Skip to content

Rizan ibrahim w3 database #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rizan-ibrahim wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Rizan ibrahim w3 database #22

rizan-ibrahim wants to merge 5 commits into from

Conversation

@rizan-ibrahim
Copy link

@rizan-ibrahim rizan-ibrahim commented Jun 4, 2025

No description provided.

@yunchen4 yunchen4 self-assigned this Jun 6, 2025
yunchen4
yunchen4 requested changes Jun 7, 2025
View reviewed changes
Copy link

@yunchen4 yunchen4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey Rizan,
There are some points that you need to rework, especially for the mongodb exercise. Otherwise it looks good.
Please let me know on Slack when you finish the rework, so I can review it again!

Week3/assingnment/3.3/sql-injection.js
Comment on lines +1 to +2
function getPopulation(conn, table, name, code, cb) {
// assuming that connection to the database is established and stored as conn
Copy link

@yunchen4 yunchen4 Jun 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs rework: I didn't see the answer for the first question in 3.3?

Give an example of a value that can be passed as name and code that would take advantage of SQL-injection and ( fetch all the records in the database)

Copy link

@yunchen4 yunchen4 Jun 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still didn't see the answer for this question?

Week3/assingnment/3.2/transaction.js
await connection.execute(
`
insert into account_changes (account_no,amount,change_date,remark)
values (?,?,now(),?)`,
Copy link

@yunchen4 yunchen4 Jun 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to use NOW() here 👍

yunchen4
yunchen4 requested changes Jun 13, 2025
View reviewed changes
Copy link

@yunchen4 yunchen4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey Rizan,

Nice work done on the mongodb exercises. But I still didn't see the answer for SQL injection question 1?

yunchen4
yunchen4 approved these changes Jun 13, 2025
View reviewed changes
Copy link

@yunchen4 yunchen4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yunchen4 yunchen4 yunchen4 approved these changes

Assignees

@yunchen4 yunchen4

Labels

Approved

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rizan-ibrahim @yunchen4