mirror of
https://github.com/avatao-content/baseimage-tutorial-framework
synced 2024-11-22 07:51:32 +00:00
Create prepared vulnerable code
This commit is contained in:
parent
e0d13840f0
commit
327376232d
27
src/components/login_component.py
Normal file
27
src/components/login_component.py
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
import sqlite3
|
||||||
|
|
||||||
|
|
||||||
|
def get_db():
|
||||||
|
return sqlite3.connect('tutorialpoc.db')
|
||||||
|
|
||||||
|
|
||||||
|
def authorize_login(email, password):
|
||||||
|
"""
|
||||||
|
This method checks if a user is authorized and has admin privileges.
|
||||||
|
:param email: The email address of the user.
|
||||||
|
:param password: The password of the user.
|
||||||
|
:return: A tuple, the first element is the email address if the user exists,
|
||||||
|
and None if they don't; the second element is a boolean, which is True if
|
||||||
|
the user has admin privileges.
|
||||||
|
"""
|
||||||
|
conn = get_db()
|
||||||
|
sql_statement = '''SELECT email, is_admin FROM users
|
||||||
|
WHERE email="{}" AND password="{}"'''
|
||||||
|
# The problem with this approach is that it substitutes any value received
|
||||||
|
# from the user, even if it is a valid SQL statement!
|
||||||
|
result = conn.execute(sql_statement.format(email, password)).fetchone()
|
||||||
|
if result is None:
|
||||||
|
return None, False
|
||||||
|
else:
|
||||||
|
email, is_admin = result
|
||||||
|
return email, is_admin == 1
|
BIN
src/components/tutorialpoc.db
Normal file
BIN
src/components/tutorialpoc.db
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user