Skip to content

Commit f3c4218

Browse files
VictorHarshShah1997
Victor
authored and
HarshShah1997
committed
Fix several possible SQL Injections
1 parent ad5eb71 commit f3c4218

File tree

1 file changed

+12
-12
lines changed

1 file changed

+12
-12
lines changed

main.py

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,9 @@ def getLoginDetails():
1717
noOfItems = 0
1818
else:
1919
loggedIn = True
20-
cur.execute("SELECT userId, firstName FROM users WHERE email = '" + session['email'] + "'")
20+
cur.execute("SELECT userId, firstName FROM users WHERE email = ?", (session['email'], ))
2121
userId, firstName = cur.fetchone()
22-
cur.execute("SELECT count(productId) FROM kart WHERE userId = " + str(userId))
22+
cur.execute("SELECT count(productId) FROM kart WHERE userId = ?", (userId, ))
2323
noOfItems = cur.fetchone()[0]
2424
conn.close()
2525
return (loggedIn, firstName, noOfItems)
@@ -88,7 +88,7 @@ def removeItem():
8888
with sqlite3.connect('database.db') as conn:
8989
try:
9090
cur = conn.cursor()
91-
cur.execute('DELETE FROM products WHERE productID = ' + productId)
91+
cur.execute('DELETE FROM products WHERE productID = ?', (productId, ))
9292
conn.commit()
9393
msg = "Deleted successsfully"
9494
except:
@@ -104,7 +104,7 @@ def displayCategory():
104104
categoryId = request.args.get("categoryId")
105105
with sqlite3.connect('database.db') as conn:
106106
cur = conn.cursor()
107-
cur.execute("SELECT products.productId, products.name, products.price, products.image, categories.name FROM products, categories WHERE products.categoryId = categories.categoryId AND categories.categoryId = " + categoryId)
107+
cur.execute("SELECT products.productId, products.name, products.price, products.image, categories.name FROM products, categories WHERE products.categoryId = categories.categoryId AND categories.categoryId = ?", (categoryId, ))
108108
data = cur.fetchall()
109109
conn.close()
110110
categoryName = data[0][4]
@@ -125,7 +125,7 @@ def editProfile():
125125
loggedIn, firstName, noOfItems = getLoginDetails()
126126
with sqlite3.connect('database.db') as conn:
127127
cur = conn.cursor()
128-
cur.execute("SELECT userId, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = '" + session['email'] + "'")
128+
cur.execute("SELECT userId, email, firstName, lastName, address1, address2, zipcode, city, state, country, phone FROM users WHERE email = ?", (session['email'], ))
129129
profileData = cur.fetchone()
130130
conn.close()
131131
return render_template("editProfile.html", profileData=profileData, loggedIn=loggedIn, firstName=firstName, noOfItems=noOfItems)
@@ -141,7 +141,7 @@ def changePassword():
141141
newPassword = hashlib.md5(newPassword.encode()).hexdigest()
142142
with sqlite3.connect('database.db') as conn:
143143
cur = conn.cursor()
144-
cur.execute("SELECT userId, password FROM users WHERE email = '" + session['email'] + "'")
144+
cur.execute("SELECT userId, password FROM users WHERE email = ?", (session['email'], ))
145145
userId, password = cur.fetchone()
146146
if (password == oldPassword):
147147
try:
@@ -210,7 +210,7 @@ def productDescription():
210210
productId = request.args.get('productId')
211211
with sqlite3.connect('database.db') as conn:
212212
cur = conn.cursor()
213-
cur.execute('SELECT productId, name, price, description, image, stock FROM products WHERE productId = ' + productId)
213+
cur.execute('SELECT productId, name, price, description, image, stock FROM products WHERE productId = ?', (productId, ))
214214
productData = cur.fetchone()
215215
conn.close()
216216
return render_template("productDescription.html", data=productData, loggedIn = loggedIn, firstName = firstName, noOfItems = noOfItems)
@@ -223,7 +223,7 @@ def addToCart():
223223
productId = int(request.args.get('productId'))
224224
with sqlite3.connect('database.db') as conn:
225225
cur = conn.cursor()
226-
cur.execute("SELECT userId FROM users WHERE email = '" + session['email'] + "'")
226+
cur.execute("SELECT userId FROM users WHERE email = ?", (session['email'], ))
227227
userId = cur.fetchone()[0]
228228
try:
229229
cur.execute("INSERT INTO kart (userId, productId) VALUES (?, ?)", (userId, productId))
@@ -243,9 +243,9 @@ def cart():
243243
email = session['email']
244244
with sqlite3.connect('database.db') as conn:
245245
cur = conn.cursor()
246-
cur.execute("SELECT userId FROM users WHERE email = '" + email + "'")
246+
cur.execute("SELECT userId FROM users WHERE email = ?", (email, ))
247247
userId = cur.fetchone()[0]
248-
cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = " + str(userId))
248+
cur.execute("SELECT products.productId, products.name, products.price, products.image FROM products, kart WHERE products.productId = kart.productId AND kart.userId = ?", (userId, ))
249249
products = cur.fetchall()
250250
totalPrice = 0
251251
for row in products:
@@ -260,10 +260,10 @@ def removeFromCart():
260260
productId = int(request.args.get('productId'))
261261
with sqlite3.connect('database.db') as conn:
262262
cur = conn.cursor()
263-
cur.execute("SELECT userId FROM users WHERE email = '" + email + "'")
263+
cur.execute("SELECT userId FROM users WHERE email = ?", (email, ))
264264
userId = cur.fetchone()[0]
265265
try:
266-
cur.execute("DELETE FROM kart WHERE userId = " + str(userId) + " AND productId = " + str(productId))
266+
cur.execute("DELETE FROM kart WHERE userId = ? AND productId = ?", (userId, productId))
267267
conn.commit()
268268
msg = "removed successfully"
269269
except:

0 commit comments

Comments
 (0)