -- this is comment \n and c=1"));
    Assert.assertTrue(provider.checkValid("SELECT * FROM t where a=1 /* this is comment */ and d=1"));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 #and c=1 \n and e=1"));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 -- AND c=1 \n and f=1"));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 /* and c=1 */ and g=1"));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 #and c=1 "));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 -- and c=1"));
    Assert.assertFalse(provider.checkValid("SELECT * FROM t where a=1 /* and c=1 */"));
}

Example 77 with MySqlWallProvider

use of com.alibaba.druid.wall.spi.MySqlWallProvider in project druid by alibaba.

the class MySqlWallTest_concat method test_true.

public void test_true() throws Exception {
    WallProvider provider = new MySqlWallProvider();
    provider.getConfig().setSelectHavingAlwayTrueCheck(true);
    Assert.assertTrue(//
    provider.checkValid("select * from tb_product_word where name='' or CONCAT(name,style)='' or CONCAT(shop,style)=''  or CONCAT(ename,style)=''"));
    Assert.assertEquals(1, provider.getTableStats().size());
    Assert.assertTrue(provider.getTableStats().containsKey("tb_product_word"));
}

Example 78 with MySqlWallProvider

use of com.alibaba.druid.wall.spi.MySqlWallProvider in project druid by alibaba.

the class MySqlWallTest65 method test_false.

public void test_false() throws Exception {
    WallProvider provider = new MySqlWallProvider();
    provider.getConfig().setSchemaCheck(true);
    Assert.assertFalse(//
    provider.checkValid("SELECT email, passwd, login_id, full_name" + " FROM members" + " WHERE member_id = 3 AND 0<(SELECT COUNT(*) FROM tabname);"));
    Assert.assertEquals(2, provider.getTableStats().size());
}

Example 79 with MySqlWallProvider

use of com.alibaba.druid.wall.spi.MySqlWallProvider in project druid by alibaba.

the class MySqlWallTest69 method test_true.

public void test_true() throws Exception {
    WallProvider provider = new MySqlWallProvider();
    provider.getConfig().setCommentAllow(true);
    Assert.assertTrue(//
    provider.checkValid("select * from T--"));
    Assert.assertEquals(1, provider.getTableStats().size());
}

Example 80 with MySqlWallProvider

use of com.alibaba.druid.wall.spi.MySqlWallProvider in project druid by alibaba.

the class MySqlWallTest70 method test_true.

public void test_true() throws Exception {
    WallProvider provider = new MySqlWallProvider();
    provider.getConfig().setCommentAllow(true);
    Assert.assertTrue(//
    provider.checkValid("select * from T/**/"));
    Assert.assertEquals(1, provider.getTableStats().size());
}