Skip to content

Latest commit

 

History

History
18 lines (14 loc) · 374 Bytes

TaintedSql.md

File metadata and controls

18 lines (14 loc) · 374 Bytes

TaintedSql

Emitted when user-controlled input can be passed into a SQL command.

<?php

class A {
    public function deleteUser(PDO $pdo) : void {
        $userId = self::getUserId();
        $pdo->exec("delete from users where user_id = " . $userId);
    }

    public static function getUserId() : string {
        return (string) $_GET["user_id"];
    }
}