guillaumeaubert/Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection

Issues

• False positive with commands that cannot execute SQL

  #24 opened 5 years ago by nferraz
  0

• False positive with operators like `eq`, `&&`

  #20 opened 7 years ago by cashlo
  2

• Perl::Critic::Policy::ValuesAndExpressions::PreventSQLInjection is flagging valid constructs as SQL injection risks when no such risk exists.

  #19 opened 8 years ago by cschwenz
  1

• does not detect method calls sometimes

  #13 opened 11 years ago by vsespb
  8

• detect sql string modification

  #11 opened 11 years ago by vsespb
  2

• weird case with ternary operator

  #12 opened 11 years ago by vsespb
  3

• Detect use of constants

  #10 opened 11 years ago by krismatthews
  0

• SQL safe variable lists should accept both space and comma separators

  #9 opened 11 years ago by guillaumeaubert
  1

• Detect use of quote_identifier() and quote() from DBI

  #8 opened 11 years ago by guillaumeaubert
  1

• Unable to whitelist concatenated variables

  #7 opened 11 years ago by sprinkla
  2

• False positives - Non-SQL string with a potential SQL keyword

  #6 opened 11 years ago by guillaumeaubert
  0

• Issue with SQL statements in an array with variables

  #5 opened 11 years ago by guillaumeaubert
  1

• Detect concatenation

  #2 opened 11 years ago by guillaumeaubert
  1

• Detect use of sprintf()

  #3 opened 11 years ago by guillaumeaubert
  0

• Heredoc support

  #1 opened 11 years ago by guillaumeaubert
  0