diff options
| author | ilotterytea <iltsu@alright.party> | 2024-05-13 22:49:34 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2024-05-13 22:49:34 +0500 |
| commit | 5b921c9a983b3f2588c0e151c28b26e45cf95f87 (patch) | |
| tree | 65af1692fca69e9306c35e2bc44ea29a73ec1c0e /src/utils | |
| parent | ec6c25c4d18bcc56f4a1a3e6a824492a564a26d3 (diff) | |
feat: check if the message has sql injection
Diffstat (limited to 'src/utils')
| -rw-r--r-- | src/utils/string.cpp | 15 | ||||
| -rw-r--r-- | src/utils/string.hpp | 2 |
2 files changed, 17 insertions, 0 deletions
diff --git a/src/utils/string.cpp b/src/utils/string.cpp index 9727f3f..b8ba269 100644 --- a/src/utils/string.cpp +++ b/src/utils/string.cpp @@ -1,5 +1,6 @@ #include "string.hpp" +#include <algorithm> #include <iostream> #include <sstream> #include <string> @@ -48,6 +49,20 @@ namespace bot { return str; } + + bool string_contains_sql_injection(const std::string &input) { + std::string forbidden_strings[] = {";", "--", "'", "\"", + "/*", "*/", "xp_", "exec", + "sp_", "insert", "select", "delete"}; + + for (const auto &str : forbidden_strings) { + if (input.find(str) != std::string::npos) { + return true; + } + } + + return false; + } } } } diff --git a/src/utils/string.hpp b/src/utils/string.hpp index 5c9a088..c8385ad 100644 --- a/src/utils/string.hpp +++ b/src/utils/string.hpp @@ -25,6 +25,8 @@ namespace bot { } return ss.str(); } + + bool string_contains_sql_injection(const std::string &input); } } } |