def check_for_date(date_str):
"""Checks for an valid date string"""
try:
if rex.match(r"\d\d\d\d-\d\d-\d\d", str(date_str)) is None:
raise sqlErr("Not a Date!")
except Exception as e:
raise e
def check_for_date(date_str):
try:
if rex.match("\d\d\d\d-\d\d-\d\d",
str(date_str)) is None: # Returns None if not matched
raise sqlErr("Not a Date!")
except Exception as e:
raise e
def check_for_extra_semicolon(sql_str):
"""Checks for an extra semicolon"""
try:
if len(sql_str.split(';')) > 2:
raise sqlErr("Extra Semi-Colon Detected!")
except Exception as e:
raise e
def check_for_product_name(product_name): # Product table check
"""Checks to make sure the product name is a string"""
try:
if type(product_name) is not str:
raise sqlErr("Not a valid product name!")
except Exception as e:
raise e
def check_for_extra_semicolon(sql_str):
"""Checks for an extra semicolon"""
# print(len("Select;Delete From T1; ID, Name FROM T1;".split(';')) > 2)
try:
if len(sql_str.split(';')) > 2:
raise sqlErr("Extra Semi-Colon Detected!")
except Exception as e:
raise e
def check_for_and(sql_str):
"""Checks for an injected OR in tampered WHERE Clause"""
sql_str = sql_str.lower()
try:
if rex.search("where", sql_str, rex.IGNORECASE): # If it has a Where clause
if rex.search(' and ', sql_str.split('where')[1], rex.IGNORECASE) is not None: # injected AND?
raise sqlErr("AND Detected!")
except Exception as e:
raise e
def check_for_or(sql_str):
"""Checks for an injected OR in tampered WHERE Clause"""
try:
if rex.search("WHERE", sql_str, rex.IGNORECASE):
if rex.search(' or ',
sql_str.split('WHERE')[1],
rex.IGNORECASE) is not None:
raise sqlErr("OR Detected!")
except Exception as e:
raise e
def check_for_or(sql_str):
"""Checks for an injected OR in tampered WHERE Clause"""
# print(rex.search("WHERE", "SELECT * FROM T1 WHERE", rex.IGNORECASE))
# print(rex.search("or","FROM T1 WHERE ID = 1 or 1 = 1".split('WHERE')[1], rex.IGNORECASE))
try:
if rex.search("WHERE", sql_str,
rex.IGNORECASE): # If it has a Where clause
if rex.search(' or ',
sql_str.split('WHERE')[1],
rex.IGNORECASE) is not None: # check injected OR
raise sqlErr("OR Detected!")
except Exception as e:
raise e
def check_for_int_type(sql_str):
try:
if sql_str is not int:
raise sqlErr('Must be an integer')
except Exception as e:
raise e
def check_for_str_type(sql_str):
try:
if sql_str is not str:
raise sqlErr('Must be a string type')
except Exception as e:
raise e
def inventory_date(self, inventory_date):
if rex.match("\d\d\d\d-\d\d-\d\d", str(inventory_date)) is None:
raise sqlErr("Not a Date!")
else:
self.__inventory_date = inventory_date
