module Ronin::SQL
Provides a Domain Specific Language (DSL) for crafting complex {StatementList SQL} and SQL
{Injection Injections} (SQLi).
Constants
Public Instance Methods
sql(&block)
click to toggle source
Creates a new SQL
statement list.
@yield [(statements)]
If a block is given, it will be evaluated within the statement list. If the block accepts an argument, the block will be called with the new statement list.
@yieldparam [StatementList] statements
The new statement list.
@return [StatementList]
The new SQL statement list.
@example
sql { select(1,2,3,4,id).from(users) } # => #<Ronin::SQL::StatementList: SELECT (1,2,3,4,id) FROM users>
@api public
# File lib/ronin/sql/sql.rb, line 55 def sql(&block) StatementList.new(&block) end
sqli(options={},&block)
click to toggle source
Creates a new SQL
injection (SQLi)
@param [Hash] options
Additional injection options.
@option options [:integer, :decimal, :string, :column] :escape
The type of element to escape out of.
@option options [Boolean] :terminate
Specifies whether to terminate the SQLi with a comment.
@option options [String, Symbol, Integer] :place_holder
Place-holder data.
@yield [(injection)]
If a block is given, it will be evaluated within the injection. If the block accepts an argument, the block will be called with the new injection.
@yieldparam [Injection] injection
The new injection.
@return [Injection]
The new SQL injection.
@example
sqli { self.and { 1 == 1 }.select(1,2,3,4,id).from(users) } # => #<Ronin::SQL::Injection: 1 AND 1=1; SELECT (1,2,3,4,id) FROM users; SELECT (1,2,3,4,id) FROM users>
@api public
# File lib/ronin/sql/sql.rb, line 91 def sqli(options={},&block) Injection.new(options,&block) end