From 74c9bd9d1e6ebfdbba40a36759621a6854538639 Mon Sep 17 00:00:00 2001 From: Rotem Shynes <109330152+rotemshynes@users.noreply.github.com> Date: Mon, 8 May 2023 12:22:29 +0300 Subject: [PATCH 1/2] Update views.py --- introduction/views.py | 100 +++++++++++++++++++++--------------------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/introduction/views.py b/introduction/views.py index b4ed8cf78..dd1392d60 100644 --- a/introduction/views.py +++ b/introduction/views.py @@ -134,56 +134,56 @@ def xss_lab3(request): #***********************************SQL****************************************************************# -def sql(request): - if request.user.is_authenticated: - - return render(request,'Lab/SQL/sql.html') - else: - return redirect('login') - -def sql_lab(request): - if request.user.is_authenticated: - - name=request.POST.get('name') - - password=request.POST.get('pass') - - if name: - - if login.objects.filter(user=name): - - sql_query = "SELECT * FROM introduction_login WHERE user='"+name+"'AND password='"+password+"'" - print(sql_query) - try: - print("\nin try\n") - val=login.objects.raw(sql_query) - except: - print("\nin except\n") - return render( - request, - 'Lab/SQL/sql_lab.html', - { - "wrongpass":password, - "sql_error":sql_query - }) - - if val: - user=val[0].user - return render(request, 'Lab/SQL/sql_lab.html',{"user1":user}) - else: - return render( - request, - 'Lab/SQL/sql_lab.html', - { - "wrongpass":password, - "sql_error":sql_query - }) - else: - return render(request, 'Lab/SQL/sql_lab.html',{"no": "User not found"}) - else: - return render(request, 'Lab/SQL/sql_lab.html') - else: - return redirect('login') +#def sql(request): +# if request.user.is_authenticated: +# +# return render(request,'Lab/SQL/sql.html') +# else: +# return redirect('login') +# +#def sql_lab(request): +# if request.user.is_authenticated: +# +# name=request.POST.get('name') +# +# password=request.POST.get('pass') +# +# if name: +# +# if login.objects.filter(user=name): +# +# sql_query = "SELECT * FROM introduction_login WHERE user='"+name+"'AND password='"+password+"'" +# print(sql_query) +# try: +# print("\nin try\n") +# val=login.objects.raw(sql_query) +# except: +# print("\nin except\n") +# return render( +# request, +# 'Lab/SQL/sql_lab.html', +# { +# "wrongpass":password, +# "sql_error":sql_query +# }) +# +# if val: +# user=val[0].user +# return render(request, 'Lab/SQL/sql_lab.html',{"user1":user}) +# else: +# return render( +# request, +# 'Lab/SQL/sql_lab.html', +# { +# "wrongpass":password, +# "sql_error":sql_query +# }) +# else: +# return render(request, 'Lab/SQL/sql_lab.html',{"no": "User not found"}) +# else: +# return render(request, 'Lab/SQL/sql_lab.html') +# else: +# return redirect('login') #***************** INSECURE DESERIALIZATION***************************************************************# From 4a2482c6d2d13b0bc1d0dc2e8cc83a87181f702f Mon Sep 17 00:00:00 2001 From: Rotem Shynes <109330152+rotemshynes@users.noreply.github.com> Date: Mon, 8 May 2023 12:23:55 +0300 Subject: [PATCH 2/2] Update views.py --- introduction/views.py | 100 +++++++++++++++++++++--------------------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/introduction/views.py b/introduction/views.py index dd1392d60..b4ed8cf78 100644 --- a/introduction/views.py +++ b/introduction/views.py @@ -134,56 +134,56 @@ def xss_lab3(request): #***********************************SQL****************************************************************# -#def sql(request): -# if request.user.is_authenticated: -# -# return render(request,'Lab/SQL/sql.html') -# else: -# return redirect('login') -# -#def sql_lab(request): -# if request.user.is_authenticated: -# -# name=request.POST.get('name') -# -# password=request.POST.get('pass') -# -# if name: -# -# if login.objects.filter(user=name): -# -# sql_query = "SELECT * FROM introduction_login WHERE user='"+name+"'AND password='"+password+"'" -# print(sql_query) -# try: -# print("\nin try\n") -# val=login.objects.raw(sql_query) -# except: -# print("\nin except\n") -# return render( -# request, -# 'Lab/SQL/sql_lab.html', -# { -# "wrongpass":password, -# "sql_error":sql_query -# }) -# -# if val: -# user=val[0].user -# return render(request, 'Lab/SQL/sql_lab.html',{"user1":user}) -# else: -# return render( -# request, -# 'Lab/SQL/sql_lab.html', -# { -# "wrongpass":password, -# "sql_error":sql_query -# }) -# else: -# return render(request, 'Lab/SQL/sql_lab.html',{"no": "User not found"}) -# else: -# return render(request, 'Lab/SQL/sql_lab.html') -# else: -# return redirect('login') +def sql(request): + if request.user.is_authenticated: + + return render(request,'Lab/SQL/sql.html') + else: + return redirect('login') + +def sql_lab(request): + if request.user.is_authenticated: + + name=request.POST.get('name') + + password=request.POST.get('pass') + + if name: + + if login.objects.filter(user=name): + + sql_query = "SELECT * FROM introduction_login WHERE user='"+name+"'AND password='"+password+"'" + print(sql_query) + try: + print("\nin try\n") + val=login.objects.raw(sql_query) + except: + print("\nin except\n") + return render( + request, + 'Lab/SQL/sql_lab.html', + { + "wrongpass":password, + "sql_error":sql_query + }) + + if val: + user=val[0].user + return render(request, 'Lab/SQL/sql_lab.html',{"user1":user}) + else: + return render( + request, + 'Lab/SQL/sql_lab.html', + { + "wrongpass":password, + "sql_error":sql_query + }) + else: + return render(request, 'Lab/SQL/sql_lab.html',{"no": "User not found"}) + else: + return render(request, 'Lab/SQL/sql_lab.html') + else: + return redirect('login') #***************** INSECURE DESERIALIZATION***************************************************************#