static void prepare()
{
using (var db = new OwaspExampleDataContext("Data Source=(local);Initial Catalog=OwaspExample;Integrated Security=True"))
{
db.ExecuteCommand("delete from Cars");
db.ExecuteCommand("delete from PrivateData");
var pd1 = new PrivateData();
pd1.Username = "******";
pd1.Secret = "Secreto de la vida, el universo y de todo: 42";
db.PrivateDatas.InsertOnSubmit(pd1);
var pd2 = new PrivateData();
pd2.Username = "******";
pd2.Secret = "Secreto de la vida, el universo y de todo: 44";
db.PrivateDatas.InsertOnSubmit(pd2);
var car1 = new Car();
car1.CarName = "Bugatti Beyron";
db.Cars.InsertOnSubmit(car1);
var car2 = new Car();
car2.CarName = "Ferrari FXX";
db.Cars.InsertOnSubmit(car2);
db.SubmitChanges();
}
}
partial void DeleteCar(Car instance);
partial void UpdateCar(Car instance);
partial void InsertCar(Car instance);
static void linq()
{
using (var db = new OwaspExampleDataContext("Data Source=(local);Initial Catalog=OwaspExample;Integrated Security=True"))
{
string carToInsert = "' DELETE PrivateData --";
var existentCar = (from c in db.Cars
where c.CarName == carToInsert
select c)
.SingleOrDefault();
if(existentCar != null)
return;
var newCar = new Car();
newCar.CarName = carToInsert;
db.Cars.InsertOnSubmit(newCar);
db.SubmitChanges();
}
}