Module: Ronin::Code::SQL::Mixin

Included in:
Ronin::Code::SQL, Ronin::Code::SQL
Defined in:
lib/ronin/code/sql/mixin.rb

Overview

Adds helper methods for building SQL or SQL injections.

Since:

  • 2.1.0

Instance Method Summary collapse

Instance Method Details

#sql {|(statements)| ... } ⇒ StatementList

Creates a new SQL statement list.

Examples:

sql { select(1,2,3,4,id).from(users) }
# => #<Ronin::Code::SQL::StatementList: SELECT (1,2,3,4,id) FROM users>

Yields:

  • ((statements))

    If a block is given, it will be evaluated within the statement list. If the block accepts an argument, the block will be called with the new statement list.

Yield Parameters:

Returns:

Since:

  • 2.1.0



53
54
55
 
# File 'lib/ronin/code/sql/mixin.rb', line 53

def sql(&block)
  StatementList.new(&block)
end

#sqli(**kwargs) {|(injection)| ... } ⇒ Injection

Creates a new SQL injection (SQLi)

Examples:

sqli { self.and { 1 == 1 }.select(1,2,3,4,id).from(users) }
# => #<Ronin::Code::SQL::Injection: 1 AND 1=1; SELECT (1,2,3,4,id) FROM users; SELECT (1,2,3,4,id) FROM users>

Parameters:

Options Hash (**kwargs):

  • :escape (:integer, :decimal, :string, :column)

    The type of element to escape out of.

  • :terminate (Boolean)

    Specifies whether to terminate the SQLi with a comment.

  • :place_holder (String, Symbol, Integer)

    Place-holder data.

Yields:

  • ((injection))

    If a block is given, it will be evaluated within the injection. If the block accepts an argument, the block will be called with the new injection.

Yield Parameters:

  • injection (Injection)

    The new injection.

Returns:

Since:

  • 2.1.0



89
90
91
 
# File 'lib/ronin/code/sql/mixin.rb', line 89

def sqli(**kwargs,&block)
  Injection.new(**kwargs,&block)
end