Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] SQL Injection Vulnerability and Error Handling in get_user Function #758

Open
4 tasks done
tamannaaaaa opened this issue Aug 5, 2023 · 2 comments
Open
4 tasks done
Assignees
Labels

Comments

@tamannaaaaa
Copy link

Description

The get_user function in the current code is susceptible to SQL injection attacks due to the direct inclusion of the id value from the data dictionary into the SQL query string. Additionally, there is no proper error handling for potential exceptions that may occur during the database query.

Screenshots

No response

Checklist

  • I have checked the existing issues
  • I have read the Contributing Guidelines
  • I am willing to work on this issue (optional)
  • I am a GSSoC'23 contributor
@tamannaaaaa tamannaaaaa added the enhancement New feature or request label Aug 5, 2023
@github-actions
Copy link

github-actions bot commented Aug 5, 2023

Thanks for creating this issue, @tamannaaaaa!

🚀 We really appreciate your contribution. Before we proceed, please make sure to read our Contributing Guidelines to understand the project's requirements and best practices.

🕵️‍♂️ Once you've reviewed the guidelines, please wait until one of our team members reviews the issue and provides further feedback.

🙏 Thanks again for your help, and we look forward to your valuable contributions! Happy coding! 😄

@github-actions
Copy link

github-actions bot commented Aug 5, 2023

To reduce notifications, issues are locked. Your issue will be unlocked when we add the label, gssoc23.

@github-actions github-actions bot locked and limited conversation to collaborators Aug 5, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

2 participants