Fix code scanning alert - Database query built from user-controlled sources #108

Otherwa · 2022-12-27T17:11:28Z

Tracking issue for:

https://github.com/Otherwa/Drug_Lord_v1.10/security/code-scanning/7

Otherwa · 2023-09-29T18:07:12Z

Boilerplate fix

const MongoClient = require('mongodb').MongoClient;

// Assuming you have a MongoDB connection URL
const url = 'mongodb://localhost:27017/your-database-name';

// Input from the user (you should validate and sanitize it)
const userInput = 'user-provided-value';

MongoClient.connect(url, { useNewUrlParser: true, useUnifiedTopology: true }, (err, client) => {
  if (err) throw err;

  const db = client.db(); // You can specify the database name in the db() function if needed.

  // Create a query object with $eq operator
  const query = { 'prodid': { $eq: userInput } };

  // Perform the query
  db.collection('stonks').find(query).toArray((err, result) => {
    if (err) throw err;

    // Process the query result here

Otherwa self-assigned this Sep 29, 2023

Otherwa added bug Something isn't working enhancement New feature or request help wanted Extra attention is needed labels Sep 29, 2023

Otherwa added this to @Otherwa's Drug_Lord Sep 29, 2023

Otherwa removed their assignment Sep 29, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix code scanning alert - Database query built from user-controlled sources #108

Fix code scanning alert - Database query built from user-controlled sources #108

Otherwa commented Dec 27, 2022

Otherwa commented Sep 29, 2023 •

edited

Loading

Fix code scanning alert - Database query built from user-controlled sources #108

Fix code scanning alert - Database query built from user-controlled sources #108

Comments

Otherwa commented Dec 27, 2022

Otherwa commented Sep 29, 2023 • edited Loading

Boilerplate fix

Otherwa commented Sep 29, 2023 •

edited

Loading