(cols)
| 61 | @stackedmethod |
| 62 | def _orderByTechnique(lowerCount=None, upperCount=None): |
| 63 | def _orderByTest(cols): |
| 64 | query = agent.prefixQuery("ORDER BY %d" % cols, prefix=prefix) |
| 65 | query = agent.suffixQuery(query, suffix=suffix, comment=comment) |
| 66 | payload = agent.payload(newValue=query, place=place, parameter=parameter, where=where) |
| 67 | page, headers, code = Request.queryPage(payload, place=place, content=True, raise404=False) |
| 68 | return not any(re.search(_, page or "", re.I) and not re.search(_, kb.pageTemplate or "", re.I) for _ in ("(warning|error):", "order (by|clause)", "unknown column", "failed")) and not kb.heavilyDynamic and comparison(page, headers, code) or re.search(r"data types cannot be compared or sorted", page or "", re.I) is not None |
| 69 | |
| 70 | if _orderByTest(1 if lowerCount is None else lowerCount) and not _orderByTest(randomInt() if upperCount is None else upperCount + 1): |
| 71 | infoMsg = "'ORDER BY' technique appears to be usable. " |
no test coverage detected
searching dependent graphs…