Skip to content

Latest commit

 

History

History
61 lines (40 loc) · 2.53 KB

File metadata and controls

61 lines (40 loc) · 2.53 KB

Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection

Build Status Coverage Status CPAN License

When building SQL statements manually instead of using an ORM, any input must be quoted or passed using placeholders to prevent the introduction of SQL injection vectors. This policy attempts to detect the most common sources of SQL injection in manually crafted SQL statements, by detecting the use of variables inside interpolated strings that look like SQL statements.

INSTALLATION

To install this module, run the following commands:

perl Build.PL
./Build
./Build test
./Build install

SUPPORT AND DOCUMENTATION

After installing, you can find documentation for this module with the perldoc command.

perldoc Perl::Critic::Policy::ValuesAndExpressions::PreventSQLInjection

You can also look for information at:

LICENSE AND COPYRIGHT

Copyright (C) 2013-2017 Guillaume Aubert.

This code is free software; you can redistribute it and/or modify it under the same terms as Perl 5 itself.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the LICENSE file for more details.