Example 81 with CFLintResult
use of com.cflint.api.CFLintResult in project CFLint by cflint.
the class TestCFBugs_QueryParams method testCFScript_QueryParams_EscapeHashes.
@Test
public void testCFScript_QueryParams_EscapeHashes() throws CFLintScanException {
final String cfcSrc = "<cfcomponent>\r\n" + "<cffunction name=\"rateBop\" >\r\n" + "<cfquery name=\"LOCAL.categories\">\r\n" + "SELECT * FROM product_categories p\r\n" + "WHERE p.##id = 1\r\n" + "</cfquery>\r\n" + "</cffunction>" + "</cfcomponent>";
CFLintResult lintresult = cfBugs.scan(cfcSrc, "test");
final Map<String, List<BugInfo>> result = lintresult.getIssues();
assertEquals(0, result.size());
}Example 82 with CFLintResult
use of com.cflint.api.CFLintResult in project CFLint by cflint.
the class TestCFBugs_QueryParams method testCFScript_QueryParams_ignore_offset.
@Test
public void testCFScript_QueryParams_ignore_offset() throws CFLintScanException {
final String cfcSrc = "<cfcomponent>\n" + " <cffunction name=\"foo\">\n" + " <cfset var fooQry=\"\"/>\n" + " <cfquery name=\"fooQry\" datasource=\"#arguments.siteDomain#com\" cachedwithin=\"#createTimeSpan(0,0,5,0)#\">\n" + " SELECT\n" + " M.firstName\n" + " <!--- @CFLintIgnore CFQUERYPARAM_REQ --->\n" + " FROM #application.linkedServerName#.schema.dbo.Comment C WITH (NOLOCK)\n" + " LEFT OUTER JOIN something SM WITH (NOLOCK)\n" + " ON C.memberID = SM.memberID\n" + " INNER JOIN somethingelse m\n" + " ON m.memberID = sm.memberid\n" + " LEFT OUTER JOIN #application.linkedServerName#.schema.dbo.FooTable A WITH (NOLOCK)\n" + " ON C.aID = A.aID\n" + " AND C.bar = #magicVal# <!--- \n" + " @CFLintIgnore CFQUERYPARAM_REQ --->\n" + " WHERE \n" + " <!---\n" + " @CFLintIgnore CFQUERYPARAM_REQ\n" + " --->\n" + " eID = #arguments.someNumber# AND\n" + " moderated = 1\n" + " ORDER BY\n" + " cID\n" + " </cfquery>\n" + "\n" + " </cffunction>\n" + "</cfcomponent>";
CFLintResult lintresult = cfBugs.scan(cfcSrc, "test");
final List<BugInfo> result = lintresult.getIssues().values().iterator().next();
assertEquals(1, result.size());
assertEquals("CFQUERYPARAM_REQ", result.get(0).getMessageCode());
assertEquals("application.linkedServerName", result.get(0).getVariable());
assertEquals(13, result.get(0).getLine());
// get the non-ignored one
assertEquals(575, cfcSrc.indexOf("application.linkedServerName", cfcSrc.indexOf("application.linkedServerName") + 1));
assertEquals(575, result.get(0).getOffset());
}
Also used :
CFLintResult(com.cflint.api.CFLintResult)
Test(org.junit.Test)
Example 83 with CFLintResult
use of com.cflint.api.CFLintResult in project CFLint by cflint.
the class TestCFBugs_QueryParams method testCFScript_QueryParams_Script_Hashes.
@Test
public void testCFScript_QueryParams_Script_Hashes() throws CFLintScanException {
final String cfcSrc = "<cfcomponent>\r\n" + "<cffunction name=\"rateBop\" >\r\n" + "<cfscript>\r\n" + "local.query = new Query();" + "local.query.setSql(\"\r\n" + " SELECT id from table where id = #arguments.id#\");" + "</cfscript>\r\n" + "</cffunction>" + "</cfcomponent>";
CFLintResult lintresult = cfBugs.scan(cfcSrc, "test");
final List<BugInfo> result = lintresult.getIssues().get("QUERYPARAM_REQ");
assertEquals(1, result.size());
assertEquals("QUERYPARAM_REQ", result.get(0).getMessageCode());
assertEquals(4, result.get(0).getLine());
assertEquals("setSql", result.get(0).getVariable());
}
Also used :
CFLintResult(com.cflint.api.CFLintResult)
Test(org.junit.Test)
Example 84 with CFLintResult
use of com.cflint.api.CFLintResult in project CFLint by cflint.
the class TestCFBugs_QueryParams method testCFScript_QueryParams_2Hashes.
@Test
public void testCFScript_QueryParams_2Hashes() throws CFLintScanException {
final String cfcSrc = "<cfcomponent>\r\n" + "<cffunction name=\"rateBop\" >\r\n" + "<cfquery name=\"LOCAL.categories\">\r\n" + "SELECT * FROM product_categories p\r\n" + "WHERE p.id = #LOCAL.id#\r\n" + "and p.name = #LOCAL.abc#\r\n" + "</cfquery>\r\n" + "</cffunction>" + "</cfcomponent>";
CFLintResult lintresult = cfBugs.scan(cfcSrc, "test");
final List<BugInfo> result = lintresult.getIssues().values().iterator().next();
assertEquals(2, result.size());
assertEquals("CFQUERYPARAM_REQ", result.get(0).getMessageCode());
assertEquals(5, result.get(0).getLine());
assertEquals("LOCAL.id", result.get(0).getVariable());
assertEquals("CFQUERYPARAM_REQ", result.get(1).getMessageCode());
assertEquals(6, result.get(1).getLine());
}
Also used :
CFLintResult(com.cflint.api.CFLintResult)
Test(org.junit.Test)
Example 85 with CFLintResult
use of com.cflint.api.CFLintResult in project CFLint by cflint.
the class TestCFBugs_QueryParams method testCFScript_QueryParams_Qoq.
@Test
public void testCFScript_QueryParams_Qoq() throws CFLintScanException {
final String cfcSrc = "<cfquery name=\"outDocs\" dbtype=\"query\"> Select * From arguments.documents WHERE DocumentType = 'COLD' and TransactionType IN ('1','6') #orderBy# </cfquery> ";
CFLintResult lintresult = cfBugs.scan(cfcSrc, "test");
final Map<String, List<BugInfo>> result = lintresult.getIssues();
assertEquals(0, result.size());
}Aggregations
CFLintResult (com.cflint.api.CFLintResult)298
Test (org.junit.Test)289
List (java.util.List)70
CFLintAPI (com.cflint.api.CFLintAPI)2
StringWriter (java.io.StringWriter)2
Ignore (org.junit.Ignore)2
CFLintConfiguration (com.cflint.config.CFLintConfiguration)1
CFLintConfigurationException (com.cflint.exception.CFLintConfigurationException)1
CFLintScanException (com.cflint.exception.CFLintScanException)1
MarshallerException (com.cflint.xml.MarshallerException)1
File (java.io.File)1
FileWriter (java.io.FileWriter)1
IOException (java.io.IOException)1
InputStreamReader (java.io.InputStreamReader)1
OutputStreamWriter (java.io.OutputStreamWriter)1
PrintWriter (java.io.PrintWriter)1
Writer (java.io.Writer)1
JAXBException (javax.xml.bind.JAXBException)1
TransformerException (javax.xml.transform.TransformerException)1
