dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Formatting according to OWASP WebGoat Java Style

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@359 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
brandon.devries
2008-08-05 17:32:17 +00:00
parent 7918037066
commit 17af39e428
77 changed files with 855 additions and 1108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
main/project/JavaSource/org/owasp/webgoat/lessons/SqlNumericInjection.java
View File

@ -310,13 +310,13 @@ public class SqlNumericInjection extends SequentialLessonAdapter
protected List<String> getHints(WebSession s)
{
List<String> hints = new ArrayList<String>();
hints.add("The application is taking the input from the select box and inserts it at the end of a pre-formed SQL command.");
hints
.add("The application is taking the input from the select box and inserts it at the end of a pre-formed SQL command.");
hints.add("This is the code for the query being built and issued by WebGoat:<br><br> "
+ "\"SELECT * FROM weather_data WHERE station = \" + station ");
hints.add("Compound SQL statements can be made by joining multiple tests with keywords like AND and OR. "
+ "Try appending a SQL statement that always resolves to true.");
hints.add("Try to intercept the post request with WebScarab and replace the station " +
"with 101 OR 1 = 1");
hints.add("Try to intercept the post request with WebScarab and replace the station " + "with 101 OR 1 = 1");
return hints;
}
@ -351,7 +351,7 @@ public class SqlNumericInjection extends SequentialLessonAdapter
super.handleRequest(s);
} catch (Exception e)
{
//System.out.println("Exception caught: " + e);
// System.out.println("Exception caught: " + e);
e.printStackTrace(System.out);
}
}