-
Notifications
You must be signed in to change notification settings - Fork 1
Home
The QueryTool is a library that allows easier and faster connections with Postgres databases. Whit it, you can make insertions, selections, updates and deletions in the database in a simple and effective way.
The QueryTool uses the Postgres pg module, which has parametrization of query values to avoid SQL Injection, in addition, all parameters sent to insert, select, update and delete methods undergo a SQL Injection check before reaching the module pg.
The check looks for any matches of the following terms:
truncate, drop, update, insert, select, truncate table, drop table, drop column, drop database, alter table, add column, create table, create database, create view, create index and update table.
The search for the term select is not performed only in the columns of the select method as it is possible to have sub queries within the columns.
If a match is found for any of the terms mentioned above, QueryTool will throw an error and all execution will stop.
© 2021-Ana Paula Oliveira de Lima
All rights reserved