Slide 4
Slide 4 text
Confidential & proprietary © Sqreen, 2015
We make products antifragile.
We make products antifragile.
(dbg) break ActiveRecord::ConnectionAdapters::SQLite3Adapter.exec_query
Successfully created breakpoint with id 1
(dbg) continue
[283, 292] in …/active_record/connection_adapters/sqlite3_adapter.rb
287:
=> 288: def exec_query(sql, name = nil, binds = [])
289: type_casted_binds = binds.map { |col, val|
290: [col, type_cast(val, col)]
291: }
292:
(dbg) p sql
sql = SELECT * FROM posts WHERE id=3
SQL injection protection:
database driver