Databases
StackOverflow2013
Postsdbo
PORegex for detecting SQL Injections in WinForms
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PORegex for detecting SQL Injections in WinForms
    text
    copied!<p>i uwant to cach input, which seems to be like SQL injection. So I wrote the method:</p> <pre><code> public static bool IsInjection(string inputText) { bool isInj = false; string regexForTypicalInj = @"/\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix"; Regex reT = new Regex(regexForTypicalInj); if (reT.IsMatch(inputText)) isInj = true; string regexForUnion = @"/((\%27)|(\'))union/ix"; Regex reUn = new Regex(regexForUnion); if (reUn.IsMatch(inputText)) isInj = true; string regexForSelect = @"/((\%27)|(\'))select/ix"; Regex reS = new Regex(regexForSelect); if (reS.IsMatch(inputText)) isInj = true; string regexForInsert = @"/((\%27)|(\'))insert/ix"; Regex reI = new Regex(regexForInsert); if (reI.IsMatch(inputText)) isInj = true; string regexForUpdate = @"/((\%27)|(\'))update/ix"; Regex reU = new Regex(regexForUpdate); if (reU.IsMatch(inputText)) isInj = true; string regexForDelete = @"/((\%27)|(\'))delete/ix"; Regex reDel = new Regex(regexForDelete); if (reDel.IsMatch(inputText)) isInj = true; string regexForDrop = @"/((\%27)|(\'))drop/ix"; Regex reDr = new Regex(regexForDrop); if (reDr.IsMatch(inputText)) isInj = true; string regexForAlter = @"/((\%27)|(\'))alter/ix"; Regex reA = new Regex(regexForAlter); if (reA.IsMatch(inputText)) isInj = true; string regexForCreate = @"/((\%27)|(\'))create/ix"; Regex reC = new Regex(regexForCreate); if (reC.IsMatch(inputText)) isInj = true; return isInj; } </code></pre> <p>But seems I have done some mistakes, becouse my code do not detects injections. What i do wrong? I guess theres something wrong in defining Regex expressions?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload