feat: check if the message has sql injection

author: ilotterytea <iltsu@alright.party> 2024-05-13 22:49:34 +0500
committer: ilotterytea <iltsu@alright.party> 2024-05-13 22:49:34 +0500
commit: 5b921c9a983b3f2588c0e151c28b26e45cf95f87 (patch)
tree: 65af1692fca69e9306c35e2bc44ea29a73ec1c0e /src/utils/string.cpp
parent: ec6c25c4d18bcc56f4a1a3e6a824492a564a26d3 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/src/utils/string.cpp b/src/utils/string.cpp
index 9727f3f..b8ba269 100644
--- a/src/utils/string.cpp
+++ b/src/utils/string.cpp
@@ -1,5 +1,6 @@
 #include "string.hpp"
 
+#include <algorithm>
 #include <iostream>
 #include <sstream>
 #include <string>
@@ -48,6 +49,20 @@ namespace bot {
 
         return str;
       }
+
+      bool string_contains_sql_injection(const std::string &input) {
+        std::string forbidden_strings[] = {";",   "--",     "'",      "\"",
+                                           "/*",  "*/",     "xp_",    "exec",
+                                           "sp_", "insert", "select", "delete"};
+
+        for (const auto &str : forbidden_strings) {
+          if (input.find(str) != std::string::npos) {
+            return true;
+          }
+        }
+
+        return false;
+      }
     }
   }
 }
author	ilotterytea <iltsu@alright.party>	2024-05-13 22:49:34 +0500
committer	ilotterytea <iltsu@alright.party>	2024-05-13 22:49:34 +0500
commit	5b921c9a983b3f2588c0e151c28b26e45cf95f87 (patch)
tree	65af1692fca69e9306c35e2bc44ea29a73ec1c0e /src/utils/string.cpp
parent	ec6c25c4d18bcc56f4a1a3e6a824492a564a26d3 (diff)