def check_for_date(date_str): """Checks for an valid date string""" try: if rex.match(r"\d\d\d\d-\d\d-\d\d", str(date_str)) is None: raise sqlErr("Not a Date!") except Exception as e: raise e
def check_for_date(date_str): try: if rex.match("\d\d\d\d-\d\d-\d\d", str(date_str)) is None: # Returns None if not matched raise sqlErr("Not a Date!") except Exception as e: raise e
def check_for_extra_semicolon(sql_str): """Checks for an extra semicolon""" try: if len(sql_str.split(';')) > 2: raise sqlErr("Extra Semi-Colon Detected!") except Exception as e: raise e
def check_for_product_name(product_name): # Product table check """Checks to make sure the product name is a string""" try: if type(product_name) is not str: raise sqlErr("Not a valid product name!") except Exception as e: raise e
def check_for_extra_semicolon(sql_str): """Checks for an extra semicolon""" # print(len("Select;Delete From T1; ID, Name FROM T1;".split(';')) > 2) try: if len(sql_str.split(';')) > 2: raise sqlErr("Extra Semi-Colon Detected!") except Exception as e: raise e
def check_for_and(sql_str): """Checks for an injected OR in tampered WHERE Clause""" sql_str = sql_str.lower() try: if rex.search("where", sql_str, rex.IGNORECASE): # If it has a Where clause if rex.search(' and ', sql_str.split('where')[1], rex.IGNORECASE) is not None: # injected AND? raise sqlErr("AND Detected!") except Exception as e: raise e
def check_for_or(sql_str): """Checks for an injected OR in tampered WHERE Clause""" try: if rex.search("WHERE", sql_str, rex.IGNORECASE): if rex.search(' or ', sql_str.split('WHERE')[1], rex.IGNORECASE) is not None: raise sqlErr("OR Detected!") except Exception as e: raise e
def check_for_or(sql_str): """Checks for an injected OR in tampered WHERE Clause""" # print(rex.search("WHERE", "SELECT * FROM T1 WHERE", rex.IGNORECASE)) # print(rex.search("or","FROM T1 WHERE ID = 1 or 1 = 1".split('WHERE')[1], rex.IGNORECASE)) try: if rex.search("WHERE", sql_str, rex.IGNORECASE): # If it has a Where clause if rex.search(' or ', sql_str.split('WHERE')[1], rex.IGNORECASE) is not None: # check injected OR raise sqlErr("OR Detected!") except Exception as e: raise e
def check_for_int_type(sql_str): try: if sql_str is not int: raise sqlErr('Must be an integer') except Exception as e: raise e
def check_for_str_type(sql_str): try: if sql_str is not str: raise sqlErr('Must be a string type') except Exception as e: raise e
def inventory_date(self, inventory_date): if rex.match("\d\d\d\d-\d\d-\d\d", str(inventory_date)) is None: raise sqlErr("Not a Date!") else: self.__inventory_date = inventory_date