Hi , I am struck up in below Trailhead challange and could not understand what wrong in my code. Please help
Thanks in advance
Simulate a SOQL Injection Attack For this challenge, perform a SOQL injection on the search box to see information that is unintentionally exposed. Navigate to the SOQL Injection Challenge tab within the SOQL Injection application. You will see a search tool for the supply__c object. Use the search box to perform a SOQL injection which returns supplies meant for Nobles only. Hint: If you’ve done this successfully, your query should return one result containing Venison.
SOQL_Injection_Challenge:
public class SOQL_Injection_Challenge {
public string textual {get; set;} public List<Supply__c> whereclause_records {get; set;}
//SELECT Id,Name,Quantity__c,Storage_Location__c,Type__c FROM Supply__c public PageReference whereclause_search(){ string query = 'SELECT Id,Name,Quantity__c,Storage_Location__c,Storage_Location__r.Castle__c,Type__c FROM Supply__c'; string whereClause = '';
Hi , I am also facing some problem with salesforce Trailhead SOQL injection Challenge, I tried many ways but still i am getting error . can you suggest me where i am going wrong ? Thank you
SOQL_Injection_Challenge:
public class SOQL_Injection_Challenge { public string textual {get; set;} public List<Supply__c> whereclause_records {get; set;} //SELECT Id,Name,Quantity__c,Storage_Location__c,Type__c FROM Supply__c public PageReference whereclause_search(){ string query = 'SELECT Id,Name,Quantity__c,Storage_Location__c,Storage_Location__r.Castle__c,Type__c FROM Supply__c'; string whereClause = ''; if(textual != null && textual!=''){ whereClause += 'name like \'%'+textual+'%\' '; } if(whereClause != ''){ whereclause_records = database.query(query+' where '+whereClause+' Limit 10'); validate(whereClause,whereclause_records.size()); } return null; } public void validate(string s, integer i){ if(s.contains('\'%') && s.containsIgnoreCase('Nobles_Only__c') && s.contains('%\'') && i<10){ cvcs__c v = cvcs__c.getInstance('sic1'); if(v==null){ v = new cvcs__c(name='sic1',c1__c = 1); } else { v.c1__c += 1; } upsert v; } }
Hi , I am also facing some problem with salesforce Trailhead SOQL injection Challenge, I tried many ways but still i am getting error . can you suggest me where i am going wrong ? Thank you
Simulate a SOQL Injection Attack For this challenge, perform a SOQL injection on the search box to see information that is unintentionally exposed. Navigate to the SOQL Injection Challenge tab within the SOQL Injection application. You will see a search tool for the supply__c object. Use the search box to perform a SOQL injection which returns supplies meant for Nobles only. Hint: If you’ve done this successfully, your query should return one result containing Venison.
SOQL_Injection_Challenge:
public class SOQL_Injection_Challenge {
public string textual {get; set;} public List<Supply__c> whereclause_records {get; set;}
//SELECT Id,Name,Quantity__c,Storage_Location__c,Type__c FROM Supply__c public PageReference whereclause_search(){ string query = 'SELECT Id,Name,Quantity__c,Storage_Location__c,Storage_Location__r.Castle__c,Type__c FROM Supply__c'; string whereClause = '';
Hi , I am struck up in below Trailhead challange and could not understand what wrong in my code. Please help
Thanks in advance
Simulate a SOQL Injection Attack For this challenge, perform a SOQL injection on the search box to see information that is unintentionally exposed. Navigate to the SOQL Injection Challenge tab within the SOQL Injection application. You will see a search tool for the supply__c object. Use the search box to perform a SOQL injection which returns supplies meant for Nobles only. Hint: If you’ve done this successfully, your query should return one result containing Venison.
SOQL_Injection_Challenge:
public class SOQL_Injection_Challenge {
public string textual {get; set;} public List<Supply__c> whereclause_records {get; set;}
//SELECT Id,Name,Quantity__c,Storage_Location__c,Type__c FROM Supply__c public PageReference whereclause_search(){ string query = 'SELECT Id,Name,Quantity__c,Storage_Location__c,Storage_Location__r.Castle__c,Type__c FROM Supply__c'; string whereClause = '';
Hi , I am also facing some problem with salesforce Trailhead SOQL injection Challenge, I tried many ways but still i am getting error . can you suggest me where i am going wrong ? Thank you
SOQL_Injection_Challenge:
public class SOQL_Injection_Challenge { public string textual {get; set;} public List<Supply__c> whereclause_records {get; set;} //SELECT Id,Name,Quantity__c,Storage_Location__c,Type__c FROM Supply__c public PageReference whereclause_search(){ string query = 'SELECT Id,Name,Quantity__c,Storage_Location__c,Storage_Location__r.Castle__c,Type__c FROM Supply__c'; string whereClause = ''; if(textual != null && textual!=''){ whereClause += 'name like \'%'+textual+'%\' '; } if(whereClause != ''){ whereclause_records = database.query(query+' where '+whereClause+' Limit 10'); validate(whereClause,whereclause_records.size()); } return null; } public void validate(string s, integer i){ if(s.contains('\'%') && s.containsIgnoreCase('Nobles_Only__c') && s.contains('%\'') && i<10){ cvcs__c v = cvcs__c.getInstance('sic1'); if(v==null){ v = new cvcs__c(name='sic1',c1__c = 1); } else { v.c1__c += 1; } upsert v; } }
