|
namespace TaintChecking
{
public static class StringUntainter
{
private static string [] TabBadStrings = new string { "select", "drop", ";", "--", "insert", "delete", "xp_", "%", "&",
"'", "(", ")", "/", "\\", ":", ";", "<", ">", "=", "[", "]", "?",
"`", "|" };
public static string IsFreeOfSQLInjectionUntainter(string target)
{
string taintedStringLower = target.ToLower();
return !TabBadStrings.Any( s => taintedStringLower.Contains(s) );
}
public static string NOPUntainter(string target)
{
return true;
}
}
}
|
By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.
If a file you wish to view isn't highlighted, and is a text file (not binary), please
let us know and we'll add colourisation support for it.
Paul Lessard has received a MSc in computer science and a BASc in computer science and software engineering. He is currently employed as a software developer and junior architect.