[{"data":1,"prerenderedAt":10138},["ShallowReactive",2],{"navigation":3,"/security/sql-injection-protection":1016,"/security/sql-injection-protection-surround":10133},[4,54,89,123,165,211,253,331,389,439,462,488,514,540,578,624,650,672,702,736,774,800,850,856,862,868,874,928],{"title":5,"path":6,"stem":7,"children":8},"Introduction and Foundations","/introduction-and-foundations","01.introduction-and-foundations/01.index",[9,10,14,18,22,26,30,34,38,42,46,50],{"title":5,"path":6,"stem":7},{"title":11,"path":12,"stem":13},"What is Django","/introduction-and-foundations/what-is-django","01.introduction-and-foundations/02.what-is-django",{"title":15,"path":16,"stem":17},"Key Concepts and Philosophy","/introduction-and-foundations/key-concepts-and-philosophy","01.introduction-and-foundations/03.key-concepts-and-philosophy",{"title":19,"path":20,"stem":21},"MVC vs MVT: Understanding Django's Architecture","/introduction-and-foundations/mvc-vs-mvt","01.introduction-and-foundations/04.mvc-vs-mvt",{"title":23,"path":24,"stem":25},"Project Structure Overview","/introduction-and-foundations/project-structure-overview","01.introduction-and-foundations/05.project-structure-overview",{"title":27,"path":28,"stem":29},"Installing Django","/introduction-and-foundations/installing-django","01.introduction-and-foundations/06.installing-django",{"title":31,"path":32,"stem":33},"Creating Your First Django Project","/introduction-and-foundations/creating-first-project","01.introduction-and-foundations/07.creating-first-project",{"title":35,"path":36,"stem":37},"Creating Your First Django App","/introduction-and-foundations/creating-first-app","01.introduction-and-foundations/08.creating-first-app",{"title":39,"path":40,"stem":41},"Your First Django \"Hello World\"","/introduction-and-foundations/hello-world","01.introduction-and-foundations/09.hello-world",{"title":43,"path":44,"stem":45},"Django Quick Start Guide","/introduction-and-foundations/quick-start-guide","01.introduction-and-foundations/10.quick-start-guide",{"title":47,"path":48,"stem":49},"How Django Handles Requests","/introduction-and-foundations/how-django-handles-requests","01.introduction-and-foundations/11.how-django-handles-requests",{"title":51,"path":52,"stem":53},"Django Settings","/introduction-and-foundations/django-settings","01.introduction-and-foundations/12.django-settings",{"title":55,"path":56,"stem":57,"children":58},"The Development Environment","/development-environment","02.development-environment/1.index",[59,61,65,69,73,77,81,85],{"title":60,"path":56,"stem":57},"Development Environment",{"title":62,"path":63,"stem":64},"Recommended Tooling for Django Development","/development-environment/recommended-tooling","02.development-environment/2.recommended-tooling",{"title":66,"path":67,"stem":68},"Virtual Environments","/development-environment/virtual-environments","02.development-environment/3.virtual-environments",{"title":70,"path":71,"stem":72},"Django Admin and Management Commands","/development-environment/admin-and-management-commands","02.development-environment/4.admin-and-management-commands",{"title":74,"path":75,"stem":76},"Django Project Settings","/development-environment/project-settings","02.development-environment/5.project-settings",{"title":78,"path":79,"stem":80},"Managing Django Environments: Local, Staging, and Production","/development-environment/environments-local-staging-production","02.development-environment/6.environments-local-staging-production",{"title":82,"path":83,"stem":84},"Running Django Development Server","/development-environment/running-development-server","02.development-environment/7.running-development-server",{"title":86,"path":87,"stem":88},"Working with Django Shell","/development-environment/working-with-shell","02.development-environment/8.working-with-shell",{"title":90,"path":91,"stem":92,"children":93},"Templates and Presentation Layer","/templates-and-presentation","03.templates-and-presentation/1.index",[94,95,99,103,107,111,115,119],{"title":90,"path":91,"stem":92},{"title":96,"path":97,"stem":98},"Introduction to Django Templates","/templates-and-presentation/introduction-to-templates","03.templates-and-presentation/2.introduction-to-templates",{"title":100,"path":101,"stem":102},"The Django Template Language","/templates-and-presentation/django-template-language","03.templates-and-presentation/3.django-template-language",{"title":104,"path":105,"stem":106},"Template Inheritance","/templates-and-presentation/template-inheritance","03.templates-and-presentation/4.template-inheritance",{"title":108,"path":109,"stem":110},"Built-in Template Tags and Filters","/templates-and-presentation/built-in-template-tags-and-filters","03.templates-and-presentation/5.built-in-template-tags-and-filters",{"title":112,"path":113,"stem":114},"Including Static Files","/templates-and-presentation/including-static-files","03.templates-and-presentation/6.including-static-files",{"title":116,"path":117,"stem":118},"Working with Media Files","/templates-and-presentation/working-with-media-files","03.templates-and-presentation/7.working-with-media-files",{"title":120,"path":121,"stem":122},"Using Alternative Template Engines","/templates-and-presentation/using-alternative-template-engines","03.templates-and-presentation/8.using-alternative-template-engines",{"title":124,"path":125,"stem":126,"children":127},"URLs and Views","/urls-and-views","04.urls-and-views/01.index",[128,129,133,137,141,145,149,153,157,161],{"title":124,"path":125,"stem":126},{"title":130,"path":131,"stem":132},"The URL Dispatcher","/urls-and-views/the-url-dispatcher","04.urls-and-views/02.the-url-dispatcher",{"title":134,"path":135,"stem":136},"Writing Function-Based Views","/urls-and-views/writing-function-based-views","04.urls-and-views/03.writing-function-based-views",{"title":138,"path":139,"stem":140},"View Decorators","/urls-and-views/view-decorators","04.urls-and-views/04.view-decorators",{"title":142,"path":143,"stem":144},"Rendering Responses","/urls-and-views/rendering-responses","04.urls-and-views/05.rendering-responses",{"title":146,"path":147,"stem":148},"Redirects","/urls-and-views/redirects","04.urls-and-views/06.redirects",{"title":150,"path":151,"stem":152},"Handling HTTP Methods","/urls-and-views/handling-http-methods","04.urls-and-views/07.handling-http-methods",{"title":154,"path":155,"stem":156},"Conditional View Processing","/urls-and-views/conditional-view-processing","04.urls-and-views/08.conditional-view-processing",{"title":158,"path":159,"stem":160},"File Uploads","/urls-and-views/file-uploads","04.urls-and-views/09.file-uploads",{"title":162,"path":163,"stem":164},"Using Django Shortcut Functions","/urls-and-views/using-django-shortcut-functions","04.urls-and-views/10.using-django-shortcut-functions",{"title":166,"path":167,"stem":168,"children":169},"Class Based Views","/class-based-views","05.class-based-views/01.index",[170,171,175,179,183,187,191,195,199,203,207],{"title":166,"path":167,"stem":168},{"title":172,"path":173,"stem":174},"Introduction to Class-Based Views","/class-based-views/introduction-to-class-based-views","05.class-based-views/02.introduction-to-class-based-views",{"title":176,"path":177,"stem":178},"Common Base Classes","/class-based-views/common-base-classes","05.class-based-views/03.common-base-classes",{"title":180,"path":181,"stem":182},"Built-in Generic Views","/class-based-views/built-in-generic-views","05.class-based-views/04.built-in-generic-views",{"title":184,"path":185,"stem":186},"Views for CRUD Operations","/class-based-views/views-for-crud-operations","05.class-based-views/05.views-for-crud-operations",{"title":188,"path":189,"stem":190},"Handling Forms with Class-Based Views","/class-based-views/handling-forms-with-class-based-views","05.class-based-views/06.handling-forms-with-class-based-views",{"title":192,"path":193,"stem":194},"Using Mixins","/class-based-views/using-mixins","05.class-based-views/07.using-mixins",{"title":196,"path":197,"stem":198},"URL Configuration with Class-Based Views","/class-based-views/url-configuration-with-class-based-views","05.class-based-views/08.url-configuration-with-class-based-views",{"title":200,"path":201,"stem":202},"Subclassing Generic Views","/class-based-views/subclassing-generic-views","05.class-based-views/09.subclassing-generic-views",{"title":204,"path":205,"stem":206},"Asynchronous Class-Based Views","/class-based-views/asynchronous-class-based-views","05.class-based-views/10.asynchronous-class-based-views",{"title":208,"path":209,"stem":210},"Pagination","/class-based-views/pagination","05.class-based-views/11.pagination",{"title":212,"path":213,"stem":214,"children":215},"Forms and User Input","/forms-and-user-input","06.forms-and-user-input/01.index",[216,217,221,225,229,233,237,241,245,249],{"title":212,"path":213,"stem":214},{"title":218,"path":219,"stem":220},"Understanding HTML Forms","/forms-and-user-input/understanding-html-forms","06.forms-and-user-input/02.understanding-html-forms",{"title":222,"path":223,"stem":224},"Django's Role in Form Handling","/forms-and-user-input/djangos-role-in-form-handling","06.forms-and-user-input/03.djangos-role-in-form-handling",{"title":226,"path":227,"stem":228},"Creating Forms with Forms API","/forms-and-user-input/creating-forms-with-forms-api","06.forms-and-user-input/04.creating-forms-with-forms-api",{"title":230,"path":231,"stem":232},"Form Validation","/forms-and-user-input/form-validation","06.forms-and-user-input/05.form-validation",{"title":234,"path":235,"stem":236},"Built-in Fields and Widgets","/forms-and-user-input/built-in-fields-and-widgets","06.forms-and-user-input/06.built-in-fields-and-widgets",{"title":238,"path":239,"stem":240},"Form Rendering in Templates","/forms-and-user-input/form-rendering-in-templates","06.forms-and-user-input/07.form-rendering-in-templates",{"title":242,"path":243,"stem":244},"Model Forms","/forms-and-user-input/model-forms","06.forms-and-user-input/08.model-forms",{"title":246,"path":247,"stem":248},"Advanced Form Techniques","/forms-and-user-input/advanced-form-techniques","06.forms-and-user-input/09.advanced-form-techniques",{"title":250,"path":251,"stem":252},"Security Considerations for Forms","/forms-and-user-input/security-considerations-for-forms","06.forms-and-user-input/10.security-considerations-for-forms",{"title":254,"path":255,"stem":256,"children":257},"Models and Databases","/models-and-databases","07.models-and-databases/01.index",[258,259,263,267,271,275,279,283,287,291,295,299,303,307,311,315,319,323,327],{"title":254,"path":255,"stem":256},{"title":260,"path":261,"stem":262},"Understanding Django Models","/models-and-databases/understanding-django-models","07.models-and-databases/02.understanding-django-models",{"title":264,"path":265,"stem":266},"Defining Fields","/models-and-databases/defining-fields","07.models-and-databases/03.defining-fields",{"title":268,"path":269,"stem":270},"Relationships and Foreign Keys","/models-and-databases/relationships-and-foreign-keys","07.models-and-databases/04.relationships-and-foreign-keys",{"title":272,"path":273,"stem":274},"Examples of Relationship Patterns","/models-and-databases/examples-of-relationship-patterns","07.models-and-databases/05.examples-of-relationship-patterns",{"title":276,"path":277,"stem":278},"Making Queries","/models-and-databases/making-queries","07.models-and-databases/06.making-queries",{"title":280,"path":281,"stem":282},"Filtering, Ordering, and Slicing","/models-and-databases/filtering-ordering-slicing","07.models-and-databases/07.filtering-ordering-slicing",{"title":284,"path":285,"stem":286},"Managers and QuerySets","/models-and-databases/managers-and-querysets","07.models-and-databases/08.managers-and-querysets",{"title":288,"path":289,"stem":290},"Aggregation","/models-and-databases/aggregation","07.models-and-databases/09.aggregation",{"title":292,"path":293,"stem":294},"Search","/models-and-databases/search","07.models-and-databases/10.search",{"title":296,"path":297,"stem":298},"Raw SQL Queries","/models-and-databases/raw-sql-queries","07.models-and-databases/11.raw-sql-queries",{"title":300,"path":301,"stem":302},"Transactions","/models-and-databases/transactions","07.models-and-databases/12.transactions",{"title":304,"path":305,"stem":306},"Multiple Databases","/models-and-databases/multiple-databases","07.models-and-databases/13.multiple-databases",{"title":308,"path":309,"stem":310},"Tablespaces","/models-and-databases/tablespaces","07.models-and-databases/14.tablespaces",{"title":312,"path":313,"stem":314},"Composite Primary Keys","/models-and-databases/composite-primary-keys","07.models-and-databases/15.composite-primary-keys",{"title":316,"path":317,"stem":318},"Database Instrumentation","/models-and-databases/database-instrumentation","07.models-and-databases/16.database-instrumentation",{"title":320,"path":321,"stem":322},"Database Optimization","/models-and-databases/database-optimization","07.models-and-databases/17.database-optimization",{"title":324,"path":325,"stem":326},"Fixtures","/models-and-databases/fixtures","07.models-and-databases/18.fixtures",{"title":328,"path":329,"stem":330},"Signals","/models-and-databases/signals","07.models-and-databases/19.signals",{"title":332,"path":333,"stem":334,"children":335},"Migrations","/migrations","08.migrations/01.index",[336,337,341,345,349,353,357,361,365,369,373,377,381,385],{"title":332,"path":333,"stem":334},{"title":338,"path":339,"stem":340},"How Migrations Work","/migrations/how-migrations-work","08.migrations/02.how-migrations-work",{"title":342,"path":343,"stem":344},"Management Commands","/migrations/management-commands","08.migrations/03.management-commands",{"title":346,"path":347,"stem":348},"Dependencies and Workflow","/migrations/dependencies-and-workflow","08.migrations/04.dependencies-and-workflow",{"title":350,"path":351,"stem":352},"Transaction Handling","/migrations/transaction-handling","08.migrations/05.transaction-handling",{"title":354,"path":355,"stem":356},"Adding Migrations to Apps","/migrations/adding-migrations-to-apps","08.migrations/06.adding-migrations-to-apps",{"title":358,"path":359,"stem":360},"Reversing Migrations","/migrations/reversing-migrations","08.migrations/07.reversing-migrations",{"title":362,"path":363,"stem":364},"Historical Models","/migrations/historical-models","08.migrations/08.historical-models",{"title":366,"path":367,"stem":368},"Considerations When Removing Fields","/migrations/considerations-when-removing-fields","08.migrations/09.considerations-when-removing-fields",{"title":370,"path":371,"stem":372},"Data Migrations","/migrations/data-migrations","08.migrations/10.data-migrations",{"title":374,"path":375,"stem":376},"Squashing Migrations","/migrations/squashing-migrations","08.migrations/11.squashing-migrations",{"title":378,"path":379,"stem":380},"Serializing Values","/migrations/serializing-values","08.migrations/12.serializing-values",{"title":382,"path":383,"stem":384},"Supporting Multiple Django Versions","/migrations/supporting-multiple-django-versions","08.migrations/13.supporting-multiple-django-versions",{"title":386,"path":387,"stem":388},"Django Serialization Framework","/migrations/django-serialization-framework","08.migrations/14.django-serialization-framework",{"title":390,"path":391,"stem":392,"children":393},"Authentication and Authorization","/authentication-and-authorization","09.authentication-and-authorization/01.index",[394,395,399,403,407,411,415,419,423,427,431,435],{"title":390,"path":391,"stem":392},{"title":396,"path":397,"stem":398},"Overview of Django's Authentication System","/authentication-and-authorization/overview-of-django-authentication-system","09.authentication-and-authorization/02.overview-of-django-authentication-system",{"title":400,"path":401,"stem":402},"Users and Groups","/authentication-and-authorization/users-and-groups","09.authentication-and-authorization/03.users-and-groups",{"title":404,"path":405,"stem":406},"Permissions","/authentication-and-authorization/permissions","09.authentication-and-authorization/04.permissions",{"title":408,"path":409,"stem":410},"Password Management","/authentication-and-authorization/password-management","09.authentication-and-authorization/05.password-management",{"title":412,"path":413,"stem":414},"Authentication Views","/authentication-and-authorization/authentication-views","09.authentication-and-authorization/06.authentication-views",{"title":416,"path":417,"stem":418},"Login and Logout","/authentication-and-authorization/login-and-logout","09.authentication-and-authorization/07.login-and-logout",{"title":420,"path":421,"stem":422},"Custom User Models","/authentication-and-authorization/custom-user-models","09.authentication-and-authorization/08.custom-user-models",{"title":424,"path":425,"stem":426},"Middleware for Authentication","/authentication-and-authorization/middleware-for-authentication","09.authentication-and-authorization/09.middleware-for-authentication",{"title":428,"path":429,"stem":430},"Authorization in Views and Templates","/authentication-and-authorization/authorization-in-views-and-templates","09.authentication-and-authorization/10.authorization-in-views-and-templates",{"title":432,"path":433,"stem":434},"Integrating Social Authentication","/authentication-and-authorization/integrating-social-authentication","09.authentication-and-authorization/11.integrating-social-authentication",{"title":436,"path":437,"stem":438},"Security Best Practices","/authentication-and-authorization/security-best-practices","09.authentication-and-authorization/12.security-best-practices",{"title":440,"path":441,"stem":442,"children":443},"Sessions, Cookies, and State","/sessions-cookies-state","10.sessions-cookies-state/01.index",[444,446,450,454,458],{"title":445,"path":441,"stem":442},"Sessions, Cookies, and State Management",{"title":447,"path":448,"stem":449},"Introduction to Sessions","/sessions-cookies-state/introduction-to-sessions","10.sessions-cookies-state/02.introduction-to-sessions",{"title":451,"path":452,"stem":453},"Working with Cookies","/sessions-cookies-state/working-with-cookies","10.sessions-cookies-state/03.working-with-cookies",{"title":455,"path":456,"stem":457},"Server-Side Session Storage Options","/sessions-cookies-state/server-side-session-storage-options","10.sessions-cookies-state/04.server-side-session-storage-options",{"title":459,"path":460,"stem":461},"Session Security","/sessions-cookies-state/session-security","10.sessions-cookies-state/05.session-security",{"title":463,"path":464,"stem":465,"children":466},"Working with Files","/working-with-files","11.working-with-files/01.index",[467,468,472,476,480,484],{"title":463,"path":464,"stem":465},{"title":469,"path":470,"stem":471},"Files in Models","/working-with-files/files-in-models","11.working-with-files/02.files-in-models",{"title":473,"path":474,"stem":475},"The File Object","/working-with-files/the-file-object","11.working-with-files/03.the-file-object",{"title":477,"path":478,"stem":479},"Storage Backends","/working-with-files/storage-backends","11.working-with-files/04.storage-backends",{"title":481,"path":482,"stem":483},"Using Cloud Storage Providers","/working-with-files/using-cloud-storage-providers","11.working-with-files/05.using-cloud-storage-providers",{"title":485,"path":486,"stem":487},"Managing Media in Production","/working-with-files/managing-media-in-production","11.working-with-files/06.managing-media-in-production",{"title":489,"path":490,"stem":491,"children":492},"Admin Site","/admin-site","12.admin-site/01.index",[493,494,498,502,506,510],{"title":489,"path":490,"stem":491},{"title":495,"path":496,"stem":497},"Enabling the Admin","/admin-site/enabling-the-admin","12.admin-site/02.enabling-the-admin",{"title":499,"path":500,"stem":501},"Registering Models","/admin-site/registering-models","12.admin-site/03.registering-models",{"title":503,"path":504,"stem":505},"Customizing Admin Display","/admin-site/customizing-admin-display","12.admin-site/04.customizing-admin-display",{"title":507,"path":508,"stem":509},"Admin Actions","/admin-site/admin-actions","12.admin-site/05.admin-actions",{"title":511,"path":512,"stem":513},"Admin Security Best Practices","/admin-site/admin-security-best-practices","12.admin-site/06.admin-security-best-practices",{"title":515,"path":516,"stem":517,"children":518},"Middleware","/middleware","13.middleware/01.index",[519,520,524,528,532,536],{"title":515,"path":516,"stem":517},{"title":521,"path":522,"stem":523},"Middleware Overview","/middleware/middleware-overview","13.middleware/02.middleware-overview",{"title":525,"path":526,"stem":527},"Built-in Middleware","/middleware/built-in-middleware","13.middleware/03.built-in-middleware",{"title":529,"path":530,"stem":531},"Creating Custom Middleware","/middleware/creating-custom-middleware","13.middleware/04.creating-custom-middleware",{"title":533,"path":534,"stem":535},"Middleware Ordering","/middleware/middleware-ordering","13.middleware/05.middleware-ordering",{"title":537,"path":538,"stem":539},"Performance and Debugging","/middleware/performance-and-debugging","13.middleware/06.performance-and-debugging",{"title":541,"path":542,"stem":543,"children":544},"Security","/security","14.security/01.index",[545,546,550,554,558,562,566,570,574],{"title":541,"path":542,"stem":543},{"title":547,"path":548,"stem":549},"Django Security Philosophy","/security/django-security-philosophy","14.security/02.django-security-philosophy",{"title":551,"path":552,"stem":553},"Cross Site Request Forgery","/security/cross-site-request-forgery","14.security/03.cross-site-request-forgery",{"title":555,"path":556,"stem":557},"Cross Site Scripting","/security/cross-site-scripting","14.security/04.cross-site-scripting",{"title":559,"path":560,"stem":561},"SQL Injection Protection","/security/sql-injection-protection","14.security/05.sql-injection-protection",{"title":563,"path":564,"stem":565},"Clickjacking Protection","/security/clickjacking-protection","14.security/06.clickjacking-protection",{"title":567,"path":568,"stem":569},"HTTPS Setup and HSTS","/security/https-setup-and-hsts","14.security/07.https-setup-and-hsts",{"title":571,"path":572,"stem":573},"Password Storage and Cryptography","/security/password-storage-and-cryptography","14.security/08.password-storage-and-cryptography",{"title":575,"path":576,"stem":577},"Secure Deployment Checklist","/security/secure-deployment-checklist","14.security/09.secure-deployment-checklist",{"title":579,"path":580,"stem":581,"children":582},"Testing","/testing","15.testing/01.index",[583,584,588,592,596,600,604,608,612,616,620],{"title":579,"path":580,"stem":581},{"title":585,"path":586,"stem":587},"Introduction to Django Testing","/testing/introduction-to-django-testing","15.testing/02.introduction-to-django-testing",{"title":589,"path":590,"stem":591},"Writing and Running Tests","/testing/writing-and-running-tests","15.testing/03.writing-and-running-tests",{"title":593,"path":594,"stem":595},"Test Tools","/testing/test-tools","15.testing/04.test-tools",{"title":597,"path":598,"stem":599},"Testing Models","/testing/testing-models","15.testing/05.testing-models",{"title":601,"path":602,"stem":603},"Testing Views","/testing/testing-views","15.testing/06.testing-views",{"title":605,"path":606,"stem":607},"Testing Forms","/testing/testing-forms","15.testing/07.testing-forms",{"title":609,"path":610,"stem":611},"Testing Templates","/testing/testing-templates","15.testing/08.testing-templates",{"title":613,"path":614,"stem":615},"Testing Authentication","/testing/testing-authentication","15.testing/09.testing-authentication",{"title":617,"path":618,"stem":619},"Advanced Testing Topics","/testing/advanced-testing-topics","15.testing/10.advanced-testing-topics",{"title":621,"path":622,"stem":623},"Performance Testing","/testing/performance-testing","15.testing/11.performance-testing",{"title":625,"path":626,"stem":627,"children":628},"Static Assets and Frontend Integration","/static-assets-and-frontend-integration","16.static-assets-and-frontend-integration/01.index",[629,630,634,638,642,646],{"title":625,"path":626,"stem":627},{"title":631,"path":632,"stem":633},"Working with Static Files","/static-assets-and-frontend-integration/working-with-static-files","16.static-assets-and-frontend-integration/02.working-with-static-files",{"title":635,"path":636,"stem":637},"Integrating CSS and JavaScript","/static-assets-and-frontend-integration/integrating-css-and-javascript","16.static-assets-and-frontend-integration/03.integrating-css-and-javascript",{"title":639,"path":640,"stem":641},"Using Build Tools like Vite or Webpack","/static-assets-and-frontend-integration/using-build-tools-like-vite-or-webpack","16.static-assets-and-frontend-integration/04.using-build-tools-like-vite-or-webpack",{"title":643,"path":644,"stem":645},"Using React or Vue with Django","/static-assets-and-frontend-integration/using-react-or-vue-with-django","16.static-assets-and-frontend-integration/05.using-react-or-vue-with-django",{"title":647,"path":648,"stem":649},"Managing CORS","/static-assets-and-frontend-integration/managing-cors","16.static-assets-and-frontend-integration/06.managing-cors",{"title":651,"path":652,"stem":653,"children":654},"Internationalization and Localization","/internationalization-and-localization","17.internationalization-and-localization/01.index",[655,656,660,664,668],{"title":651,"path":652,"stem":653},{"title":657,"path":658,"stem":659},"Enabling Translation","/internationalization-and-localization/enabling-translation","17.internationalization-and-localization/02.enabling-translation",{"title":661,"path":662,"stem":663},"Translating Text in Code and Templates","/internationalization-and-localization/translating-text-in-code-and-templates","17.internationalization-and-localization/03.translating-text-in-code-and-templates",{"title":665,"path":666,"stem":667},"Timezone Support","/internationalization-and-localization/timezone-support","17.internationalization-and-localization/04.timezone-support",{"title":669,"path":670,"stem":671},"Locale Middleware","/internationalization-and-localization/locale-middleware","17.internationalization-and-localization/05.locale-middleware",{"title":673,"path":674,"stem":675,"children":676},"Caching","/caching","18.caching/01.index",[677,678,682,686,690,694,698],{"title":673,"path":674,"stem":675},{"title":679,"path":680,"stem":681},"Introduction to Caching","/caching/introduction-to-caching","18.caching/02.introduction-to-caching",{"title":683,"path":684,"stem":685},"Cache Backends","/caching/cache-backends","18.caching/03.cache-backends",{"title":687,"path":688,"stem":689},"Per View Caching","/caching/per-view-caching","18.caching/04.per-view-caching",{"title":691,"path":692,"stem":693},"Low Level Cache API","/caching/low-level-cache-api","18.caching/05.low-level-cache-api",{"title":695,"path":696,"stem":697},"Template Fragment Caching","/caching/template-fragment-caching","18.caching/06.template-fragment-caching",{"title":699,"path":700,"stem":701},"Deployment Level Caching Patterns","/caching/deployment-level-caching-patterns","18.caching/07.deployment-level-caching-patterns",{"title":703,"path":704,"stem":705,"children":706},"Asynchronous Django","/asynchronous-django","19.asynchronous-django/01.index",[707,708,712,716,720,724,728,732],{"title":703,"path":704,"stem":705},{"title":709,"path":710,"stem":711},"Introduction to ASGI","/asynchronous-django/introduction-to-asgi","19.asynchronous-django/02.introduction-to-asgi",{"title":713,"path":714,"stem":715},"Async Views","/asynchronous-django/async-views","19.asynchronous-django/03.async-views",{"title":717,"path":718,"stem":719},"Async ORM Status","/asynchronous-django/async-orm-status","19.asynchronous-django/04.async-orm-status",{"title":721,"path":722,"stem":723},"WebSockets with Channels","/asynchronous-django/websockets-with-channels","19.asynchronous-django/05.websockets-with-channels",{"title":725,"path":726,"stem":727},"Background Tasks with Celery or RQ","/asynchronous-django/background-tasks-with-celery-or-rq","19.asynchronous-django/06.background-tasks-with-celery-or-rq",{"title":729,"path":730,"stem":731},"Asynchronous Support","/asynchronous-django/asynchronous-support","19.asynchronous-django/07.asynchronous-support",{"title":733,"path":734,"stem":735},"Django's Tasks Framework","/asynchronous-django/django-tasks-framework","19.asynchronous-django/08.django-tasks-framework",{"title":737,"path":738,"stem":739,"children":740},"Deployment","/deployment","20.deployment/01.index",[741,742,746,750,754,758,762,766,770],{"title":737,"path":738,"stem":739},{"title":743,"path":744,"stem":745},"Preparing for Production","/deployment/preparing-for-production","20.deployment/02.preparing-for-production",{"title":747,"path":748,"stem":749},"Using WSGI and ASGI Servers","/deployment/using-wsgi-and-asgi-servers","20.deployment/03.using-wsgi-and-asgi-servers",{"title":751,"path":752,"stem":753},"Deploying on Linux Servers","/deployment/deploying-on-linux-servers","20.deployment/04.deploying-on-linux-servers",{"title":755,"path":756,"stem":757},"Using Docker","/deployment/using-docker","20.deployment/05.using-docker",{"title":759,"path":760,"stem":761},"Cloud Deployment Guides","/deployment/cloud-deployment-guides","20.deployment/06.cloud-deployment-guides",{"title":763,"path":764,"stem":765},"Scaling and Load Balancing","/deployment/scaling-and-load-balancing","20.deployment/07.scaling-and-load-balancing",{"title":767,"path":768,"stem":769},"Monitoring and Logging","/deployment/monitoring-and-logging","20.deployment/08.monitoring-and-logging",{"title":771,"path":772,"stem":773},"Backup Strategies","/deployment/backup-strategies","20.deployment/09.backup-strategies",{"title":775,"path":776,"stem":777,"children":778},"Performance and Optimization","/performance-and-optimization","21.performance-and-optimization/01.index",[779,780,784,788,792,796],{"title":775,"path":776,"stem":777},{"title":781,"path":782,"stem":783},"Query Optimization","/performance-and-optimization/query-optimization","21.performance-and-optimization/02.query-optimization",{"title":785,"path":786,"stem":787},"Template Rendering Optimization","/performance-and-optimization/template-rendering-optimization","21.performance-and-optimization/03.template-rendering-optimization",{"title":789,"path":790,"stem":791},"Using Select Related and Prefetch Related","/performance-and-optimization/using-select-related-and-prefetch-related","21.performance-and-optimization/04.using-select-related-and-prefetch-related",{"title":793,"path":794,"stem":795},"Caching Strategies","/performance-and-optimization/caching-strategies","21.performance-and-optimization/05.caching-strategies",{"title":797,"path":798,"stem":799},"Profiling Django Apps","/performance-and-optimization/profiling-django-apps","21.performance-and-optimization/06.profiling-django-apps",{"title":801,"path":802,"stem":803,"children":804},"Advanced and Expert Topics","/advanced-and-expert-topics","22.advanced-and-expert-topics/01.index",[805,806,810,814,818,822,826,830,834,838,842,846],{"title":801,"path":802,"stem":803},{"title":807,"path":808,"stem":809},"System Architecture Patterns","/advanced-and-expert-topics/system-architecture-patterns","22.advanced-and-expert-topics/02.system-architecture-patterns",{"title":811,"path":812,"stem":813},"Domain Driven Design with Django","/advanced-and-expert-topics/domain-driven-design-with-django","22.advanced-and-expert-topics/03.domain-driven-design-with-django",{"title":815,"path":816,"stem":817},"Building Large Scale Django Projects","/advanced-and-expert-topics/building-large-scale-django-projects","22.advanced-and-expert-topics/04.building-large-scale-django-projects",{"title":819,"path":820,"stem":821},"Plugin Architectures for Django Apps","/advanced-and-expert-topics/plugin-architectures-for-django-apps","22.advanced-and-expert-topics/05.plugin-architectures-for-django-apps",{"title":823,"path":824,"stem":825},"Extending Django's Core","/advanced-and-expert-topics/extending-djangos-core","22.advanced-and-expert-topics/06.extending-djangos-core",{"title":827,"path":828,"stem":829},"Custom ORM Expressions","/advanced-and-expert-topics/custom-orm-expressions","22.advanced-and-expert-topics/07.custom-orm-expressions",{"title":831,"path":832,"stem":833},"Custom Management Commands","/advanced-and-expert-topics/custom-management-commands","22.advanced-and-expert-topics/08.custom-management-commands",{"title":835,"path":836,"stem":837},"Working with Signals","/advanced-and-expert-topics/working-with-signals","22.advanced-and-expert-topics/09.working-with-signals",{"title":839,"path":840,"stem":841},"Building Reusable Django Packages","/advanced-and-expert-topics/building-reusable-django-packages","22.advanced-and-expert-topics/10.building-reusable-django-packages",{"title":843,"path":844,"stem":845},"Integrating Microservices","/advanced-and-expert-topics/integrating-microservices","22.advanced-and-expert-topics/11.integrating-microservices",{"title":847,"path":848,"stem":849},"Advanced Security Hardening","/advanced-and-expert-topics/advanced-security-hardening","22.advanced-and-expert-topics/12.advanced-security-hardening",{"title":851,"path":852,"stem":853,"children":854},"Logging in Django","/logging-in-django","23.logging-in-django/01.index",[855],{"title":851,"path":852,"stem":853},{"title":857,"path":858,"stem":859,"children":860},"FAQ and Troubleshooting","/faq-and-troubleshooting","24.faq-and-troubleshooting/01.index",[861],{"title":857,"path":858,"stem":859},{"title":863,"path":864,"stem":865,"children":866},"External Packages and Ecosystem","/external-packages-and-ecosystem","25.external-packages-and-ecosystem/01.index",[867],{"title":863,"path":864,"stem":865},{"title":869,"path":870,"stem":871,"children":872},"Django Internals and Contributing","/django-internals-and-contributing","26.django-internals-and-contributing/01.index",[873],{"title":869,"path":870,"stem":871},{"title":875,"path":876,"stem":877,"children":878},"Microservices with Django","/microservices-with-django","27.microservices-with-django/01.index",[879,880,884,888,892,896,900,904,908,912,916,920,924],{"title":875,"path":876,"stem":877},{"title":881,"path":882,"stem":883},"What Is a Microservice?","/microservices-with-django/what-is-a-microservice","27.microservices-with-django/02.what-is-a-microservice",{"title":885,"path":886,"stem":887},"Introducing the Django Microservices Architecture","/microservices-with-django/django-microservices-architecture","27.microservices-with-django/03.django-microservices-architecture",{"title":889,"path":890,"stem":891},"Setting Up the Development and Runtime Environment","/microservices-with-django/development-environment","27.microservices-with-django/04.development-environment",{"title":893,"path":894,"stem":895},"Cloud-native Data Processing with MongoDB","/microservices-with-django/cloud-native-data-processing","27.microservices-with-django/05.cloud-native-data-processing",{"title":897,"path":898,"stem":899},"Creating RESTful APIs for Microservices","/microservices-with-django/restful-apis","27.microservices-with-django/06.restful-apis",{"title":901,"path":902,"stem":903},"Orchestrating Microservices with Celery and RabbitMQ","/microservices-with-django/orchestrating-celery-rabbitmq","27.microservices-with-django/07.orchestrating-celery-rabbitmq",{"title":905,"path":906,"stem":907},"Testing Microservices","/microservices-with-django/testing-microservices","27.microservices-with-django/08.testing-microservices",{"title":909,"path":910,"stem":911},"Deploying Microservices","/microservices-with-django/deploying-microservices","27.microservices-with-django/09.deploying-microservices",{"title":913,"path":914,"stem":915},"Securing Microservices","/microservices-with-django/securing-microservices","27.microservices-with-django/10.securing-microservices",{"title":917,"path":918,"stem":919},"Improving Microservices Performance with Caching","/microservices-with-django/performance-caching","27.microservices-with-django/11.performance-caching",{"title":921,"path":922,"stem":923},"Best Practices","/microservices-with-django/best-practices","27.microservices-with-django/12.best-practices",{"title":925,"path":926,"stem":927},"Transforming a Monolithic Web App into a Microservice version","/microservices-with-django/monolith-to-microservices","27.microservices-with-django/13.monolith-to-microservices",{"title":929,"path":930,"stem":931,"children":932},"Releases","/releases","releases",[933,936,940,944,948,952,956,960,964,968,972,976,980,984,988,992,996,1000,1004,1008,1012],{"title":934,"path":930,"stem":935},"Django Releases","releases/index",{"title":937,"path":938,"stem":939},"Django 5.1.10 release notes","/releases/5.1.10","releases/5.1.10",{"title":941,"path":942,"stem":943},"Django 5.1.11 release notes","/releases/5.1.11","releases/5.1.11",{"title":945,"path":946,"stem":947},"Django 5.1.12 release notes","/releases/5.1.12","releases/5.1.12",{"title":949,"path":950,"stem":951},"Django 5.1.13 release notes","/releases/5.1.13","releases/5.1.13",{"title":953,"path":954,"stem":955},"Django 5.1.14 release notes","/releases/5.1.14","releases/5.1.14",{"title":957,"path":958,"stem":959},"Django 5.1.15 release notes","/releases/5.1.15","releases/5.1.15",{"title":961,"path":962,"stem":963},"Django 5.2 release notes","/releases/5.2","releases/5.2",{"title":965,"path":966,"stem":967},"Django 5.2.1 release notes","/releases/5.2.1","releases/5.2.1",{"title":969,"path":970,"stem":971},"Django 5.2.10 release notes","/releases/5.2.10","releases/5.2.10",{"title":973,"path":974,"stem":975},"Django 5.2.2 release notes","/releases/5.2.2","releases/5.2.2",{"title":977,"path":978,"stem":979},"Django 5.2.3 release notes","/releases/5.2.3","releases/5.2.3",{"title":981,"path":982,"stem":983},"Django 5.2.4 release notes","/releases/5.2.4","releases/5.2.4",{"title":985,"path":986,"stem":987},"Django 5.2.5 release notes","/releases/5.2.5","releases/5.2.5",{"title":989,"path":990,"stem":991},"Django 5.2.6 release notes","/releases/5.2.6","releases/5.2.6",{"title":993,"path":994,"stem":995},"Django 5.2.7 release notes","/releases/5.2.7","releases/5.2.7",{"title":997,"path":998,"stem":999},"Django 5.2.8 release notes","/releases/5.2.8","releases/5.2.8",{"title":1001,"path":1002,"stem":1003},"Django 5.2.9 release notes","/releases/5.2.9","releases/5.2.9",{"title":1005,"path":1006,"stem":1007},"Django 6.0 release notes","/releases/6.0","releases/6.0",{"title":1009,"path":1010,"stem":1011},"Django 6.0.1 release notes","/releases/6.0.1","releases/6.0.1",{"title":1013,"path":1014,"stem":1015},"Django 6.1 release notes - UNDER DEVELOPMENT","/releases/6.1","releases/6.1",{"id":1017,"title":559,"body":1018,"description":1028,"extension":10128,"links":10129,"meta":10130,"navigation":1323,"path":560,"seo":10131,"stem":561,"__hash__":10132},"docs/14.security/05.sql-injection-protection.md",{"type":1019,"value":1020,"toc":10092},"minimark",[1021,1025,1029,1034,1039,1383,1387,1650,1654,1658,1661,2396,2400,2403,3060,3064,3428,3432,3436,4350,4354,5275,5279,5283,6554,6558,7265,7269,7273,7680,7684,8001,8005,8009,9225,9229,9233,10004,10008,10012,10028,10032,10046,10050,10064,10067,10081,10085,10088],[1022,1023,559],"h1",{"id":1024},"sql-injection-protection",[1026,1027,1028],"p",{},"SQL injection is one of the most dangerous web application vulnerabilities, allowing attackers to manipulate database queries and potentially access, modify, or delete sensitive data. Django's ORM provides robust protection against SQL injection attacks through parameterized queries and safe query construction.",[1030,1031,1033],"h2",{"id":1032},"understanding-sql-injection","Understanding SQL Injection",[1035,1036,1038],"h3",{"id":1037},"how-sql-injection-works","How SQL Injection Works",[1040,1041,1046],"pre",{"className":1042,"code":1043,"language":1044,"meta":1045,"style":1045},"language-python shiki shiki-themes material-theme-lighter vitesse-light vitesse-dark","# VULNERABLE CODE EXAMPLE (DON'T DO THIS!)\ndef vulnerable_user_search(request):\n \"\"\"DANGEROUS: Direct string formatting in SQL\"\"\"\n \n username = request.GET.get('username', '')\n \n # This is vulnerable to SQL injection!\n query = f\"SELECT * FROM auth_user WHERE username = '{username}'\"\n \n from django.db import connection\n cursor = connection.cursor()\n cursor.execute(query) # DANGEROUS!\n \n results = cursor.fetchall()\n return render(request, 'search_results.html', {'results': results})\n\n# Attack examples:\n# ?username=admin' OR '1'='1' --\n# Result: SELECT * FROM auth_user WHERE username = 'admin' OR '1'='1' --'\n# This returns ALL users!\n\n# ?username=admin'; DROP TABLE auth_user; --\n# Result: Attempts to delete the entire user table!\n\n# ?username=admin' UNION SELECT password FROM auth_user WHERE username='admin' --\n# Result: Attempts to extract password hashes\n","python","",[1047,1048,1049,1058,1080,1094,1101,1147,1152,1158,1184,1189,1210,1229,1251,1256,1274,1318,1325,1331,1337,1343,1349,1354,1360,1366,1371,1377],"code",{"__ignoreMap":1045},[1050,1051,1054],"span",{"class":1052,"line":1053},"line",1,[1050,1055,1057],{"class":1056},"s9Tkl","# VULNERABLE CODE EXAMPLE (DON'T DO THIS!)\n",[1050,1059,1061,1065,1069,1073,1077],{"class":1052,"line":1060},2,[1050,1062,1064],{"class":1063},"s5Kfy","def",[1050,1066,1068],{"class":1067},"sljsM"," vulnerable_user_search",[1050,1070,1072],{"class":1071},"soVBu","(",[1050,1074,1076],{"class":1075},"sCyAa","request",[1050,1078,1079],{"class":1071},"):\n",[1050,1081,1083,1087,1091],{"class":1052,"line":1082},3,[1050,1084,1086],{"class":1085},"sm7ve"," \"\"\"",[1050,1088,1090],{"class":1089},"sVyVU","DANGEROUS: Direct string formatting in SQL",[1050,1092,1093],{"class":1085},"\"\"\"\n",[1050,1095,1097],{"class":1052,"line":1096},4,[1050,1098,1100],{"class":1099},"sftqT"," \n",[1050,1102,1104,1107,1110,1113,1116,1120,1122,1126,1128,1132,1136,1138,1141,1144],{"class":1052,"line":1103},5,[1050,1105,1106],{"class":1099}," username ",[1050,1108,1109],{"class":1071},"=",[1050,1111,1112],{"class":1099}," request",[1050,1114,1115],{"class":1071},".",[1050,1117,1119],{"class":1118},"sFGJz","GET",[1050,1121,1115],{"class":1071},[1050,1123,1125],{"class":1124},"siWMO","get",[1050,1127,1072],{"class":1071},[1050,1129,1131],{"class":1130},"sbYkP","'",[1050,1133,1135],{"class":1134},"sTbE_","username",[1050,1137,1131],{"class":1130},[1050,1139,1140],{"class":1071},",",[1050,1142,1143],{"class":1130}," ''",[1050,1145,1146],{"class":1071},")\n",[1050,1148,1150],{"class":1052,"line":1149},6,[1050,1151,1100],{"class":1099},[1050,1153,1155],{"class":1052,"line":1154},7,[1050,1156,1157],{"class":1056}," # This is vulnerable to SQL injection!\n",[1050,1159,1161,1164,1166,1169,1172,1176,1178,1181],{"class":1052,"line":1160},8,[1050,1162,1163],{"class":1099}," query ",[1050,1165,1109],{"class":1071},[1050,1167,1168],{"class":1063}," f",[1050,1170,1171],{"class":1134},"\"SELECT * FROM auth_user WHERE username = '",[1050,1173,1175],{"class":1174},"s3h35","{",[1050,1177,1135],{"class":1099},[1050,1179,1180],{"class":1174},"}",[1050,1182,1183],{"class":1134},"'\"\n",[1050,1185,1187],{"class":1052,"line":1186},9,[1050,1188,1100],{"class":1099},[1050,1190,1192,1196,1199,1201,1204,1207],{"class":1052,"line":1191},10,[1050,1193,1195],{"class":1194},"siDh9"," from",[1050,1197,1198],{"class":1099}," django",[1050,1200,1115],{"class":1071},[1050,1202,1203],{"class":1099},"db ",[1050,1205,1206],{"class":1194},"import",[1050,1208,1209],{"class":1099}," connection\n",[1050,1211,1213,1216,1218,1221,1223,1226],{"class":1052,"line":1212},11,[1050,1214,1215],{"class":1099}," cursor ",[1050,1217,1109],{"class":1071},[1050,1219,1220],{"class":1099}," connection",[1050,1222,1115],{"class":1071},[1050,1224,1225],{"class":1124},"cursor",[1050,1227,1228],{"class":1071},"()\n",[1050,1230,1232,1235,1237,1240,1242,1245,1248],{"class":1052,"line":1231},12,[1050,1233,1234],{"class":1099}," cursor",[1050,1236,1115],{"class":1071},[1050,1238,1239],{"class":1124},"execute",[1050,1241,1072],{"class":1071},[1050,1243,1244],{"class":1124},"query",[1050,1246,1247],{"class":1071},")",[1050,1249,1250],{"class":1056}," # DANGEROUS!\n",[1050,1252,1254],{"class":1052,"line":1253},13,[1050,1255,1100],{"class":1099},[1050,1257,1259,1262,1264,1267,1269,1272],{"class":1052,"line":1258},14,[1050,1260,1261],{"class":1099}," results ",[1050,1263,1109],{"class":1071},[1050,1265,1266],{"class":1099}," cursor",[1050,1268,1115],{"class":1071},[1050,1270,1271],{"class":1124},"fetchall",[1050,1273,1228],{"class":1071},[1050,1275,1277,1280,1283,1285,1287,1289,1292,1295,1297,1299,1302,1304,1307,1309,1312,1315],{"class":1052,"line":1276},15,[1050,1278,1279],{"class":1194}," return",[1050,1281,1282],{"class":1124}," render",[1050,1284,1072],{"class":1071},[1050,1286,1076],{"class":1124},[1050,1288,1140],{"class":1071},[1050,1290,1291],{"class":1130}," '",[1050,1293,1294],{"class":1134},"search_results.html",[1050,1296,1131],{"class":1130},[1050,1298,1140],{"class":1071},[1050,1300,1301],{"class":1071}," {",[1050,1303,1131],{"class":1130},[1050,1305,1306],{"class":1134},"results",[1050,1308,1131],{"class":1130},[1050,1310,1311],{"class":1071},":",[1050,1313,1314],{"class":1124}," results",[1050,1316,1317],{"class":1071},"})\n",[1050,1319,1321],{"class":1052,"line":1320},16,[1050,1322,1324],{"emptyLinePlaceholder":1323},true,"\n",[1050,1326,1328],{"class":1052,"line":1327},17,[1050,1329,1330],{"class":1056},"# Attack examples:\n",[1050,1332,1334],{"class":1052,"line":1333},18,[1050,1335,1336],{"class":1056},"# ?username=admin' OR '1'='1' --\n",[1050,1338,1340],{"class":1052,"line":1339},19,[1050,1341,1342],{"class":1056},"# Result: SELECT * FROM auth_user WHERE username = 'admin' OR '1'='1' --'\n",[1050,1344,1346],{"class":1052,"line":1345},20,[1050,1347,1348],{"class":1056},"# This returns ALL users!\n",[1050,1350,1352],{"class":1052,"line":1351},21,[1050,1353,1324],{"emptyLinePlaceholder":1323},[1050,1355,1357],{"class":1052,"line":1356},22,[1050,1358,1359],{"class":1056},"# ?username=admin'; DROP TABLE auth_user; --\n",[1050,1361,1363],{"class":1052,"line":1362},23,[1050,1364,1365],{"class":1056},"# Result: Attempts to delete the entire user table!\n",[1050,1367,1369],{"class":1052,"line":1368},24,[1050,1370,1324],{"emptyLinePlaceholder":1323},[1050,1372,1374],{"class":1052,"line":1373},25,[1050,1375,1376],{"class":1056},"# ?username=admin' UNION SELECT password FROM auth_user WHERE username='admin' --\n",[1050,1378,1380],{"class":1052,"line":1379},26,[1050,1381,1382],{"class":1056},"# Result: Attempts to extract password hashes\n",[1035,1384,1386],{"id":1385},"sql-injection-attack-types","SQL Injection Attack Types",[1040,1388,1392],{"className":1389,"code":1390,"language":1391,"meta":1045,"style":1045},"language-sql shiki shiki-themes material-theme-lighter vitesse-light vitesse-dark","-- 1. Authentication Bypass\n-- Input: admin' OR '1'='1' --\nSELECT * FROM users WHERE username = 'admin' OR '1'='1' --' AND password = 'password'\n\n-- 2. Data Extraction (UNION attacks)\n-- Input: ' UNION SELECT username, password FROM auth_user --\nSELECT name FROM products WHERE id = '' UNION SELECT username, password FROM auth_user --'\n\n-- 3. Blind SQL Injection\n-- Input: ' AND (SELECT COUNT(*) FROM auth_user) > 0 --\nSELECT * FROM articles WHERE title = '' AND (SELECT COUNT(*) FROM auth_user) > 0 --'\n\n-- 4. Time-based Blind Injection\n-- Input: '; WAITFOR DELAY '00:00:05' --\nSELECT * FROM products WHERE id = ''; WAITFOR DELAY '00:00:05' --'\n\n-- 5. Boolean-based Blind Injection\n-- Input: ' AND 1=1 -- (returns results)\n-- Input: ' AND 1=2 -- (returns no results)\n","sql",[1047,1393,1394,1399,1404,1456,1460,1465,1470,1511,1515,1520,1525,1581,1585,1590,1595,1631,1635,1640,1645],{"__ignoreMap":1045},[1050,1395,1396],{"class":1052,"line":1053},[1050,1397,1398],{"class":1056},"-- 1. Authentication Bypass\n",[1050,1400,1401],{"class":1052,"line":1060},[1050,1402,1403],{"class":1056},"-- Input: admin' OR '1'='1' --\n",[1050,1405,1406,1410,1414,1417,1420,1423,1426,1428,1430,1433,1435,1438,1440,1443,1445,1447,1449,1451,1453],{"class":1052,"line":1082},[1050,1407,1409],{"class":1408},"scgAs","SELECT",[1050,1411,1413],{"class":1412},"sVsLi"," *",[1050,1415,1416],{"class":1408}," FROM",[1050,1418,1419],{"class":1099}," users ",[1050,1421,1422],{"class":1408},"WHERE",[1050,1424,1425],{"class":1099}," username ",[1050,1427,1109],{"class":1412},[1050,1429,1291],{"class":1130},[1050,1431,1432],{"class":1134},"admin",[1050,1434,1131],{"class":1130},[1050,1436,1437],{"class":1408}," OR",[1050,1439,1291],{"class":1130},[1050,1441,1442],{"class":1134},"1",[1050,1444,1131],{"class":1130},[1050,1446,1109],{"class":1412},[1050,1448,1131],{"class":1130},[1050,1450,1442],{"class":1134},[1050,1452,1131],{"class":1130},[1050,1454,1455],{"class":1056}," --' AND password = 'password'\n",[1050,1457,1458],{"class":1052,"line":1096},[1050,1459,1324],{"emptyLinePlaceholder":1323},[1050,1461,1462],{"class":1052,"line":1103},[1050,1463,1464],{"class":1056},"-- 2. Data Extraction (UNION attacks)\n",[1050,1466,1467],{"class":1052,"line":1149},[1050,1468,1469],{"class":1056},"-- Input: ' UNION SELECT username, password FROM auth_user --\n",[1050,1471,1472,1474,1477,1479,1482,1484,1487,1489,1491,1494,1497,1500,1503,1505,1508],{"class":1052,"line":1154},[1050,1473,1409],{"class":1408},[1050,1475,1476],{"class":1408}," name",[1050,1478,1416],{"class":1408},[1050,1480,1481],{"class":1099}," products ",[1050,1483,1422],{"class":1408},[1050,1485,1486],{"class":1099}," id ",[1050,1488,1109],{"class":1412},[1050,1490,1143],{"class":1130},[1050,1492,1493],{"class":1408}," UNION",[1050,1495,1496],{"class":1408}," SELECT",[1050,1498,1499],{"class":1099}," username, ",[1050,1501,1502],{"class":1408},"password",[1050,1504,1416],{"class":1408},[1050,1506,1507],{"class":1099}," auth_user ",[1050,1509,1510],{"class":1056},"--'\n",[1050,1512,1513],{"class":1052,"line":1160},[1050,1514,1324],{"emptyLinePlaceholder":1323},[1050,1516,1517],{"class":1052,"line":1186},[1050,1518,1519],{"class":1056},"-- 3. Blind SQL Injection\n",[1050,1521,1522],{"class":1052,"line":1191},[1050,1523,1524],{"class":1056},"-- Input: ' AND (SELECT COUNT(*) FROM auth_user) > 0 --\n",[1050,1526,1527,1529,1531,1533,1536,1538,1541,1543,1545,1548,1551,1553,1557,1559,1562,1565,1568,1571,1574,1578],{"class":1052,"line":1212},[1050,1528,1409],{"class":1408},[1050,1530,1413],{"class":1412},[1050,1532,1416],{"class":1408},[1050,1534,1535],{"class":1099}," articles ",[1050,1537,1422],{"class":1408},[1050,1539,1540],{"class":1099}," title ",[1050,1542,1109],{"class":1412},[1050,1544,1143],{"class":1130},[1050,1546,1547],{"class":1408}," AND",[1050,1549,1550],{"class":1099}," (",[1050,1552,1409],{"class":1408},[1050,1554,1556],{"class":1555},"sJdAF"," COUNT",[1050,1558,1072],{"class":1099},[1050,1560,1561],{"class":1412},"*",[1050,1563,1564],{"class":1099},") ",[1050,1566,1567],{"class":1408},"FROM",[1050,1569,1570],{"class":1099}," auth_user) ",[1050,1572,1573],{"class":1412},">",[1050,1575,1577],{"class":1576},"s7CZa"," 0",[1050,1579,1580],{"class":1056}," --'\n",[1050,1582,1583],{"class":1052,"line":1231},[1050,1584,1324],{"emptyLinePlaceholder":1323},[1050,1586,1587],{"class":1052,"line":1253},[1050,1588,1589],{"class":1056},"-- 4. Time-based Blind Injection\n",[1050,1591,1592],{"class":1052,"line":1258},[1050,1593,1594],{"class":1056},"-- Input: '; WAITFOR DELAY '00:00:05' --\n",[1050,1596,1597,1599,1601,1603,1605,1607,1609,1611,1613,1616,1619,1622,1624,1627,1629],{"class":1052,"line":1276},[1050,1598,1409],{"class":1408},[1050,1600,1413],{"class":1412},[1050,1602,1416],{"class":1408},[1050,1604,1481],{"class":1099},[1050,1606,1422],{"class":1408},[1050,1608,1486],{"class":1099},[1050,1610,1109],{"class":1412},[1050,1612,1143],{"class":1130},[1050,1614,1615],{"class":1099},"; ",[1050,1617,1618],{"class":1408},"WAITFOR",[1050,1620,1621],{"class":1408}," DELAY",[1050,1623,1291],{"class":1130},[1050,1625,1626],{"class":1134},"00:00:05",[1050,1628,1131],{"class":1130},[1050,1630,1580],{"class":1056},[1050,1632,1633],{"class":1052,"line":1320},[1050,1634,1324],{"emptyLinePlaceholder":1323},[1050,1636,1637],{"class":1052,"line":1327},[1050,1638,1639],{"class":1056},"-- 5. Boolean-based Blind Injection\n",[1050,1641,1642],{"class":1052,"line":1333},[1050,1643,1644],{"class":1056},"-- Input: ' AND 1=1 -- (returns results)\n",[1050,1646,1647],{"class":1052,"line":1339},[1050,1648,1649],{"class":1056},"-- Input: ' AND 1=2 -- (returns no results)\n",[1030,1651,1653],{"id":1652},"django-orm-protection","Django ORM Protection",[1035,1655,1657],{"id":1656},"safe-query-construction","Safe Query Construction",[1026,1659,1660],{},"Django's ORM automatically uses parameterized queries:",[1040,1662,1664],{"className":1042,"code":1663,"language":1044,"meta":1045,"style":1045},"# SAFE: Django ORM automatically parameterizes queries\nfrom django.contrib.auth.models import User\n\ndef safe_user_search(request):\n \"\"\"SAFE: Using Django ORM\"\"\"\n \n username = request.GET.get('username', '')\n \n # This is automatically protected against SQL injection\n users = User.objects.filter(username=username)\n \n # Django generates: SELECT * FROM auth_user WHERE username = %s\n # Parameters: [username]\n \n return render(request, 'search_results.html', {'users': users})\n\ndef safe_complex_search(request):\n \"\"\"SAFE: Complex queries with ORM\"\"\"\n \n username = request.GET.get('username', '')\n email = request.GET.get('email', '')\n is_active = request.GET.get('is_active') == 'true'\n \n # All of these are safe\n users = User.objects.filter(\n username__icontains=username,\n email__icontains=email,\n is_active=is_active\n ).select_related('profile')\n \n # Django handles parameterization automatically\n return render(request, 'search_results.html', {'users': users})\n\ndef safe_dynamic_filtering(request):\n \"\"\"SAFE: Dynamic filtering with Q objects\"\"\"\n \n from django.db.models import Q\n \n search_term = request.GET.get('search', '')\n \n if search_term:\n # Complex query with Q objects - still safe\n users = User.objects.filter(\n Q(username__icontains=search_term) |\n Q(first_name__icontains=search_term) |\n Q(last_name__icontains=search_term) |\n Q(email__icontains=search_term)\n )\n else:\n users = User.objects.none()\n \n return render(request, 'search_results.html', {'users': users})\n",[1047,1665,1666,1671,1698,1702,1715,1724,1728,1758,1762,1767,1799,1803,1808,1813,1817,1853,1857,1870,1879,1883,1913,1945,1984,1988,1993,2012,2024,2036,2047,2067,2072,2078,2113,2118,2132,2142,2147,2168,2173,2206,2211,2223,2229,2249,2270,2288,2306,2322,2328,2336,2356,2361],{"__ignoreMap":1045},[1050,1667,1668],{"class":1052,"line":1053},[1050,1669,1670],{"class":1056},"# SAFE: Django ORM automatically parameterizes queries\n",[1050,1672,1673,1676,1678,1680,1683,1685,1688,1690,1693,1695],{"class":1052,"line":1060},[1050,1674,1675],{"class":1194},"from",[1050,1677,1198],{"class":1099},[1050,1679,1115],{"class":1071},[1050,1681,1682],{"class":1099},"contrib",[1050,1684,1115],{"class":1071},[1050,1686,1687],{"class":1099},"auth",[1050,1689,1115],{"class":1071},[1050,1691,1692],{"class":1099},"models ",[1050,1694,1206],{"class":1194},[1050,1696,1697],{"class":1099}," User\n",[1050,1699,1700],{"class":1052,"line":1082},[1050,1701,1324],{"emptyLinePlaceholder":1323},[1050,1703,1704,1706,1709,1711,1713],{"class":1052,"line":1096},[1050,1705,1064],{"class":1063},[1050,1707,1708],{"class":1067}," safe_user_search",[1050,1710,1072],{"class":1071},[1050,1712,1076],{"class":1075},[1050,1714,1079],{"class":1071},[1050,1716,1717,1719,1722],{"class":1052,"line":1103},[1050,1718,1086],{"class":1085},[1050,1720,1721],{"class":1089},"SAFE: Using Django ORM",[1050,1723,1093],{"class":1085},[1050,1725,1726],{"class":1052,"line":1149},[1050,1727,1100],{"class":1099},[1050,1729,1730,1732,1734,1736,1738,1740,1742,1744,1746,1748,1750,1752,1754,1756],{"class":1052,"line":1154},[1050,1731,1106],{"class":1099},[1050,1733,1109],{"class":1071},[1050,1735,1112],{"class":1099},[1050,1737,1115],{"class":1071},[1050,1739,1119],{"class":1118},[1050,1741,1115],{"class":1071},[1050,1743,1125],{"class":1124},[1050,1745,1072],{"class":1071},[1050,1747,1131],{"class":1130},[1050,1749,1135],{"class":1134},[1050,1751,1131],{"class":1130},[1050,1753,1140],{"class":1071},[1050,1755,1143],{"class":1130},[1050,1757,1146],{"class":1071},[1050,1759,1760],{"class":1052,"line":1160},[1050,1761,1100],{"class":1099},[1050,1763,1764],{"class":1052,"line":1186},[1050,1765,1766],{"class":1056}," # This is automatically protected against SQL injection\n",[1050,1768,1769,1772,1774,1777,1779,1783,1785,1788,1790,1793,1795,1797],{"class":1052,"line":1191},[1050,1770,1771],{"class":1099}," users ",[1050,1773,1109],{"class":1071},[1050,1775,1776],{"class":1099}," User",[1050,1778,1115],{"class":1071},[1050,1780,1782],{"class":1781},"sBPpx","objects",[1050,1784,1115],{"class":1071},[1050,1786,1787],{"class":1124},"filter",[1050,1789,1072],{"class":1071},[1050,1791,1135],{"class":1792},"sqOPj",[1050,1794,1109],{"class":1071},[1050,1796,1135],{"class":1124},[1050,1798,1146],{"class":1071},[1050,1800,1801],{"class":1052,"line":1212},[1050,1802,1100],{"class":1099},[1050,1804,1805],{"class":1052,"line":1231},[1050,1806,1807],{"class":1056}," # Django generates: SELECT * FROM auth_user WHERE username = %s\n",[1050,1809,1810],{"class":1052,"line":1253},[1050,1811,1812],{"class":1056}," # Parameters: [username]\n",[1050,1814,1815],{"class":1052,"line":1258},[1050,1816,1100],{"class":1099},[1050,1818,1819,1821,1823,1825,1827,1829,1831,1833,1835,1837,1839,1841,1844,1846,1848,1851],{"class":1052,"line":1276},[1050,1820,1279],{"class":1194},[1050,1822,1282],{"class":1124},[1050,1824,1072],{"class":1071},[1050,1826,1076],{"class":1124},[1050,1828,1140],{"class":1071},[1050,1830,1291],{"class":1130},[1050,1832,1294],{"class":1134},[1050,1834,1131],{"class":1130},[1050,1836,1140],{"class":1071},[1050,1838,1301],{"class":1071},[1050,1840,1131],{"class":1130},[1050,1842,1843],{"class":1134},"users",[1050,1845,1131],{"class":1130},[1050,1847,1311],{"class":1071},[1050,1849,1850],{"class":1124}," users",[1050,1852,1317],{"class":1071},[1050,1854,1855],{"class":1052,"line":1320},[1050,1856,1324],{"emptyLinePlaceholder":1323},[1050,1858,1859,1861,1864,1866,1868],{"class":1052,"line":1327},[1050,1860,1064],{"class":1063},[1050,1862,1863],{"class":1067}," safe_complex_search",[1050,1865,1072],{"class":1071},[1050,1867,1076],{"class":1075},[1050,1869,1079],{"class":1071},[1050,1871,1872,1874,1877],{"class":1052,"line":1333},[1050,1873,1086],{"class":1085},[1050,1875,1876],{"class":1089},"SAFE: Complex queries with ORM",[1050,1878,1093],{"class":1085},[1050,1880,1881],{"class":1052,"line":1339},[1050,1882,1100],{"class":1099},[1050,1884,1885,1887,1889,1891,1893,1895,1897,1899,1901,1903,1905,1907,1909,1911],{"class":1052,"line":1345},[1050,1886,1106],{"class":1099},[1050,1888,1109],{"class":1071},[1050,1890,1112],{"class":1099},[1050,1892,1115],{"class":1071},[1050,1894,1119],{"class":1118},[1050,1896,1115],{"class":1071},[1050,1898,1125],{"class":1124},[1050,1900,1072],{"class":1071},[1050,1902,1131],{"class":1130},[1050,1904,1135],{"class":1134},[1050,1906,1131],{"class":1130},[1050,1908,1140],{"class":1071},[1050,1910,1143],{"class":1130},[1050,1912,1146],{"class":1071},[1050,1914,1915,1918,1920,1922,1924,1926,1928,1930,1932,1934,1937,1939,1941,1943],{"class":1052,"line":1351},[1050,1916,1917],{"class":1099}," email ",[1050,1919,1109],{"class":1071},[1050,1921,1112],{"class":1099},[1050,1923,1115],{"class":1071},[1050,1925,1119],{"class":1118},[1050,1927,1115],{"class":1071},[1050,1929,1125],{"class":1124},[1050,1931,1072],{"class":1071},[1050,1933,1131],{"class":1130},[1050,1935,1936],{"class":1134},"email",[1050,1938,1131],{"class":1130},[1050,1940,1140],{"class":1071},[1050,1942,1143],{"class":1130},[1050,1944,1146],{"class":1071},[1050,1946,1947,1950,1952,1954,1956,1958,1960,1962,1964,1966,1969,1971,1973,1976,1978,1981],{"class":1052,"line":1356},[1050,1948,1949],{"class":1099}," is_active ",[1050,1951,1109],{"class":1071},[1050,1953,1112],{"class":1099},[1050,1955,1115],{"class":1071},[1050,1957,1119],{"class":1118},[1050,1959,1115],{"class":1071},[1050,1961,1125],{"class":1124},[1050,1963,1072],{"class":1071},[1050,1965,1131],{"class":1130},[1050,1967,1968],{"class":1134},"is_active",[1050,1970,1131],{"class":1130},[1050,1972,1247],{"class":1071},[1050,1974,1975],{"class":1412}," ==",[1050,1977,1291],{"class":1130},[1050,1979,1980],{"class":1134},"true",[1050,1982,1983],{"class":1130},"'\n",[1050,1985,1986],{"class":1052,"line":1362},[1050,1987,1100],{"class":1099},[1050,1989,1990],{"class":1052,"line":1368},[1050,1991,1992],{"class":1056}," # All of these are safe\n",[1050,1994,1995,1997,1999,2001,2003,2005,2007,2009],{"class":1052,"line":1373},[1050,1996,1771],{"class":1099},[1050,1998,1109],{"class":1071},[1050,2000,1776],{"class":1099},[1050,2002,1115],{"class":1071},[1050,2004,1782],{"class":1781},[1050,2006,1115],{"class":1071},[1050,2008,1787],{"class":1124},[1050,2010,2011],{"class":1071},"(\n",[1050,2013,2014,2017,2019,2021],{"class":1052,"line":1379},[1050,2015,2016],{"class":1792}," username__icontains",[1050,2018,1109],{"class":1071},[1050,2020,1135],{"class":1124},[1050,2022,2023],{"class":1071},",\n",[1050,2025,2027,2030,2032,2034],{"class":1052,"line":2026},27,[1050,2028,2029],{"class":1792}," email__icontains",[1050,2031,1109],{"class":1071},[1050,2033,1936],{"class":1124},[1050,2035,2023],{"class":1071},[1050,2037,2039,2042,2044],{"class":1052,"line":2038},28,[1050,2040,2041],{"class":1792}," is_active",[1050,2043,1109],{"class":1071},[1050,2045,2046],{"class":1124},"is_active\n",[1050,2048,2050,2053,2056,2058,2060,2063,2065],{"class":1052,"line":2049},29,[1050,2051,2052],{"class":1071}," ).",[1050,2054,2055],{"class":1124},"select_related",[1050,2057,1072],{"class":1071},[1050,2059,1131],{"class":1130},[1050,2061,2062],{"class":1134},"profile",[1050,2064,1131],{"class":1130},[1050,2066,1146],{"class":1071},[1050,2068,2070],{"class":1052,"line":2069},30,[1050,2071,1100],{"class":1099},[1050,2073,2075],{"class":1052,"line":2074},31,[1050,2076,2077],{"class":1056}," # Django handles parameterization automatically\n",[1050,2079,2081,2083,2085,2087,2089,2091,2093,2095,2097,2099,2101,2103,2105,2107,2109,2111],{"class":1052,"line":2080},32,[1050,2082,1279],{"class":1194},[1050,2084,1282],{"class":1124},[1050,2086,1072],{"class":1071},[1050,2088,1076],{"class":1124},[1050,2090,1140],{"class":1071},[1050,2092,1291],{"class":1130},[1050,2094,1294],{"class":1134},[1050,2096,1131],{"class":1130},[1050,2098,1140],{"class":1071},[1050,2100,1301],{"class":1071},[1050,2102,1131],{"class":1130},[1050,2104,1843],{"class":1134},[1050,2106,1131],{"class":1130},[1050,2108,1311],{"class":1071},[1050,2110,1850],{"class":1124},[1050,2112,1317],{"class":1071},[1050,2114,2116],{"class":1052,"line":2115},33,[1050,2117,1324],{"emptyLinePlaceholder":1323},[1050,2119,2121,2123,2126,2128,2130],{"class":1052,"line":2120},34,[1050,2122,1064],{"class":1063},[1050,2124,2125],{"class":1067}," safe_dynamic_filtering",[1050,2127,1072],{"class":1071},[1050,2129,1076],{"class":1075},[1050,2131,1079],{"class":1071},[1050,2133,2135,2137,2140],{"class":1052,"line":2134},35,[1050,2136,1086],{"class":1085},[1050,2138,2139],{"class":1089},"SAFE: Dynamic filtering with Q objects",[1050,2141,1093],{"class":1085},[1050,2143,2145],{"class":1052,"line":2144},36,[1050,2146,1100],{"class":1099},[1050,2148,2150,2152,2154,2156,2159,2161,2163,2165],{"class":1052,"line":2149},37,[1050,2151,1195],{"class":1194},[1050,2153,1198],{"class":1099},[1050,2155,1115],{"class":1071},[1050,2157,2158],{"class":1099},"db",[1050,2160,1115],{"class":1071},[1050,2162,1692],{"class":1099},[1050,2164,1206],{"class":1194},[1050,2166,2167],{"class":1099}," Q\n",[1050,2169,2171],{"class":1052,"line":2170},38,[1050,2172,1100],{"class":1099},[1050,2174,2176,2179,2181,2183,2185,2187,2189,2191,2193,2195,2198,2200,2202,2204],{"class":1052,"line":2175},39,[1050,2177,2178],{"class":1099}," search_term ",[1050,2180,1109],{"class":1071},[1050,2182,1112],{"class":1099},[1050,2184,1115],{"class":1071},[1050,2186,1119],{"class":1118},[1050,2188,1115],{"class":1071},[1050,2190,1125],{"class":1124},[1050,2192,1072],{"class":1071},[1050,2194,1131],{"class":1130},[1050,2196,2197],{"class":1134},"search",[1050,2199,1131],{"class":1130},[1050,2201,1140],{"class":1071},[1050,2203,1143],{"class":1130},[1050,2205,1146],{"class":1071},[1050,2207,2209],{"class":1052,"line":2208},40,[1050,2210,1100],{"class":1099},[1050,2212,2214,2217,2220],{"class":1052,"line":2213},41,[1050,2215,2216],{"class":1194}," if",[1050,2218,2219],{"class":1099}," search_term",[1050,2221,2222],{"class":1071},":\n",[1050,2224,2226],{"class":1052,"line":2225},42,[1050,2227,2228],{"class":1056}," # Complex query with Q objects - still safe\n",[1050,2230,2232,2235,2237,2239,2241,2243,2245,2247],{"class":1052,"line":2231},43,[1050,2233,2234],{"class":1099}," users ",[1050,2236,1109],{"class":1071},[1050,2238,1776],{"class":1099},[1050,2240,1115],{"class":1071},[1050,2242,1782],{"class":1781},[1050,2244,1115],{"class":1071},[1050,2246,1787],{"class":1124},[1050,2248,2011],{"class":1071},[1050,2250,2252,2255,2257,2260,2262,2265,2267],{"class":1052,"line":2251},44,[1050,2253,2254],{"class":1124}," Q",[1050,2256,1072],{"class":1071},[1050,2258,2259],{"class":1792},"username__icontains",[1050,2261,1109],{"class":1071},[1050,2263,2264],{"class":1124},"search_term",[1050,2266,1247],{"class":1071},[1050,2268,2269],{"class":1412}," |\n",[1050,2271,2273,2275,2277,2280,2282,2284,2286],{"class":1052,"line":2272},45,[1050,2274,2254],{"class":1124},[1050,2276,1072],{"class":1071},[1050,2278,2279],{"class":1792},"first_name__icontains",[1050,2281,1109],{"class":1071},[1050,2283,2264],{"class":1124},[1050,2285,1247],{"class":1071},[1050,2287,2269],{"class":1412},[1050,2289,2291,2293,2295,2298,2300,2302,2304],{"class":1052,"line":2290},46,[1050,2292,2254],{"class":1124},[1050,2294,1072],{"class":1071},[1050,2296,2297],{"class":1792},"last_name__icontains",[1050,2299,1109],{"class":1071},[1050,2301,2264],{"class":1124},[1050,2303,1247],{"class":1071},[1050,2305,2269],{"class":1412},[1050,2307,2309,2311,2313,2316,2318,2320],{"class":1052,"line":2308},47,[1050,2310,2254],{"class":1124},[1050,2312,1072],{"class":1071},[1050,2314,2315],{"class":1792},"email__icontains",[1050,2317,1109],{"class":1071},[1050,2319,2264],{"class":1124},[1050,2321,1146],{"class":1071},[1050,2323,2325],{"class":1052,"line":2324},48,[1050,2326,2327],{"class":1071}," )\n",[1050,2329,2331,2334],{"class":1052,"line":2330},49,[1050,2332,2333],{"class":1194}," else",[1050,2335,2222],{"class":1071},[1050,2337,2339,2341,2343,2345,2347,2349,2351,2354],{"class":1052,"line":2338},50,[1050,2340,2234],{"class":1099},[1050,2342,1109],{"class":1071},[1050,2344,1776],{"class":1099},[1050,2346,1115],{"class":1071},[1050,2348,1782],{"class":1781},[1050,2350,1115],{"class":1071},[1050,2352,2353],{"class":1124},"none",[1050,2355,1228],{"class":1071},[1050,2357,2359],{"class":1052,"line":2358},51,[1050,2360,1100],{"class":1099},[1050,2362,2364,2366,2368,2370,2372,2374,2376,2378,2380,2382,2384,2386,2388,2390,2392,2394],{"class":1052,"line":2363},52,[1050,2365,1279],{"class":1194},[1050,2367,1282],{"class":1124},[1050,2369,1072],{"class":1071},[1050,2371,1076],{"class":1124},[1050,2373,1140],{"class":1071},[1050,2375,1291],{"class":1130},[1050,2377,1294],{"class":1134},[1050,2379,1131],{"class":1130},[1050,2381,1140],{"class":1071},[1050,2383,1301],{"class":1071},[1050,2385,1131],{"class":1130},[1050,2387,1843],{"class":1134},[1050,2389,1131],{"class":1130},[1050,2391,1311],{"class":1071},[1050,2393,1850],{"class":1124},[1050,2395,1317],{"class":1071},[1035,2397,2399],{"id":2398},"safe-raw-sql-usage","Safe Raw SQL Usage",[1026,2401,2402],{},"When you must use raw SQL, Django provides safe methods:",[1040,2404,2406],{"className":1042,"code":2405,"language":1044,"meta":1045,"style":1045},"# SAFE: Using raw() with parameters\ndef safe_raw_query(request):\n \"\"\"SAFE: Raw SQL with proper parameterization\"\"\"\n \n user_id = request.GET.get('user_id')\n \n # Method 1: Using raw() with parameters\n users = User.objects.raw(\n \"SELECT * FROM auth_user WHERE id = %s AND is_active = %s\",\n [user_id, True]\n )\n \n return render(request, 'users.html', {'users': users})\n\ndef safe_cursor_usage(request):\n \"\"\"SAFE: Direct cursor usage with parameters\"\"\"\n \n from django.db import connection\n \n username = request.GET.get('username')\n \n with connection.cursor() as cursor:\n # SAFE: Using parameter substitution\n cursor.execute(\n \"SELECT u.*, p.bio FROM auth_user u \"\n \"LEFT JOIN profiles_userprofile p ON u.id = p.user_id \"\n \"WHERE u.username = %s\",\n [username]\n )\n \n results = cursor.fetchall()\n \n return render(request, 'user_details.html', {'results': results})\n\ndef safe_named_parameters(request):\n \"\"\"SAFE: Using named parameters (PostgreSQL)\"\"\"\n \n from django.db import connection\n \n min_age = request.GET.get('min_age', 18)\n max_age = request.GET.get('max_age', 65)\n \n with connection.cursor() as cursor:\n # SAFE: Named parameters (PostgreSQL syntax)\n cursor.execute(\n \"SELECT * FROM users WHERE age BETWEEN %(min_age)s AND %(max_age)s\",\n {'min_age': min_age, 'max_age': max_age}\n )\n \n results = cursor.fetchall()\n \n return render(request, 'age_filtered_users.html', {'results': results})\n",[1047,2407,2408,2413,2426,2435,2439,2467,2471,2476,2495,2516,2532,2537,2541,2576,2580,2593,2602,2606,2620,2624,2650,2654,2675,2680,2691,2702,2711,2724,2733,2737,2742,2757,2761,2796,2800,2813,2822,2826,2840,2844,2877,2910,2914,2932,2937,2947,2967,2999,3003,3007,3021,3025],{"__ignoreMap":1045},[1050,2409,2410],{"class":1052,"line":1053},[1050,2411,2412],{"class":1056},"# SAFE: Using raw() with parameters\n",[1050,2414,2415,2417,2420,2422,2424],{"class":1052,"line":1060},[1050,2416,1064],{"class":1063},[1050,2418,2419],{"class":1067}," safe_raw_query",[1050,2421,1072],{"class":1071},[1050,2423,1076],{"class":1075},[1050,2425,1079],{"class":1071},[1050,2427,2428,2430,2433],{"class":1052,"line":1082},[1050,2429,1086],{"class":1085},[1050,2431,2432],{"class":1089},"SAFE: Raw SQL with proper parameterization",[1050,2434,1093],{"class":1085},[1050,2436,2437],{"class":1052,"line":1096},[1050,2438,1100],{"class":1099},[1050,2440,2441,2444,2446,2448,2450,2452,2454,2456,2458,2460,2463,2465],{"class":1052,"line":1103},[1050,2442,2443],{"class":1099}," user_id ",[1050,2445,1109],{"class":1071},[1050,2447,1112],{"class":1099},[1050,2449,1115],{"class":1071},[1050,2451,1119],{"class":1118},[1050,2453,1115],{"class":1071},[1050,2455,1125],{"class":1124},[1050,2457,1072],{"class":1071},[1050,2459,1131],{"class":1130},[1050,2461,2462],{"class":1134},"user_id",[1050,2464,1131],{"class":1130},[1050,2466,1146],{"class":1071},[1050,2468,2469],{"class":1052,"line":1149},[1050,2470,1100],{"class":1099},[1050,2472,2473],{"class":1052,"line":1154},[1050,2474,2475],{"class":1056}," # Method 1: Using raw() with parameters\n",[1050,2477,2478,2480,2482,2484,2486,2488,2490,2493],{"class":1052,"line":1160},[1050,2479,1771],{"class":1099},[1050,2481,1109],{"class":1071},[1050,2483,1776],{"class":1099},[1050,2485,1115],{"class":1071},[1050,2487,1782],{"class":1781},[1050,2489,1115],{"class":1071},[1050,2491,2492],{"class":1124},"raw",[1050,2494,2011],{"class":1071},[1050,2496,2497,2500,2503,2506,2509,2511,2514],{"class":1052,"line":1186},[1050,2498,2499],{"class":1130}," \"",[1050,2501,2502],{"class":1134},"SELECT * FROM auth_user WHERE id = ",[1050,2504,2505],{"class":1174},"%s",[1050,2507,2508],{"class":1134}," AND is_active = ",[1050,2510,2505],{"class":1174},[1050,2512,2513],{"class":1130},"\"",[1050,2515,2023],{"class":1071},[1050,2517,2518,2521,2523,2525,2529],{"class":1052,"line":1191},[1050,2519,2520],{"class":1071}," [",[1050,2522,2462],{"class":1124},[1050,2524,1140],{"class":1071},[1050,2526,2528],{"class":2527},"s8XtY"," True",[1050,2530,2531],{"class":1071},"]\n",[1050,2533,2534],{"class":1052,"line":1212},[1050,2535,2536],{"class":1071}," )\n",[1050,2538,2539],{"class":1052,"line":1231},[1050,2540,1100],{"class":1099},[1050,2542,2543,2545,2547,2549,2551,2553,2555,2558,2560,2562,2564,2566,2568,2570,2572,2574],{"class":1052,"line":1253},[1050,2544,1279],{"class":1194},[1050,2546,1282],{"class":1124},[1050,2548,1072],{"class":1071},[1050,2550,1076],{"class":1124},[1050,2552,1140],{"class":1071},[1050,2554,1291],{"class":1130},[1050,2556,2557],{"class":1134},"users.html",[1050,2559,1131],{"class":1130},[1050,2561,1140],{"class":1071},[1050,2563,1301],{"class":1071},[1050,2565,1131],{"class":1130},[1050,2567,1843],{"class":1134},[1050,2569,1131],{"class":1130},[1050,2571,1311],{"class":1071},[1050,2573,1850],{"class":1124},[1050,2575,1317],{"class":1071},[1050,2577,2578],{"class":1052,"line":1258},[1050,2579,1324],{"emptyLinePlaceholder":1323},[1050,2581,2582,2584,2587,2589,2591],{"class":1052,"line":1276},[1050,2583,1064],{"class":1063},[1050,2585,2586],{"class":1067}," safe_cursor_usage",[1050,2588,1072],{"class":1071},[1050,2590,1076],{"class":1075},[1050,2592,1079],{"class":1071},[1050,2594,2595,2597,2600],{"class":1052,"line":1320},[1050,2596,1086],{"class":1085},[1050,2598,2599],{"class":1089},"SAFE: Direct cursor usage with parameters",[1050,2601,1093],{"class":1085},[1050,2603,2604],{"class":1052,"line":1327},[1050,2605,1100],{"class":1099},[1050,2607,2608,2610,2612,2614,2616,2618],{"class":1052,"line":1333},[1050,2609,1195],{"class":1194},[1050,2611,1198],{"class":1099},[1050,2613,1115],{"class":1071},[1050,2615,1203],{"class":1099},[1050,2617,1206],{"class":1194},[1050,2619,1209],{"class":1099},[1050,2621,2622],{"class":1052,"line":1339},[1050,2623,1100],{"class":1099},[1050,2625,2626,2628,2630,2632,2634,2636,2638,2640,2642,2644,2646,2648],{"class":1052,"line":1345},[1050,2627,1106],{"class":1099},[1050,2629,1109],{"class":1071},[1050,2631,1112],{"class":1099},[1050,2633,1115],{"class":1071},[1050,2635,1119],{"class":1118},[1050,2637,1115],{"class":1071},[1050,2639,1125],{"class":1124},[1050,2641,1072],{"class":1071},[1050,2643,1131],{"class":1130},[1050,2645,1135],{"class":1134},[1050,2647,1131],{"class":1130},[1050,2649,1146],{"class":1071},[1050,2651,2652],{"class":1052,"line":1351},[1050,2653,1100],{"class":1099},[1050,2655,2656,2659,2661,2663,2665,2668,2671,2673],{"class":1052,"line":1356},[1050,2657,2658],{"class":1194}," with",[1050,2660,1220],{"class":1099},[1050,2662,1115],{"class":1071},[1050,2664,1225],{"class":1124},[1050,2666,2667],{"class":1071},"()",[1050,2669,2670],{"class":1194}," as",[1050,2672,1266],{"class":1099},[1050,2674,2222],{"class":1071},[1050,2676,2677],{"class":1052,"line":1362},[1050,2678,2679],{"class":1056}," # SAFE: Using parameter substitution\n",[1050,2681,2682,2685,2687,2689],{"class":1052,"line":1368},[1050,2683,2684],{"class":1099}," cursor",[1050,2686,1115],{"class":1071},[1050,2688,1239],{"class":1124},[1050,2690,2011],{"class":1071},[1050,2692,2693,2696,2699],{"class":1052,"line":1373},[1050,2694,2695],{"class":1130}," \"",[1050,2697,2698],{"class":1134},"SELECT u.*, p.bio FROM auth_user u ",[1050,2700,2701],{"class":1130},"\"\n",[1050,2703,2704,2706,2709],{"class":1052,"line":1379},[1050,2705,2695],{"class":1130},[1050,2707,2708],{"class":1134},"LEFT JOIN profiles_userprofile p ON u.id = p.user_id ",[1050,2710,2701],{"class":1130},[1050,2712,2713,2715,2718,2720,2722],{"class":1052,"line":2026},[1050,2714,2695],{"class":1130},[1050,2716,2717],{"class":1134},"WHERE u.username = ",[1050,2719,2505],{"class":1174},[1050,2721,2513],{"class":1130},[1050,2723,2023],{"class":1071},[1050,2725,2726,2729,2731],{"class":1052,"line":2038},[1050,2727,2728],{"class":1071}," [",[1050,2730,1135],{"class":1124},[1050,2732,2531],{"class":1071},[1050,2734,2735],{"class":1052,"line":2049},[1050,2736,2327],{"class":1071},[1050,2738,2739],{"class":1052,"line":2069},[1050,2740,2741],{"class":1099}," \n",[1050,2743,2744,2747,2749,2751,2753,2755],{"class":1052,"line":2074},[1050,2745,2746],{"class":1099}," results ",[1050,2748,1109],{"class":1071},[1050,2750,1266],{"class":1099},[1050,2752,1115],{"class":1071},[1050,2754,1271],{"class":1124},[1050,2756,1228],{"class":1071},[1050,2758,2759],{"class":1052,"line":2080},[1050,2760,1100],{"class":1099},[1050,2762,2763,2765,2767,2769,2771,2773,2775,2778,2780,2782,2784,2786,2788,2790,2792,2794],{"class":1052,"line":2115},[1050,2764,1279],{"class":1194},[1050,2766,1282],{"class":1124},[1050,2768,1072],{"class":1071},[1050,2770,1076],{"class":1124},[1050,2772,1140],{"class":1071},[1050,2774,1291],{"class":1130},[1050,2776,2777],{"class":1134},"user_details.html",[1050,2779,1131],{"class":1130},[1050,2781,1140],{"class":1071},[1050,2783,1301],{"class":1071},[1050,2785,1131],{"class":1130},[1050,2787,1306],{"class":1134},[1050,2789,1131],{"class":1130},[1050,2791,1311],{"class":1071},[1050,2793,1314],{"class":1124},[1050,2795,1317],{"class":1071},[1050,2797,2798],{"class":1052,"line":2120},[1050,2799,1324],{"emptyLinePlaceholder":1323},[1050,2801,2802,2804,2807,2809,2811],{"class":1052,"line":2134},[1050,2803,1064],{"class":1063},[1050,2805,2806],{"class":1067}," safe_named_parameters",[1050,2808,1072],{"class":1071},[1050,2810,1076],{"class":1075},[1050,2812,1079],{"class":1071},[1050,2814,2815,2817,2820],{"class":1052,"line":2144},[1050,2816,1086],{"class":1085},[1050,2818,2819],{"class":1089},"SAFE: Using named parameters (PostgreSQL)",[1050,2821,1093],{"class":1085},[1050,2823,2824],{"class":1052,"line":2149},[1050,2825,1100],{"class":1099},[1050,2827,2828,2830,2832,2834,2836,2838],{"class":1052,"line":2170},[1050,2829,1195],{"class":1194},[1050,2831,1198],{"class":1099},[1050,2833,1115],{"class":1071},[1050,2835,1203],{"class":1099},[1050,2837,1206],{"class":1194},[1050,2839,1209],{"class":1099},[1050,2841,2842],{"class":1052,"line":2175},[1050,2843,1100],{"class":1099},[1050,2845,2846,2849,2851,2853,2855,2857,2859,2861,2863,2865,2868,2870,2872,2875],{"class":1052,"line":2208},[1050,2847,2848],{"class":1099}," min_age ",[1050,2850,1109],{"class":1071},[1050,2852,1112],{"class":1099},[1050,2854,1115],{"class":1071},[1050,2856,1119],{"class":1118},[1050,2858,1115],{"class":1071},[1050,2860,1125],{"class":1124},[1050,2862,1072],{"class":1071},[1050,2864,1131],{"class":1130},[1050,2866,2867],{"class":1134},"min_age",[1050,2869,1131],{"class":1130},[1050,2871,1140],{"class":1071},[1050,2873,2874],{"class":1576}," 18",[1050,2876,1146],{"class":1071},[1050,2878,2879,2882,2884,2886,2888,2890,2892,2894,2896,2898,2901,2903,2905,2908],{"class":1052,"line":2213},[1050,2880,2881],{"class":1099}," max_age ",[1050,2883,1109],{"class":1071},[1050,2885,1112],{"class":1099},[1050,2887,1115],{"class":1071},[1050,2889,1119],{"class":1118},[1050,2891,1115],{"class":1071},[1050,2893,1125],{"class":1124},[1050,2895,1072],{"class":1071},[1050,2897,1131],{"class":1130},[1050,2899,2900],{"class":1134},"max_age",[1050,2902,1131],{"class":1130},[1050,2904,1140],{"class":1071},[1050,2906,2907],{"class":1576}," 65",[1050,2909,1146],{"class":1071},[1050,2911,2912],{"class":1052,"line":2225},[1050,2913,1100],{"class":1099},[1050,2915,2916,2918,2920,2922,2924,2926,2928,2930],{"class":1052,"line":2231},[1050,2917,2658],{"class":1194},[1050,2919,1220],{"class":1099},[1050,2921,1115],{"class":1071},[1050,2923,1225],{"class":1124},[1050,2925,2667],{"class":1071},[1050,2927,2670],{"class":1194},[1050,2929,1266],{"class":1099},[1050,2931,2222],{"class":1071},[1050,2933,2934],{"class":1052,"line":2251},[1050,2935,2936],{"class":1056}," # SAFE: Named parameters (PostgreSQL syntax)\n",[1050,2938,2939,2941,2943,2945],{"class":1052,"line":2272},[1050,2940,2684],{"class":1099},[1050,2942,1115],{"class":1071},[1050,2944,1239],{"class":1124},[1050,2946,2011],{"class":1071},[1050,2948,2949,2951,2954,2957,2960,2963,2965],{"class":1052,"line":2290},[1050,2950,2695],{"class":1130},[1050,2952,2953],{"class":1134},"SELECT * FROM users WHERE age BETWEEN ",[1050,2955,2956],{"class":1174},"%(min_age)s",[1050,2958,2959],{"class":1134}," AND ",[1050,2961,2962],{"class":1174},"%(max_age)s",[1050,2964,2513],{"class":1130},[1050,2966,2023],{"class":1071},[1050,2968,2969,2972,2974,2976,2978,2980,2983,2985,2987,2989,2991,2993,2996],{"class":1052,"line":2308},[1050,2970,2971],{"class":1071}," {",[1050,2973,1131],{"class":1130},[1050,2975,2867],{"class":1134},[1050,2977,1131],{"class":1130},[1050,2979,1311],{"class":1071},[1050,2981,2982],{"class":1124}," min_age",[1050,2984,1140],{"class":1071},[1050,2986,1291],{"class":1130},[1050,2988,2900],{"class":1134},[1050,2990,1131],{"class":1130},[1050,2992,1311],{"class":1071},[1050,2994,2995],{"class":1124}," max_age",[1050,2997,2998],{"class":1071},"}\n",[1050,3000,3001],{"class":1052,"line":2324},[1050,3002,2327],{"class":1071},[1050,3004,3005],{"class":1052,"line":2330},[1050,3006,2741],{"class":1099},[1050,3008,3009,3011,3013,3015,3017,3019],{"class":1052,"line":2338},[1050,3010,2746],{"class":1099},[1050,3012,1109],{"class":1071},[1050,3014,1266],{"class":1099},[1050,3016,1115],{"class":1071},[1050,3018,1271],{"class":1124},[1050,3020,1228],{"class":1071},[1050,3022,3023],{"class":1052,"line":2358},[1050,3024,1100],{"class":1099},[1050,3026,3027,3029,3031,3033,3035,3037,3039,3042,3044,3046,3048,3050,3052,3054,3056,3058],{"class":1052,"line":2363},[1050,3028,1279],{"class":1194},[1050,3030,1282],{"class":1124},[1050,3032,1072],{"class":1071},[1050,3034,1076],{"class":1124},[1050,3036,1140],{"class":1071},[1050,3038,1291],{"class":1130},[1050,3040,3041],{"class":1134},"age_filtered_users.html",[1050,3043,1131],{"class":1130},[1050,3045,1140],{"class":1071},[1050,3047,1301],{"class":1071},[1050,3049,1131],{"class":1130},[1050,3051,1306],{"class":1134},[1050,3053,1131],{"class":1130},[1050,3055,1311],{"class":1071},[1050,3057,1314],{"class":1124},[1050,3059,1317],{"class":1071},[1035,3061,3063],{"id":3062},"dangerous-raw-sql-patterns-to-avoid","Dangerous Raw SQL Patterns to Avoid",[1040,3065,3067],{"className":1042,"code":3066,"language":1044,"meta":1045,"style":1045},"# DANGEROUS PATTERNS - NEVER DO THESE!\n\ndef dangerous_string_formatting(request):\n \"\"\"DANGEROUS: String formatting in SQL\"\"\"\n \n username = request.GET.get('username')\n \n # DON'T DO THIS - Vulnerable to SQL injection!\n query = f\"SELECT * FROM auth_user WHERE username = '{username}'\"\n \n # DON'T DO THIS EITHER!\n query = \"SELECT * FROM auth_user WHERE username = '%s'\" % username\n \n # OR THIS!\n query = \"SELECT * FROM auth_user WHERE username = '{}'\".format(username)\n\ndef dangerous_concatenation(request):\n \"\"\"DANGEROUS: String concatenation in SQL\"\"\"\n \n order_by = request.GET.get('order_by', 'username')\n \n # DON'T DO THIS - ORDER BY cannot be parameterized safely this way\n query = \"SELECT * FROM auth_user ORDER BY \" + order_by\n \n # Attacker could inject: username; DROP TABLE auth_user; --\n\ndef dangerous_dynamic_queries(request):\n \"\"\"DANGEROUS: Building dynamic queries unsafely\"\"\"\n \n filters = request.GET.get('filters', '')\n \n # DON'T DO THIS!\n query = \"SELECT * FROM auth_user WHERE \" + filters\n \n # Attacker could inject: 1=1 OR (SELECT COUNT(*) FROM sensitive_table) > 0\n",[1047,3068,3069,3074,3078,3091,3100,3104,3130,3134,3139,3157,3161,3166,3190,3194,3199,3227,3231,3244,3253,3257,3293,3297,3302,3321,3325,3330,3334,3347,3356,3360,3392,3396,3401,3419,3423],{"__ignoreMap":1045},[1050,3070,3071],{"class":1052,"line":1053},[1050,3072,3073],{"class":1056},"# DANGEROUS PATTERNS - NEVER DO THESE!\n",[1050,3075,3076],{"class":1052,"line":1060},[1050,3077,1324],{"emptyLinePlaceholder":1323},[1050,3079,3080,3082,3085,3087,3089],{"class":1052,"line":1082},[1050,3081,1064],{"class":1063},[1050,3083,3084],{"class":1067}," dangerous_string_formatting",[1050,3086,1072],{"class":1071},[1050,3088,1076],{"class":1075},[1050,3090,1079],{"class":1071},[1050,3092,3093,3095,3098],{"class":1052,"line":1096},[1050,3094,1086],{"class":1085},[1050,3096,3097],{"class":1089},"DANGEROUS: String formatting in SQL",[1050,3099,1093],{"class":1085},[1050,3101,3102],{"class":1052,"line":1103},[1050,3103,1100],{"class":1099},[1050,3105,3106,3108,3110,3112,3114,3116,3118,3120,3122,3124,3126,3128],{"class":1052,"line":1149},[1050,3107,1106],{"class":1099},[1050,3109,1109],{"class":1071},[1050,3111,1112],{"class":1099},[1050,3113,1115],{"class":1071},[1050,3115,1119],{"class":1118},[1050,3117,1115],{"class":1071},[1050,3119,1125],{"class":1124},[1050,3121,1072],{"class":1071},[1050,3123,1131],{"class":1130},[1050,3125,1135],{"class":1134},[1050,3127,1131],{"class":1130},[1050,3129,1146],{"class":1071},[1050,3131,3132],{"class":1052,"line":1154},[1050,3133,1100],{"class":1099},[1050,3135,3136],{"class":1052,"line":1160},[1050,3137,3138],{"class":1056}," # DON'T DO THIS - Vulnerable to SQL injection!\n",[1050,3140,3141,3143,3145,3147,3149,3151,3153,3155],{"class":1052,"line":1186},[1050,3142,1163],{"class":1099},[1050,3144,1109],{"class":1071},[1050,3146,1168],{"class":1063},[1050,3148,1171],{"class":1134},[1050,3150,1175],{"class":1174},[1050,3152,1135],{"class":1099},[1050,3154,1180],{"class":1174},[1050,3156,1183],{"class":1134},[1050,3158,3159],{"class":1052,"line":1191},[1050,3160,1100],{"class":1099},[1050,3162,3163],{"class":1052,"line":1212},[1050,3164,3165],{"class":1056}," # DON'T DO THIS EITHER!\n",[1050,3167,3168,3170,3172,3175,3178,3180,3182,3184,3187],{"class":1052,"line":1231},[1050,3169,1163],{"class":1099},[1050,3171,1109],{"class":1071},[1050,3173,3174],{"class":1130}," \"",[1050,3176,3177],{"class":1134},"SELECT * FROM auth_user WHERE username = '",[1050,3179,2505],{"class":1174},[1050,3181,1131],{"class":1134},[1050,3183,2513],{"class":1130},[1050,3185,3186],{"class":1412}," %",[1050,3188,3189],{"class":1099}," username\n",[1050,3191,3192],{"class":1052,"line":1253},[1050,3193,1100],{"class":1099},[1050,3195,3196],{"class":1052,"line":1258},[1050,3197,3198],{"class":1056}," # OR THIS!\n",[1050,3200,3201,3203,3205,3207,3209,3212,3214,3216,3218,3221,3223,3225],{"class":1052,"line":1276},[1050,3202,1163],{"class":1099},[1050,3204,1109],{"class":1071},[1050,3206,3174],{"class":1130},[1050,3208,3177],{"class":1134},[1050,3210,3211],{"class":1174},"{}",[1050,3213,1131],{"class":1134},[1050,3215,2513],{"class":1130},[1050,3217,1115],{"class":1071},[1050,3219,3220],{"class":1124},"format",[1050,3222,1072],{"class":1071},[1050,3224,1135],{"class":1124},[1050,3226,1146],{"class":1071},[1050,3228,3229],{"class":1052,"line":1320},[1050,3230,1324],{"emptyLinePlaceholder":1323},[1050,3232,3233,3235,3238,3240,3242],{"class":1052,"line":1327},[1050,3234,1064],{"class":1063},[1050,3236,3237],{"class":1067}," dangerous_concatenation",[1050,3239,1072],{"class":1071},[1050,3241,1076],{"class":1075},[1050,3243,1079],{"class":1071},[1050,3245,3246,3248,3251],{"class":1052,"line":1333},[1050,3247,1086],{"class":1085},[1050,3249,3250],{"class":1089},"DANGEROUS: String concatenation in SQL",[1050,3252,1093],{"class":1085},[1050,3254,3255],{"class":1052,"line":1339},[1050,3256,1100],{"class":1099},[1050,3258,3259,3262,3264,3266,3268,3270,3272,3274,3276,3278,3281,3283,3285,3287,3289,3291],{"class":1052,"line":1345},[1050,3260,3261],{"class":1099}," order_by ",[1050,3263,1109],{"class":1071},[1050,3265,1112],{"class":1099},[1050,3267,1115],{"class":1071},[1050,3269,1119],{"class":1118},[1050,3271,1115],{"class":1071},[1050,3273,1125],{"class":1124},[1050,3275,1072],{"class":1071},[1050,3277,1131],{"class":1130},[1050,3279,3280],{"class":1134},"order_by",[1050,3282,1131],{"class":1130},[1050,3284,1140],{"class":1071},[1050,3286,1291],{"class":1130},[1050,3288,1135],{"class":1134},[1050,3290,1131],{"class":1130},[1050,3292,1146],{"class":1071},[1050,3294,3295],{"class":1052,"line":1351},[1050,3296,1100],{"class":1099},[1050,3298,3299],{"class":1052,"line":1356},[1050,3300,3301],{"class":1056}," # DON'T DO THIS - ORDER BY cannot be parameterized safely this way\n",[1050,3303,3304,3306,3308,3310,3313,3315,3318],{"class":1052,"line":1362},[1050,3305,1163],{"class":1099},[1050,3307,1109],{"class":1071},[1050,3309,3174],{"class":1130},[1050,3311,3312],{"class":1134},"SELECT * FROM auth_user ORDER BY ",[1050,3314,2513],{"class":1130},[1050,3316,3317],{"class":1412}," +",[1050,3319,3320],{"class":1099}," order_by\n",[1050,3322,3323],{"class":1052,"line":1368},[1050,3324,1100],{"class":1099},[1050,3326,3327],{"class":1052,"line":1373},[1050,3328,3329],{"class":1056}," # Attacker could inject: username; DROP TABLE auth_user; --\n",[1050,3331,3332],{"class":1052,"line":1379},[1050,3333,1324],{"emptyLinePlaceholder":1323},[1050,3335,3336,3338,3341,3343,3345],{"class":1052,"line":2026},[1050,3337,1064],{"class":1063},[1050,3339,3340],{"class":1067}," dangerous_dynamic_queries",[1050,3342,1072],{"class":1071},[1050,3344,1076],{"class":1075},[1050,3346,1079],{"class":1071},[1050,3348,3349,3351,3354],{"class":1052,"line":2038},[1050,3350,1086],{"class":1085},[1050,3352,3353],{"class":1089},"DANGEROUS: Building dynamic queries unsafely",[1050,3355,1093],{"class":1085},[1050,3357,3358],{"class":1052,"line":2049},[1050,3359,1100],{"class":1099},[1050,3361,3362,3365,3367,3369,3371,3373,3375,3377,3379,3381,3384,3386,3388,3390],{"class":1052,"line":2069},[1050,3363,3364],{"class":1099}," filters ",[1050,3366,1109],{"class":1071},[1050,3368,1112],{"class":1099},[1050,3370,1115],{"class":1071},[1050,3372,1119],{"class":1118},[1050,3374,1115],{"class":1071},[1050,3376,1125],{"class":1124},[1050,3378,1072],{"class":1071},[1050,3380,1131],{"class":1130},[1050,3382,3383],{"class":1134},"filters",[1050,3385,1131],{"class":1130},[1050,3387,1140],{"class":1071},[1050,3389,1143],{"class":1130},[1050,3391,1146],{"class":1071},[1050,3393,3394],{"class":1052,"line":2074},[1050,3395,1100],{"class":1099},[1050,3397,3398],{"class":1052,"line":2080},[1050,3399,3400],{"class":1056}," # DON'T DO THIS!\n",[1050,3402,3403,3405,3407,3409,3412,3414,3416],{"class":1052,"line":2115},[1050,3404,1163],{"class":1099},[1050,3406,1109],{"class":1071},[1050,3408,3174],{"class":1130},[1050,3410,3411],{"class":1134},"SELECT * FROM auth_user WHERE ",[1050,3413,2513],{"class":1130},[1050,3415,3317],{"class":1412},[1050,3417,3418],{"class":1099}," filters\n",[1050,3420,3421],{"class":1052,"line":2120},[1050,3422,1100],{"class":1099},[1050,3424,3425],{"class":1052,"line":2134},[1050,3426,3427],{"class":1056}," # Attacker could inject: 1=1 OR (SELECT COUNT(*) FROM sensitive_table) > 0\n",[1030,3429,3431],{"id":3430},"safe-dynamic-query-building","Safe Dynamic Query Building",[1035,3433,3435],{"id":3434},"secure-dynamic-filtering","Secure Dynamic Filtering",[1040,3437,3439],{"className":1042,"code":3438,"language":1044,"meta":1045,"style":1045},"# Safe dynamic query building\ndef secure_dynamic_search(request):\n \"\"\"SECURE: Dynamic search with validation\"\"\"\n \n # Define allowed search fields\n ALLOWED_FIELDS = {\n 'username': 'username__icontains',\n 'email': 'email__icontains',\n 'first_name': 'first_name__icontains',\n 'last_name': 'last_name__icontains',\n 'is_active': 'is_active',\n 'date_joined': 'date_joined__gte'\n }\n \n # Build filter dictionary safely\n filters = {}\n for field, value in request.GET.items():\n if field in ALLOWED_FIELDS and value:\n django_field = ALLOWED_FIELDS[field]\n \n # Additional validation based on field type\n if field == 'is_active':\n value = value.lower() in ('true', '1', 'yes')\n elif field == 'date_joined':\n try:\n from datetime import datetime\n value = datetime.strptime(value, '%Y-%m-%d')\n except ValueError:\n continue # Skip invalid dates\n \n filters[django_field] = value\n \n # Apply filters safely\n users = User.objects.filter(**filters)\n \n return render(request, 'search_results.html', {'users': users})\n\ndef secure_ordering(request):\n \"\"\"SECURE: Dynamic ordering with validation\"\"\"\n \n # Define allowed ordering fields\n ALLOWED_ORDER_FIELDS = [\n 'username', 'email', 'first_name', 'last_name', \n 'date_joined', 'last_login'\n ]\n \n order_by = request.GET.get('order_by', 'username')\n direction = request.GET.get('direction', 'asc')\n \n # Validate ordering field\n if order_by not in ALLOWED_ORDER_FIELDS:\n order_by = 'username' # Default safe value\n \n # Validate direction\n if direction not in ['asc', 'desc']:\n direction = 'asc'\n \n # Build ordering string safely\n if direction == 'desc':\n order_by = f'-{order_by}'\n \n users = User.objects.all().order_by(order_by)\n \n return render(request, 'users.html', {'users': users})\n",[1047,3440,3441,3446,3459,3468,3472,3477,3489,3508,3526,3545,3564,3582,3600,3605,3609,3614,3623,3653,3674,3691,3696,3701,3719,3765,3782,3789,3802,3836,3847,3855,3859,3877,3881,3886,3911,3915,3949,3953,3966,3975,3979,3984,3994,4031,4048,4053,4057,4091,4128,4132,4137,4154,4170,4175,4181,4214,4228,4233,4239,4256,4276,4281,4310,4315],{"__ignoreMap":1045},[1050,3442,3443],{"class":1052,"line":1053},[1050,3444,3445],{"class":1056},"# Safe dynamic query building\n",[1050,3447,3448,3450,3453,3455,3457],{"class":1052,"line":1060},[1050,3449,1064],{"class":1063},[1050,3451,3452],{"class":1067}," secure_dynamic_search",[1050,3454,1072],{"class":1071},[1050,3456,1076],{"class":1075},[1050,3458,1079],{"class":1071},[1050,3460,3461,3463,3466],{"class":1052,"line":1082},[1050,3462,1086],{"class":1085},[1050,3464,3465],{"class":1089},"SECURE: Dynamic search with validation",[1050,3467,1093],{"class":1085},[1050,3469,3470],{"class":1052,"line":1096},[1050,3471,1100],{"class":1099},[1050,3473,3474],{"class":1052,"line":1103},[1050,3475,3476],{"class":1056}," # Define allowed search fields\n",[1050,3478,3479,3483,3486],{"class":1052,"line":1149},[1050,3480,3482],{"class":3481},"se3Ec"," ALLOWED_FIELDS",[1050,3484,3485],{"class":1071}," =",[1050,3487,3488],{"class":1071}," {\n",[1050,3490,3491,3494,3496,3498,3500,3502,3504,3506],{"class":1052,"line":1154},[1050,3492,3493],{"class":1130}," '",[1050,3495,1135],{"class":1134},[1050,3497,1131],{"class":1130},[1050,3499,1311],{"class":1071},[1050,3501,1291],{"class":1130},[1050,3503,2259],{"class":1134},[1050,3505,1131],{"class":1130},[1050,3507,2023],{"class":1071},[1050,3509,3510,3512,3514,3516,3518,3520,3522,3524],{"class":1052,"line":1160},[1050,3511,3493],{"class":1130},[1050,3513,1936],{"class":1134},[1050,3515,1131],{"class":1130},[1050,3517,1311],{"class":1071},[1050,3519,1291],{"class":1130},[1050,3521,2315],{"class":1134},[1050,3523,1131],{"class":1130},[1050,3525,2023],{"class":1071},[1050,3527,3528,3530,3533,3535,3537,3539,3541,3543],{"class":1052,"line":1186},[1050,3529,3493],{"class":1130},[1050,3531,3532],{"class":1134},"first_name",[1050,3534,1131],{"class":1130},[1050,3536,1311],{"class":1071},[1050,3538,1291],{"class":1130},[1050,3540,2279],{"class":1134},[1050,3542,1131],{"class":1130},[1050,3544,2023],{"class":1071},[1050,3546,3547,3549,3552,3554,3556,3558,3560,3562],{"class":1052,"line":1191},[1050,3548,3493],{"class":1130},[1050,3550,3551],{"class":1134},"last_name",[1050,3553,1131],{"class":1130},[1050,3555,1311],{"class":1071},[1050,3557,1291],{"class":1130},[1050,3559,2297],{"class":1134},[1050,3561,1131],{"class":1130},[1050,3563,2023],{"class":1071},[1050,3565,3566,3568,3570,3572,3574,3576,3578,3580],{"class":1052,"line":1212},[1050,3567,3493],{"class":1130},[1050,3569,1968],{"class":1134},[1050,3571,1131],{"class":1130},[1050,3573,1311],{"class":1071},[1050,3575,1291],{"class":1130},[1050,3577,1968],{"class":1134},[1050,3579,1131],{"class":1130},[1050,3581,2023],{"class":1071},[1050,3583,3584,3586,3589,3591,3593,3595,3598],{"class":1052,"line":1231},[1050,3585,3493],{"class":1130},[1050,3587,3588],{"class":1134},"date_joined",[1050,3590,1131],{"class":1130},[1050,3592,1311],{"class":1071},[1050,3594,1291],{"class":1130},[1050,3596,3597],{"class":1134},"date_joined__gte",[1050,3599,1983],{"class":1130},[1050,3601,3602],{"class":1052,"line":1253},[1050,3603,3604],{"class":1071}," }\n",[1050,3606,3607],{"class":1052,"line":1258},[1050,3608,1100],{"class":1099},[1050,3610,3611],{"class":1052,"line":1276},[1050,3612,3613],{"class":1056}," # Build filter dictionary safely\n",[1050,3615,3616,3618,3620],{"class":1052,"line":1320},[1050,3617,3364],{"class":1099},[1050,3619,1109],{"class":1071},[1050,3621,3622],{"class":1071}," {}\n",[1050,3624,3625,3628,3631,3633,3636,3639,3641,3643,3645,3647,3650],{"class":1052,"line":1327},[1050,3626,3627],{"class":1194}," for",[1050,3629,3630],{"class":1099}," field",[1050,3632,1140],{"class":1071},[1050,3634,3635],{"class":1099}," value ",[1050,3637,3638],{"class":1194},"in",[1050,3640,1112],{"class":1099},[1050,3642,1115],{"class":1071},[1050,3644,1119],{"class":1118},[1050,3646,1115],{"class":1071},[1050,3648,3649],{"class":1124},"items",[1050,3651,3652],{"class":1071},"():\n",[1050,3654,3655,3658,3661,3663,3666,3669,3672],{"class":1052,"line":1333},[1050,3656,3657],{"class":1194}," if",[1050,3659,3660],{"class":1099}," field ",[1050,3662,3638],{"class":1412},[1050,3664,3665],{"class":3481}," ALLOWED_FIELDS",[1050,3667,3668],{"class":1412}," and",[1050,3670,3671],{"class":1099}," value",[1050,3673,2222],{"class":1071},[1050,3675,3676,3679,3681,3683,3686,3689],{"class":1052,"line":1339},[1050,3677,3678],{"class":1099}," django_field ",[1050,3680,1109],{"class":1071},[1050,3682,3665],{"class":3481},[1050,3684,3685],{"class":1071},"[",[1050,3687,3688],{"class":1099},"field",[1050,3690,2531],{"class":1071},[1050,3692,3693],{"class":1052,"line":1345},[1050,3694,3695],{"class":1099}," \n",[1050,3697,3698],{"class":1052,"line":1351},[1050,3699,3700],{"class":1056}," # Additional validation based on field type\n",[1050,3702,3703,3706,3708,3711,3713,3715,3717],{"class":1052,"line":1356},[1050,3704,3705],{"class":1194}," if",[1050,3707,3660],{"class":1099},[1050,3709,3710],{"class":1412},"==",[1050,3712,1291],{"class":1130},[1050,3714,1968],{"class":1134},[1050,3716,1131],{"class":1130},[1050,3718,2222],{"class":1071},[1050,3720,3721,3724,3726,3728,3730,3733,3735,3738,3740,3742,3744,3746,3748,3750,3752,3754,3756,3758,3761,3763],{"class":1052,"line":1362},[1050,3722,3723],{"class":1099}," value ",[1050,3725,1109],{"class":1071},[1050,3727,3671],{"class":1099},[1050,3729,1115],{"class":1071},[1050,3731,3732],{"class":1124},"lower",[1050,3734,2667],{"class":1071},[1050,3736,3737],{"class":1412}," in",[1050,3739,1550],{"class":1071},[1050,3741,1131],{"class":1130},[1050,3743,1980],{"class":1134},[1050,3745,1131],{"class":1130},[1050,3747,1140],{"class":1071},[1050,3749,1291],{"class":1130},[1050,3751,1442],{"class":1134},[1050,3753,1131],{"class":1130},[1050,3755,1140],{"class":1071},[1050,3757,1291],{"class":1130},[1050,3759,3760],{"class":1134},"yes",[1050,3762,1131],{"class":1130},[1050,3764,1146],{"class":1071},[1050,3766,3767,3770,3772,3774,3776,3778,3780],{"class":1052,"line":1368},[1050,3768,3769],{"class":1194}," elif",[1050,3771,3660],{"class":1099},[1050,3773,3710],{"class":1412},[1050,3775,1291],{"class":1130},[1050,3777,3588],{"class":1134},[1050,3779,1131],{"class":1130},[1050,3781,2222],{"class":1071},[1050,3783,3784,3787],{"class":1052,"line":1373},[1050,3785,3786],{"class":1194}," try",[1050,3788,2222],{"class":1071},[1050,3790,3791,3794,3797,3799],{"class":1052,"line":1379},[1050,3792,3793],{"class":1194}," from",[1050,3795,3796],{"class":1099}," datetime ",[1050,3798,1206],{"class":1194},[1050,3800,3801],{"class":1099}," datetime\n",[1050,3803,3804,3807,3809,3812,3814,3817,3819,3822,3824,3826,3829,3832,3834],{"class":1052,"line":2026},[1050,3805,3806],{"class":1099}," value ",[1050,3808,1109],{"class":1071},[1050,3810,3811],{"class":1099}," datetime",[1050,3813,1115],{"class":1071},[1050,3815,3816],{"class":1124},"strptime",[1050,3818,1072],{"class":1071},[1050,3820,3821],{"class":1124},"value",[1050,3823,1140],{"class":1071},[1050,3825,1291],{"class":1130},[1050,3827,3828],{"class":1134},"%Y-%m-",[1050,3830,3831],{"class":1174},"%d",[1050,3833,1131],{"class":1130},[1050,3835,1146],{"class":1071},[1050,3837,3838,3841,3845],{"class":1052,"line":2038},[1050,3839,3840],{"class":1194}," except",[1050,3842,3844],{"class":3843},"sa2tF"," ValueError",[1050,3846,2222],{"class":1071},[1050,3848,3849,3852],{"class":1052,"line":2049},[1050,3850,3851],{"class":1194}," continue",[1050,3853,3854],{"class":1056}," # Skip invalid dates\n",[1050,3856,3857],{"class":1052,"line":2069},[1050,3858,3695],{"class":1099},[1050,3860,3861,3864,3866,3869,3872,3874],{"class":1052,"line":2074},[1050,3862,3863],{"class":1099}," filters",[1050,3865,3685],{"class":1071},[1050,3867,3868],{"class":1099},"django_field",[1050,3870,3871],{"class":1071},"]",[1050,3873,3485],{"class":1071},[1050,3875,3876],{"class":1099}," value\n",[1050,3878,3879],{"class":1052,"line":2080},[1050,3880,1100],{"class":1099},[1050,3882,3883],{"class":1052,"line":2115},[1050,3884,3885],{"class":1056}," # Apply filters safely\n",[1050,3887,3888,3890,3892,3894,3896,3898,3900,3902,3904,3907,3909],{"class":1052,"line":2120},[1050,3889,1771],{"class":1099},[1050,3891,1109],{"class":1071},[1050,3893,1776],{"class":1099},[1050,3895,1115],{"class":1071},[1050,3897,1782],{"class":1781},[1050,3899,1115],{"class":1071},[1050,3901,1787],{"class":1124},[1050,3903,1072],{"class":1071},[1050,3905,3906],{"class":1412},"**",[1050,3908,3383],{"class":1124},[1050,3910,1146],{"class":1071},[1050,3912,3913],{"class":1052,"line":2134},[1050,3914,1100],{"class":1099},[1050,3916,3917,3919,3921,3923,3925,3927,3929,3931,3933,3935,3937,3939,3941,3943,3945,3947],{"class":1052,"line":2144},[1050,3918,1279],{"class":1194},[1050,3920,1282],{"class":1124},[1050,3922,1072],{"class":1071},[1050,3924,1076],{"class":1124},[1050,3926,1140],{"class":1071},[1050,3928,1291],{"class":1130},[1050,3930,1294],{"class":1134},[1050,3932,1131],{"class":1130},[1050,3934,1140],{"class":1071},[1050,3936,1301],{"class":1071},[1050,3938,1131],{"class":1130},[1050,3940,1843],{"class":1134},[1050,3942,1131],{"class":1130},[1050,3944,1311],{"class":1071},[1050,3946,1850],{"class":1124},[1050,3948,1317],{"class":1071},[1050,3950,3951],{"class":1052,"line":2149},[1050,3952,1324],{"emptyLinePlaceholder":1323},[1050,3954,3955,3957,3960,3962,3964],{"class":1052,"line":2170},[1050,3956,1064],{"class":1063},[1050,3958,3959],{"class":1067}," secure_ordering",[1050,3961,1072],{"class":1071},[1050,3963,1076],{"class":1075},[1050,3965,1079],{"class":1071},[1050,3967,3968,3970,3973],{"class":1052,"line":2175},[1050,3969,1086],{"class":1085},[1050,3971,3972],{"class":1089},"SECURE: Dynamic ordering with validation",[1050,3974,1093],{"class":1085},[1050,3976,3977],{"class":1052,"line":2208},[1050,3978,1100],{"class":1099},[1050,3980,3981],{"class":1052,"line":2213},[1050,3982,3983],{"class":1056}," # Define allowed ordering fields\n",[1050,3985,3986,3989,3991],{"class":1052,"line":2225},[1050,3987,3988],{"class":3481}," ALLOWED_ORDER_FIELDS",[1050,3990,3485],{"class":1071},[1050,3992,3993],{"class":1071}," [\n",[1050,3995,3996,3998,4000,4002,4004,4006,4008,4010,4012,4014,4016,4018,4020,4022,4024,4026,4028],{"class":1052,"line":2231},[1050,3997,3493],{"class":1130},[1050,3999,1135],{"class":1134},[1050,4001,1131],{"class":1130},[1050,4003,1140],{"class":1071},[1050,4005,1291],{"class":1130},[1050,4007,1936],{"class":1134},[1050,4009,1131],{"class":1130},[1050,4011,1140],{"class":1071},[1050,4013,1291],{"class":1130},[1050,4015,3532],{"class":1134},[1050,4017,1131],{"class":1130},[1050,4019,1140],{"class":1071},[1050,4021,1291],{"class":1130},[1050,4023,3551],{"class":1134},[1050,4025,1131],{"class":1130},[1050,4027,1140],{"class":1071},[1050,4029,4030],{"class":1099}," \n",[1050,4032,4033,4035,4037,4039,4041,4043,4046],{"class":1052,"line":2251},[1050,4034,3493],{"class":1130},[1050,4036,3588],{"class":1134},[1050,4038,1131],{"class":1130},[1050,4040,1140],{"class":1071},[1050,4042,1291],{"class":1130},[1050,4044,4045],{"class":1134},"last_login",[1050,4047,1983],{"class":1130},[1050,4049,4050],{"class":1052,"line":2272},[1050,4051,4052],{"class":1071}," ]\n",[1050,4054,4055],{"class":1052,"line":2290},[1050,4056,1100],{"class":1099},[1050,4058,4059,4061,4063,4065,4067,4069,4071,4073,4075,4077,4079,4081,4083,4085,4087,4089],{"class":1052,"line":2308},[1050,4060,3261],{"class":1099},[1050,4062,1109],{"class":1071},[1050,4064,1112],{"class":1099},[1050,4066,1115],{"class":1071},[1050,4068,1119],{"class":1118},[1050,4070,1115],{"class":1071},[1050,4072,1125],{"class":1124},[1050,4074,1072],{"class":1071},[1050,4076,1131],{"class":1130},[1050,4078,3280],{"class":1134},[1050,4080,1131],{"class":1130},[1050,4082,1140],{"class":1071},[1050,4084,1291],{"class":1130},[1050,4086,1135],{"class":1134},[1050,4088,1131],{"class":1130},[1050,4090,1146],{"class":1071},[1050,4092,4093,4096,4098,4100,4102,4104,4106,4108,4110,4112,4115,4117,4119,4121,4124,4126],{"class":1052,"line":2324},[1050,4094,4095],{"class":1099}," direction ",[1050,4097,1109],{"class":1071},[1050,4099,1112],{"class":1099},[1050,4101,1115],{"class":1071},[1050,4103,1119],{"class":1118},[1050,4105,1115],{"class":1071},[1050,4107,1125],{"class":1124},[1050,4109,1072],{"class":1071},[1050,4111,1131],{"class":1130},[1050,4113,4114],{"class":1134},"direction",[1050,4116,1131],{"class":1130},[1050,4118,1140],{"class":1071},[1050,4120,1291],{"class":1130},[1050,4122,4123],{"class":1134},"asc",[1050,4125,1131],{"class":1130},[1050,4127,1146],{"class":1071},[1050,4129,4130],{"class":1052,"line":2330},[1050,4131,1100],{"class":1099},[1050,4133,4134],{"class":1052,"line":2338},[1050,4135,4136],{"class":1056}," # Validate ordering field\n",[1050,4138,4139,4141,4144,4147,4149,4152],{"class":1052,"line":2358},[1050,4140,2216],{"class":1194},[1050,4142,4143],{"class":1099}," order_by ",[1050,4145,4146],{"class":1412},"not",[1050,4148,3737],{"class":1412},[1050,4150,4151],{"class":3481}," ALLOWED_ORDER_FIELDS",[1050,4153,2222],{"class":1071},[1050,4155,4156,4159,4161,4163,4165,4167],{"class":1052,"line":2363},[1050,4157,4158],{"class":1099}," order_by ",[1050,4160,1109],{"class":1071},[1050,4162,1291],{"class":1130},[1050,4164,1135],{"class":1134},[1050,4166,1131],{"class":1130},[1050,4168,4169],{"class":1056}," # Default safe value\n",[1050,4171,4173],{"class":1052,"line":4172},53,[1050,4174,1100],{"class":1099},[1050,4176,4178],{"class":1052,"line":4177},54,[1050,4179,4180],{"class":1056}," # Validate direction\n",[1050,4182,4184,4186,4189,4191,4193,4196,4198,4200,4202,4204,4206,4209,4211],{"class":1052,"line":4183},55,[1050,4185,2216],{"class":1194},[1050,4187,4188],{"class":1099}," direction ",[1050,4190,4146],{"class":1412},[1050,4192,3737],{"class":1412},[1050,4194,4195],{"class":1071}," [",[1050,4197,1131],{"class":1130},[1050,4199,4123],{"class":1134},[1050,4201,1131],{"class":1130},[1050,4203,1140],{"class":1071},[1050,4205,1291],{"class":1130},[1050,4207,4208],{"class":1134},"desc",[1050,4210,1131],{"class":1130},[1050,4212,4213],{"class":1071},"]:\n",[1050,4215,4217,4220,4222,4224,4226],{"class":1052,"line":4216},56,[1050,4218,4219],{"class":1099}," direction ",[1050,4221,1109],{"class":1071},[1050,4223,1291],{"class":1130},[1050,4225,4123],{"class":1134},[1050,4227,1983],{"class":1130},[1050,4229,4231],{"class":1052,"line":4230},57,[1050,4232,1100],{"class":1099},[1050,4234,4236],{"class":1052,"line":4235},58,[1050,4237,4238],{"class":1056}," # Build ordering string safely\n",[1050,4240,4242,4244,4246,4248,4250,4252,4254],{"class":1052,"line":4241},59,[1050,4243,2216],{"class":1194},[1050,4245,4188],{"class":1099},[1050,4247,3710],{"class":1412},[1050,4249,1291],{"class":1130},[1050,4251,4208],{"class":1134},[1050,4253,1131],{"class":1130},[1050,4255,2222],{"class":1071},[1050,4257,4259,4261,4263,4265,4268,4270,4272,4274],{"class":1052,"line":4258},60,[1050,4260,4158],{"class":1099},[1050,4262,1109],{"class":1071},[1050,4264,1168],{"class":1063},[1050,4266,4267],{"class":1134},"'-",[1050,4269,1175],{"class":1174},[1050,4271,3280],{"class":1099},[1050,4273,1180],{"class":1174},[1050,4275,1983],{"class":1134},[1050,4277,4279],{"class":1052,"line":4278},61,[1050,4280,1100],{"class":1099},[1050,4282,4284,4286,4288,4290,4292,4294,4296,4299,4302,4304,4306,4308],{"class":1052,"line":4283},62,[1050,4285,1771],{"class":1099},[1050,4287,1109],{"class":1071},[1050,4289,1776],{"class":1099},[1050,4291,1115],{"class":1071},[1050,4293,1782],{"class":1781},[1050,4295,1115],{"class":1071},[1050,4297,4298],{"class":1124},"all",[1050,4300,4301],{"class":1071},"().",[1050,4303,3280],{"class":1124},[1050,4305,1072],{"class":1071},[1050,4307,3280],{"class":1124},[1050,4309,1146],{"class":1071},[1050,4311,4313],{"class":1052,"line":4312},63,[1050,4314,1100],{"class":1099},[1050,4316,4318,4320,4322,4324,4326,4328,4330,4332,4334,4336,4338,4340,4342,4344,4346,4348],{"class":1052,"line":4317},64,[1050,4319,1279],{"class":1194},[1050,4321,1282],{"class":1124},[1050,4323,1072],{"class":1071},[1050,4325,1076],{"class":1124},[1050,4327,1140],{"class":1071},[1050,4329,1291],{"class":1130},[1050,4331,2557],{"class":1134},[1050,4333,1131],{"class":1130},[1050,4335,1140],{"class":1071},[1050,4337,1301],{"class":1071},[1050,4339,1131],{"class":1130},[1050,4341,1843],{"class":1134},[1050,4343,1131],{"class":1130},[1050,4345,1311],{"class":1071},[1050,4347,1850],{"class":1124},[1050,4349,1317],{"class":1071},[1035,4351,4353],{"id":4352},"safe-complex-query-building","Safe Complex Query Building",[1040,4355,4357],{"className":1042,"code":4356,"language":1044,"meta":1045,"style":1045},"def secure_advanced_search(request):\n \"\"\"SECURE: Advanced search with multiple criteria\"\"\"\n \n from django.db.models import Q\n from datetime import datetime, timedelta\n \n # Get search parameters\n search_term = request.GET.get('search', '').strip()\n user_type = request.GET.get('user_type', '')\n date_range = request.GET.get('date_range', '')\n \n # Start with base queryset\n queryset = User.objects.all()\n \n # Add search term filter\n if search_term:\n # Limit search term length to prevent DoS\n if len(search_term) > 100:\n search_term = search_term[:100]\n \n queryset = queryset.filter(\n Q(username__icontains=search_term) |\n Q(first_name__icontains=search_term) |\n Q(last_name__icontains=search_term) |\n Q(email__icontains=search_term)\n )\n \n # Add user type filter\n if user_type in ['staff', 'superuser', 'regular']:\n if user_type == 'staff':\n queryset = queryset.filter(is_staff=True)\n elif user_type == 'superuser':\n queryset = queryset.filter(is_superuser=True)\n elif user_type == 'regular':\n queryset = queryset.filter(is_staff=False, is_superuser=False)\n \n # Add date range filter\n if date_range in ['today', 'week', 'month', 'year']:\n now = datetime.now()\n if date_range == 'today':\n start_date = now.replace(hour=0, minute=0, second=0, microsecond=0)\n elif date_range == 'week':\n start_date = now - timedelta(days=7)\n elif date_range == 'month':\n start_date = now - timedelta(days=30)\n elif date_range == 'year':\n start_date = now - timedelta(days=365)\n \n queryset = queryset.filter(date_joined__gte=start_date)\n \n # Optimize query\n queryset = queryset.select_related('profile').prefetch_related('groups')\n \n # Limit results to prevent DoS\n queryset = queryset[:1000]\n \n return render(request, 'advanced_search.html', {'users': queryset})\n",[1047,4358,4359,4372,4381,4385,4403,4418,4422,4427,4463,4495,4527,4531,4536,4555,4559,4564,4572,4577,4598,4615,4619,4635,4651,4667,4683,4697,4701,4705,4710,4748,4764,4789,4806,4829,4845,4877,4881,4886,4933,4949,4965,5019,5035,5062,5078,5101,5117,5140,5144,5167,5171,5176,5212,5216,5221,5236,5240],{"__ignoreMap":1045},[1050,4360,4361,4363,4366,4368,4370],{"class":1052,"line":1053},[1050,4362,1064],{"class":1063},[1050,4364,4365],{"class":1067}," secure_advanced_search",[1050,4367,1072],{"class":1071},[1050,4369,1076],{"class":1075},[1050,4371,1079],{"class":1071},[1050,4373,4374,4376,4379],{"class":1052,"line":1060},[1050,4375,1086],{"class":1085},[1050,4377,4378],{"class":1089},"SECURE: Advanced search with multiple criteria",[1050,4380,1093],{"class":1085},[1050,4382,4383],{"class":1052,"line":1082},[1050,4384,1100],{"class":1099},[1050,4386,4387,4389,4391,4393,4395,4397,4399,4401],{"class":1052,"line":1096},[1050,4388,1195],{"class":1194},[1050,4390,1198],{"class":1099},[1050,4392,1115],{"class":1071},[1050,4394,2158],{"class":1099},[1050,4396,1115],{"class":1071},[1050,4398,1692],{"class":1099},[1050,4400,1206],{"class":1194},[1050,4402,2167],{"class":1099},[1050,4404,4405,4407,4409,4411,4413,4415],{"class":1052,"line":1103},[1050,4406,1195],{"class":1194},[1050,4408,3796],{"class":1099},[1050,4410,1206],{"class":1194},[1050,4412,3811],{"class":1099},[1050,4414,1140],{"class":1071},[1050,4416,4417],{"class":1099}," timedelta\n",[1050,4419,4420],{"class":1052,"line":1149},[1050,4421,1100],{"class":1099},[1050,4423,4424],{"class":1052,"line":1154},[1050,4425,4426],{"class":1056}," # Get search parameters\n",[1050,4428,4429,4431,4433,4435,4437,4439,4441,4443,4445,4447,4449,4451,4453,4455,4458,4461],{"class":1052,"line":1160},[1050,4430,2178],{"class":1099},[1050,4432,1109],{"class":1071},[1050,4434,1112],{"class":1099},[1050,4436,1115],{"class":1071},[1050,4438,1119],{"class":1118},[1050,4440,1115],{"class":1071},[1050,4442,1125],{"class":1124},[1050,4444,1072],{"class":1071},[1050,4446,1131],{"class":1130},[1050,4448,2197],{"class":1134},[1050,4450,1131],{"class":1130},[1050,4452,1140],{"class":1071},[1050,4454,1143],{"class":1130},[1050,4456,4457],{"class":1071},").",[1050,4459,4460],{"class":1124},"strip",[1050,4462,1228],{"class":1071},[1050,4464,4465,4468,4470,4472,4474,4476,4478,4480,4482,4484,4487,4489,4491,4493],{"class":1052,"line":1186},[1050,4466,4467],{"class":1099}," user_type ",[1050,4469,1109],{"class":1071},[1050,4471,1112],{"class":1099},[1050,4473,1115],{"class":1071},[1050,4475,1119],{"class":1118},[1050,4477,1115],{"class":1071},[1050,4479,1125],{"class":1124},[1050,4481,1072],{"class":1071},[1050,4483,1131],{"class":1130},[1050,4485,4486],{"class":1134},"user_type",[1050,4488,1131],{"class":1130},[1050,4490,1140],{"class":1071},[1050,4492,1143],{"class":1130},[1050,4494,1146],{"class":1071},[1050,4496,4497,4500,4502,4504,4506,4508,4510,4512,4514,4516,4519,4521,4523,4525],{"class":1052,"line":1191},[1050,4498,4499],{"class":1099}," date_range ",[1050,4501,1109],{"class":1071},[1050,4503,1112],{"class":1099},[1050,4505,1115],{"class":1071},[1050,4507,1119],{"class":1118},[1050,4509,1115],{"class":1071},[1050,4511,1125],{"class":1124},[1050,4513,1072],{"class":1071},[1050,4515,1131],{"class":1130},[1050,4517,4518],{"class":1134},"date_range",[1050,4520,1131],{"class":1130},[1050,4522,1140],{"class":1071},[1050,4524,1143],{"class":1130},[1050,4526,1146],{"class":1071},[1050,4528,4529],{"class":1052,"line":1212},[1050,4530,1100],{"class":1099},[1050,4532,4533],{"class":1052,"line":1231},[1050,4534,4535],{"class":1056}," # Start with base queryset\n",[1050,4537,4538,4541,4543,4545,4547,4549,4551,4553],{"class":1052,"line":1253},[1050,4539,4540],{"class":1099}," queryset ",[1050,4542,1109],{"class":1071},[1050,4544,1776],{"class":1099},[1050,4546,1115],{"class":1071},[1050,4548,1782],{"class":1781},[1050,4550,1115],{"class":1071},[1050,4552,4298],{"class":1124},[1050,4554,1228],{"class":1071},[1050,4556,4557],{"class":1052,"line":1258},[1050,4558,1100],{"class":1099},[1050,4560,4561],{"class":1052,"line":1276},[1050,4562,4563],{"class":1056}," # Add search term filter\n",[1050,4565,4566,4568,4570],{"class":1052,"line":1320},[1050,4567,2216],{"class":1194},[1050,4569,2219],{"class":1099},[1050,4571,2222],{"class":1071},[1050,4573,4574],{"class":1052,"line":1327},[1050,4575,4576],{"class":1056}," # Limit search term length to prevent DoS\n",[1050,4578,4579,4581,4584,4586,4588,4590,4593,4596],{"class":1052,"line":1333},[1050,4580,3657],{"class":1194},[1050,4582,4583],{"class":1555}," len",[1050,4585,1072],{"class":1071},[1050,4587,2264],{"class":1124},[1050,4589,1247],{"class":1071},[1050,4591,4592],{"class":1412}," >",[1050,4594,4595],{"class":1576}," 100",[1050,4597,2222],{"class":1071},[1050,4599,4600,4603,4605,4607,4610,4613],{"class":1052,"line":1339},[1050,4601,4602],{"class":1099}," search_term ",[1050,4604,1109],{"class":1071},[1050,4606,2219],{"class":1099},[1050,4608,4609],{"class":1071},"[:",[1050,4611,4612],{"class":1576},"100",[1050,4614,2531],{"class":1071},[1050,4616,4617],{"class":1052,"line":1345},[1050,4618,2741],{"class":1099},[1050,4620,4621,4624,4626,4629,4631,4633],{"class":1052,"line":1351},[1050,4622,4623],{"class":1099}," queryset ",[1050,4625,1109],{"class":1071},[1050,4627,4628],{"class":1099}," queryset",[1050,4630,1115],{"class":1071},[1050,4632,1787],{"class":1124},[1050,4634,2011],{"class":1071},[1050,4636,4637,4639,4641,4643,4645,4647,4649],{"class":1052,"line":1356},[1050,4638,2254],{"class":1124},[1050,4640,1072],{"class":1071},[1050,4642,2259],{"class":1792},[1050,4644,1109],{"class":1071},[1050,4646,2264],{"class":1124},[1050,4648,1247],{"class":1071},[1050,4650,2269],{"class":1412},[1050,4652,4653,4655,4657,4659,4661,4663,4665],{"class":1052,"line":1362},[1050,4654,2254],{"class":1124},[1050,4656,1072],{"class":1071},[1050,4658,2279],{"class":1792},[1050,4660,1109],{"class":1071},[1050,4662,2264],{"class":1124},[1050,4664,1247],{"class":1071},[1050,4666,2269],{"class":1412},[1050,4668,4669,4671,4673,4675,4677,4679,4681],{"class":1052,"line":1368},[1050,4670,2254],{"class":1124},[1050,4672,1072],{"class":1071},[1050,4674,2297],{"class":1792},[1050,4676,1109],{"class":1071},[1050,4678,2264],{"class":1124},[1050,4680,1247],{"class":1071},[1050,4682,2269],{"class":1412},[1050,4684,4685,4687,4689,4691,4693,4695],{"class":1052,"line":1373},[1050,4686,2254],{"class":1124},[1050,4688,1072],{"class":1071},[1050,4690,2315],{"class":1792},[1050,4692,1109],{"class":1071},[1050,4694,2264],{"class":1124},[1050,4696,1146],{"class":1071},[1050,4698,4699],{"class":1052,"line":1379},[1050,4700,2327],{"class":1071},[1050,4702,4703],{"class":1052,"line":2026},[1050,4704,1100],{"class":1099},[1050,4706,4707],{"class":1052,"line":2038},[1050,4708,4709],{"class":1056}," # Add user type filter\n",[1050,4711,4712,4714,4717,4719,4721,4723,4726,4728,4730,4732,4735,4737,4739,4741,4744,4746],{"class":1052,"line":2049},[1050,4713,2216],{"class":1194},[1050,4715,4716],{"class":1099}," user_type ",[1050,4718,3638],{"class":1412},[1050,4720,4195],{"class":1071},[1050,4722,1131],{"class":1130},[1050,4724,4725],{"class":1134},"staff",[1050,4727,1131],{"class":1130},[1050,4729,1140],{"class":1071},[1050,4731,1291],{"class":1130},[1050,4733,4734],{"class":1134},"superuser",[1050,4736,1131],{"class":1130},[1050,4738,1140],{"class":1071},[1050,4740,1291],{"class":1130},[1050,4742,4743],{"class":1134},"regular",[1050,4745,1131],{"class":1130},[1050,4747,4213],{"class":1071},[1050,4749,4750,4752,4754,4756,4758,4760,4762],{"class":1052,"line":2069},[1050,4751,3657],{"class":1194},[1050,4753,4716],{"class":1099},[1050,4755,3710],{"class":1412},[1050,4757,1291],{"class":1130},[1050,4759,4725],{"class":1134},[1050,4761,1131],{"class":1130},[1050,4763,2222],{"class":1071},[1050,4765,4766,4769,4771,4773,4775,4777,4779,4782,4784,4787],{"class":1052,"line":2074},[1050,4767,4768],{"class":1099}," queryset ",[1050,4770,1109],{"class":1071},[1050,4772,4628],{"class":1099},[1050,4774,1115],{"class":1071},[1050,4776,1787],{"class":1124},[1050,4778,1072],{"class":1071},[1050,4780,4781],{"class":1792},"is_staff",[1050,4783,1109],{"class":1071},[1050,4785,4786],{"class":2527},"True",[1050,4788,1146],{"class":1071},[1050,4790,4791,4794,4796,4798,4800,4802,4804],{"class":1052,"line":2080},[1050,4792,4793],{"class":1194}," elif",[1050,4795,4716],{"class":1099},[1050,4797,3710],{"class":1412},[1050,4799,1291],{"class":1130},[1050,4801,4734],{"class":1134},[1050,4803,1131],{"class":1130},[1050,4805,2222],{"class":1071},[1050,4807,4808,4810,4812,4814,4816,4818,4820,4823,4825,4827],{"class":1052,"line":2115},[1050,4809,4768],{"class":1099},[1050,4811,1109],{"class":1071},[1050,4813,4628],{"class":1099},[1050,4815,1115],{"class":1071},[1050,4817,1787],{"class":1124},[1050,4819,1072],{"class":1071},[1050,4821,4822],{"class":1792},"is_superuser",[1050,4824,1109],{"class":1071},[1050,4826,4786],{"class":2527},[1050,4828,1146],{"class":1071},[1050,4830,4831,4833,4835,4837,4839,4841,4843],{"class":1052,"line":2120},[1050,4832,4793],{"class":1194},[1050,4834,4716],{"class":1099},[1050,4836,3710],{"class":1412},[1050,4838,1291],{"class":1130},[1050,4840,4743],{"class":1134},[1050,4842,1131],{"class":1130},[1050,4844,2222],{"class":1071},[1050,4846,4847,4849,4851,4853,4855,4857,4859,4861,4863,4866,4868,4871,4873,4875],{"class":1052,"line":2134},[1050,4848,4768],{"class":1099},[1050,4850,1109],{"class":1071},[1050,4852,4628],{"class":1099},[1050,4854,1115],{"class":1071},[1050,4856,1787],{"class":1124},[1050,4858,1072],{"class":1071},[1050,4860,4781],{"class":1792},[1050,4862,1109],{"class":1071},[1050,4864,4865],{"class":2527},"False",[1050,4867,1140],{"class":1071},[1050,4869,4870],{"class":1792}," is_superuser",[1050,4872,1109],{"class":1071},[1050,4874,4865],{"class":2527},[1050,4876,1146],{"class":1071},[1050,4878,4879],{"class":1052,"line":2144},[1050,4880,1100],{"class":1099},[1050,4882,4883],{"class":1052,"line":2149},[1050,4884,4885],{"class":1056}," # Add date range filter\n",[1050,4887,4888,4890,4893,4895,4897,4899,4902,4904,4906,4908,4911,4913,4915,4917,4920,4922,4924,4926,4929,4931],{"class":1052,"line":2170},[1050,4889,2216],{"class":1194},[1050,4891,4892],{"class":1099}," date_range ",[1050,4894,3638],{"class":1412},[1050,4896,4195],{"class":1071},[1050,4898,1131],{"class":1130},[1050,4900,4901],{"class":1134},"today",[1050,4903,1131],{"class":1130},[1050,4905,1140],{"class":1071},[1050,4907,1291],{"class":1130},[1050,4909,4910],{"class":1134},"week",[1050,4912,1131],{"class":1130},[1050,4914,1140],{"class":1071},[1050,4916,1291],{"class":1130},[1050,4918,4919],{"class":1134},"month",[1050,4921,1131],{"class":1130},[1050,4923,1140],{"class":1071},[1050,4925,1291],{"class":1130},[1050,4927,4928],{"class":1134},"year",[1050,4930,1131],{"class":1130},[1050,4932,4213],{"class":1071},[1050,4934,4935,4938,4940,4942,4944,4947],{"class":1052,"line":2175},[1050,4936,4937],{"class":1099}," now ",[1050,4939,1109],{"class":1071},[1050,4941,3811],{"class":1099},[1050,4943,1115],{"class":1071},[1050,4945,4946],{"class":1124},"now",[1050,4948,1228],{"class":1071},[1050,4950,4951,4953,4955,4957,4959,4961,4963],{"class":1052,"line":2208},[1050,4952,3657],{"class":1194},[1050,4954,4892],{"class":1099},[1050,4956,3710],{"class":1412},[1050,4958,1291],{"class":1130},[1050,4960,4901],{"class":1134},[1050,4962,1131],{"class":1130},[1050,4964,2222],{"class":1071},[1050,4966,4967,4970,4972,4975,4977,4980,4982,4985,4987,4990,4992,4995,4997,4999,5001,5004,5006,5008,5010,5013,5015,5017],{"class":1052,"line":2213},[1050,4968,4969],{"class":1099}," start_date ",[1050,4971,1109],{"class":1071},[1050,4973,4974],{"class":1099}," now",[1050,4976,1115],{"class":1071},[1050,4978,4979],{"class":1124},"replace",[1050,4981,1072],{"class":1071},[1050,4983,4984],{"class":1792},"hour",[1050,4986,1109],{"class":1071},[1050,4988,4989],{"class":1576},"0",[1050,4991,1140],{"class":1071},[1050,4993,4994],{"class":1792}," minute",[1050,4996,1109],{"class":1071},[1050,4998,4989],{"class":1576},[1050,5000,1140],{"class":1071},[1050,5002,5003],{"class":1792}," second",[1050,5005,1109],{"class":1071},[1050,5007,4989],{"class":1576},[1050,5009,1140],{"class":1071},[1050,5011,5012],{"class":1792}," microsecond",[1050,5014,1109],{"class":1071},[1050,5016,4989],{"class":1576},[1050,5018,1146],{"class":1071},[1050,5020,5021,5023,5025,5027,5029,5031,5033],{"class":1052,"line":2225},[1050,5022,4793],{"class":1194},[1050,5024,4892],{"class":1099},[1050,5026,3710],{"class":1412},[1050,5028,1291],{"class":1130},[1050,5030,4910],{"class":1134},[1050,5032,1131],{"class":1130},[1050,5034,2222],{"class":1071},[1050,5036,5037,5039,5041,5044,5047,5050,5052,5055,5057,5060],{"class":1052,"line":2231},[1050,5038,4969],{"class":1099},[1050,5040,1109],{"class":1071},[1050,5042,5043],{"class":1099}," now ",[1050,5045,5046],{"class":1412},"-",[1050,5048,5049],{"class":1124}," timedelta",[1050,5051,1072],{"class":1071},[1050,5053,5054],{"class":1792},"days",[1050,5056,1109],{"class":1071},[1050,5058,5059],{"class":1576},"7",[1050,5061,1146],{"class":1071},[1050,5063,5064,5066,5068,5070,5072,5074,5076],{"class":1052,"line":2251},[1050,5065,4793],{"class":1194},[1050,5067,4892],{"class":1099},[1050,5069,3710],{"class":1412},[1050,5071,1291],{"class":1130},[1050,5073,4919],{"class":1134},[1050,5075,1131],{"class":1130},[1050,5077,2222],{"class":1071},[1050,5079,5080,5082,5084,5086,5088,5090,5092,5094,5096,5099],{"class":1052,"line":2272},[1050,5081,4969],{"class":1099},[1050,5083,1109],{"class":1071},[1050,5085,5043],{"class":1099},[1050,5087,5046],{"class":1412},[1050,5089,5049],{"class":1124},[1050,5091,1072],{"class":1071},[1050,5093,5054],{"class":1792},[1050,5095,1109],{"class":1071},[1050,5097,5098],{"class":1576},"30",[1050,5100,1146],{"class":1071},[1050,5102,5103,5105,5107,5109,5111,5113,5115],{"class":1052,"line":2290},[1050,5104,4793],{"class":1194},[1050,5106,4892],{"class":1099},[1050,5108,3710],{"class":1412},[1050,5110,1291],{"class":1130},[1050,5112,4928],{"class":1134},[1050,5114,1131],{"class":1130},[1050,5116,2222],{"class":1071},[1050,5118,5119,5121,5123,5125,5127,5129,5131,5133,5135,5138],{"class":1052,"line":2308},[1050,5120,4969],{"class":1099},[1050,5122,1109],{"class":1071},[1050,5124,5043],{"class":1099},[1050,5126,5046],{"class":1412},[1050,5128,5049],{"class":1124},[1050,5130,1072],{"class":1071},[1050,5132,5054],{"class":1792},[1050,5134,1109],{"class":1071},[1050,5136,5137],{"class":1576},"365",[1050,5139,1146],{"class":1071},[1050,5141,5142],{"class":1052,"line":2324},[1050,5143,2741],{"class":1099},[1050,5145,5146,5148,5150,5152,5154,5156,5158,5160,5162,5165],{"class":1052,"line":2330},[1050,5147,4623],{"class":1099},[1050,5149,1109],{"class":1071},[1050,5151,4628],{"class":1099},[1050,5153,1115],{"class":1071},[1050,5155,1787],{"class":1124},[1050,5157,1072],{"class":1071},[1050,5159,3597],{"class":1792},[1050,5161,1109],{"class":1071},[1050,5163,5164],{"class":1124},"start_date",[1050,5166,1146],{"class":1071},[1050,5168,5169],{"class":1052,"line":2338},[1050,5170,1100],{"class":1099},[1050,5172,5173],{"class":1052,"line":2358},[1050,5174,5175],{"class":1056}," # Optimize query\n",[1050,5177,5178,5180,5182,5184,5186,5188,5190,5192,5194,5196,5198,5201,5203,5205,5208,5210],{"class":1052,"line":2363},[1050,5179,4540],{"class":1099},[1050,5181,1109],{"class":1071},[1050,5183,4628],{"class":1099},[1050,5185,1115],{"class":1071},[1050,5187,2055],{"class":1124},[1050,5189,1072],{"class":1071},[1050,5191,1131],{"class":1130},[1050,5193,2062],{"class":1134},[1050,5195,1131],{"class":1130},[1050,5197,4457],{"class":1071},[1050,5199,5200],{"class":1124},"prefetch_related",[1050,5202,1072],{"class":1071},[1050,5204,1131],{"class":1130},[1050,5206,5207],{"class":1134},"groups",[1050,5209,1131],{"class":1130},[1050,5211,1146],{"class":1071},[1050,5213,5214],{"class":1052,"line":4172},[1050,5215,1100],{"class":1099},[1050,5217,5218],{"class":1052,"line":4177},[1050,5219,5220],{"class":1056}," # Limit results to prevent DoS\n",[1050,5222,5223,5225,5227,5229,5231,5234],{"class":1052,"line":4183},[1050,5224,4540],{"class":1099},[1050,5226,1109],{"class":1071},[1050,5228,4628],{"class":1099},[1050,5230,4609],{"class":1071},[1050,5232,5233],{"class":1576},"1000",[1050,5235,2531],{"class":1071},[1050,5237,5238],{"class":1052,"line":4216},[1050,5239,1100],{"class":1099},[1050,5241,5242,5244,5246,5248,5250,5252,5254,5257,5259,5261,5263,5265,5267,5269,5271,5273],{"class":1052,"line":4230},[1050,5243,1279],{"class":1194},[1050,5245,1282],{"class":1124},[1050,5247,1072],{"class":1071},[1050,5249,1076],{"class":1124},[1050,5251,1140],{"class":1071},[1050,5253,1291],{"class":1130},[1050,5255,5256],{"class":1134},"advanced_search.html",[1050,5258,1131],{"class":1130},[1050,5260,1140],{"class":1071},[1050,5262,1301],{"class":1071},[1050,5264,1131],{"class":1130},[1050,5266,1843],{"class":1134},[1050,5268,1131],{"class":1130},[1050,5270,1311],{"class":1071},[1050,5272,4628],{"class":1124},[1050,5274,1317],{"class":1071},[1030,5276,5278],{"id":5277},"input-validation-for-sql-safety","Input Validation for SQL Safety",[1035,5280,5282],{"id":5281},"form-based-validation","Form-Based Validation",[1040,5284,5286],{"className":1042,"code":5285,"language":1044,"meta":1045,"style":1045},"# forms.py - Secure form validation\nfrom django import forms\nfrom django.core.exceptions import ValidationError\nimport re\n\nclass UserSearchForm(forms.Form):\n \"\"\"Secure user search form\"\"\"\n \n username = forms.CharField(\n max_length=150,\n required=False,\n widget=forms.TextInput(attrs={'placeholder': 'Username'})\n )\n \n email = forms.EmailField(\n required=False,\n widget=forms.EmailInput(attrs={'placeholder': 'Email'})\n )\n \n order_by = forms.ChoiceField(\n choices=[\n ('username', 'Username'),\n ('email', 'Email'),\n ('date_joined', 'Date Joined'),\n ('last_login', 'Last Login'),\n ],\n required=False,\n initial='username'\n )\n \n direction = forms.ChoiceField(\n choices=[('asc', 'Ascending'), ('desc', 'Descending')],\n required=False,\n initial='asc'\n )\n \n def clean_username(self):\n \"\"\"Validate username field\"\"\"\n username = self.cleaned_data['username']\n \n if username:\n # Remove potentially dangerous characters\n username = re.sub(r'[^\\w\\-\\.]', '', username)\n \n # Limit length\n if len(username) > 150:\n raise ValidationError(\"Username too long\")\n \n return username\n \n def clean(self):\n \"\"\"Cross-field validation\"\"\"\n cleaned_data = super().clean()\n \n username = cleaned_data.get('username')\n email = cleaned_data.get('email')\n \n # Require at least one search criterion\n if not username and not email:\n raise ValidationError(\"Please provide at least one search criterion\")\n \n return cleaned_data\n\n# Using the form in views\ndef secure_search_view(request):\n \"\"\"Secure search using validated form data\"\"\"\n \n form = UserSearchForm(request.GET)\n users = []\n \n if form.is_valid():\n # Use validated data for queries\n username = form.cleaned_data.get('username')\n email = form.cleaned_data.get('email')\n order_by = form.cleaned_data.get('order_by', 'username')\n direction = form.cleaned_data.get('direction', 'asc')\n \n # Build query safely\n queryset = User.objects.all()\n \n if username:\n queryset = queryset.filter(username__icontains=username)\n \n if email:\n queryset = queryset.filter(email__icontains=email)\n \n # Apply ordering\n if direction == 'desc':\n order_by = f'-{order_by}'\n \n users = queryset.order_by(order_by)[:100] # Limit results\n \n return render(request, 'search.html', {\n 'form': form,\n 'users': users\n })\n",[1047,5287,5288,5293,5305,5326,5333,5337,5359,5368,5372,5388,5400,5411,5451,5455,5459,5474,5484,5520,5524,5528,5543,5551,5573,5593,5614,5635,5640,5650,5663,5667,5671,5685,5730,5740,5752,5756,5760,5776,5786,5811,5815,5824,5829,5879,5883,5888,5907,5926,5930,5937,5941,5954,5963,5980,5984,6007,6030,6034,6039,6058,6076,6080,6087,6091,6096,6110,6120,6125,6145,6155,6160,6175,6181,6208,6235,6270,6305,6310,6316,6335,6340,6349,6372,6377,6386,6409,6414,6420,6437,6457,6462,6489,6494,6518,6534,6548],{"__ignoreMap":1045},[1050,5289,5290],{"class":1052,"line":1053},[1050,5291,5292],{"class":1056},"# forms.py - Secure form validation\n",[1050,5294,5295,5297,5300,5302],{"class":1052,"line":1060},[1050,5296,1675],{"class":1194},[1050,5298,5299],{"class":1099}," django ",[1050,5301,1206],{"class":1194},[1050,5303,5304],{"class":1099}," forms\n",[1050,5306,5307,5309,5311,5313,5316,5318,5321,5323],{"class":1052,"line":1082},[1050,5308,1675],{"class":1194},[1050,5310,1198],{"class":1099},[1050,5312,1115],{"class":1071},[1050,5314,5315],{"class":1099},"core",[1050,5317,1115],{"class":1071},[1050,5319,5320],{"class":1099},"exceptions ",[1050,5322,1206],{"class":1194},[1050,5324,5325],{"class":1099}," ValidationError\n",[1050,5327,5328,5330],{"class":1052,"line":1096},[1050,5329,1206],{"class":1194},[1050,5331,5332],{"class":1099}," re\n",[1050,5334,5335],{"class":1052,"line":1103},[1050,5336,1324],{"emptyLinePlaceholder":1323},[1050,5338,5339,5342,5346,5348,5352,5354,5357],{"class":1052,"line":1149},[1050,5340,5341],{"class":1063},"class",[1050,5343,5345],{"class":5344},"sD-vU"," UserSearchForm",[1050,5347,1072],{"class":1071},[1050,5349,5351],{"class":5350},"sYn-s","forms",[1050,5353,1115],{"class":1071},[1050,5355,5356],{"class":5350},"Form",[1050,5358,1079],{"class":1071},[1050,5360,5361,5363,5366],{"class":1052,"line":1154},[1050,5362,1086],{"class":1085},[1050,5364,5365],{"class":1089},"Secure user search form",[1050,5367,1093],{"class":1085},[1050,5369,5370],{"class":1052,"line":1160},[1050,5371,1100],{"class":1099},[1050,5373,5374,5376,5378,5381,5383,5386],{"class":1052,"line":1186},[1050,5375,1106],{"class":1099},[1050,5377,1109],{"class":1071},[1050,5379,5380],{"class":1099}," forms",[1050,5382,1115],{"class":1071},[1050,5384,5385],{"class":1124},"CharField",[1050,5387,2011],{"class":1071},[1050,5389,5390,5393,5395,5398],{"class":1052,"line":1191},[1050,5391,5392],{"class":1792}," max_length",[1050,5394,1109],{"class":1071},[1050,5396,5397],{"class":1576},"150",[1050,5399,2023],{"class":1071},[1050,5401,5402,5405,5407,5409],{"class":1052,"line":1212},[1050,5403,5404],{"class":1792}," required",[1050,5406,1109],{"class":1071},[1050,5408,4865],{"class":2527},[1050,5410,2023],{"class":1071},[1050,5412,5413,5416,5418,5420,5422,5425,5427,5430,5433,5435,5438,5440,5442,5444,5447,5449],{"class":1052,"line":1231},[1050,5414,5415],{"class":1792}," widget",[1050,5417,1109],{"class":1071},[1050,5419,5351],{"class":1124},[1050,5421,1115],{"class":1071},[1050,5423,5424],{"class":1124},"TextInput",[1050,5426,1072],{"class":1071},[1050,5428,5429],{"class":1792},"attrs",[1050,5431,5432],{"class":1071},"={",[1050,5434,1131],{"class":1130},[1050,5436,5437],{"class":1134},"placeholder",[1050,5439,1131],{"class":1130},[1050,5441,1311],{"class":1071},[1050,5443,1291],{"class":1130},[1050,5445,5446],{"class":1134},"Username",[1050,5448,1131],{"class":1130},[1050,5450,1317],{"class":1071},[1050,5452,5453],{"class":1052,"line":1253},[1050,5454,2536],{"class":1071},[1050,5456,5457],{"class":1052,"line":1258},[1050,5458,1100],{"class":1099},[1050,5460,5461,5463,5465,5467,5469,5472],{"class":1052,"line":1276},[1050,5462,1917],{"class":1099},[1050,5464,1109],{"class":1071},[1050,5466,5380],{"class":1099},[1050,5468,1115],{"class":1071},[1050,5470,5471],{"class":1124},"EmailField",[1050,5473,2011],{"class":1071},[1050,5475,5476,5478,5480,5482],{"class":1052,"line":1320},[1050,5477,5404],{"class":1792},[1050,5479,1109],{"class":1071},[1050,5481,4865],{"class":2527},[1050,5483,2023],{"class":1071},[1050,5485,5486,5488,5490,5492,5494,5497,5499,5501,5503,5505,5507,5509,5511,5513,5516,5518],{"class":1052,"line":1327},[1050,5487,5415],{"class":1792},[1050,5489,1109],{"class":1071},[1050,5491,5351],{"class":1124},[1050,5493,1115],{"class":1071},[1050,5495,5496],{"class":1124},"EmailInput",[1050,5498,1072],{"class":1071},[1050,5500,5429],{"class":1792},[1050,5502,5432],{"class":1071},[1050,5504,1131],{"class":1130},[1050,5506,5437],{"class":1134},[1050,5508,1131],{"class":1130},[1050,5510,1311],{"class":1071},[1050,5512,1291],{"class":1130},[1050,5514,5515],{"class":1134},"Email",[1050,5517,1131],{"class":1130},[1050,5519,1317],{"class":1071},[1050,5521,5522],{"class":1052,"line":1333},[1050,5523,2536],{"class":1071},[1050,5525,5526],{"class":1052,"line":1339},[1050,5527,1100],{"class":1099},[1050,5529,5530,5532,5534,5536,5538,5541],{"class":1052,"line":1345},[1050,5531,3261],{"class":1099},[1050,5533,1109],{"class":1071},[1050,5535,5380],{"class":1099},[1050,5537,1115],{"class":1071},[1050,5539,5540],{"class":1124},"ChoiceField",[1050,5542,2011],{"class":1071},[1050,5544,5545,5548],{"class":1052,"line":1351},[1050,5546,5547],{"class":1792}," choices",[1050,5549,5550],{"class":1071},"=[\n",[1050,5552,5553,5556,5558,5560,5562,5564,5566,5568,5570],{"class":1052,"line":1356},[1050,5554,5555],{"class":1071}," (",[1050,5557,1131],{"class":1130},[1050,5559,1135],{"class":1134},[1050,5561,1131],{"class":1130},[1050,5563,1140],{"class":1071},[1050,5565,1291],{"class":1130},[1050,5567,5446],{"class":1134},[1050,5569,1131],{"class":1130},[1050,5571,5572],{"class":1071},"),\n",[1050,5574,5575,5577,5579,5581,5583,5585,5587,5589,5591],{"class":1052,"line":1362},[1050,5576,5555],{"class":1071},[1050,5578,1131],{"class":1130},[1050,5580,1936],{"class":1134},[1050,5582,1131],{"class":1130},[1050,5584,1140],{"class":1071},[1050,5586,1291],{"class":1130},[1050,5588,5515],{"class":1134},[1050,5590,1131],{"class":1130},[1050,5592,5572],{"class":1071},[1050,5594,5595,5597,5599,5601,5603,5605,5607,5610,5612],{"class":1052,"line":1368},[1050,5596,5555],{"class":1071},[1050,5598,1131],{"class":1130},[1050,5600,3588],{"class":1134},[1050,5602,1131],{"class":1130},[1050,5604,1140],{"class":1071},[1050,5606,1291],{"class":1130},[1050,5608,5609],{"class":1134},"Date Joined",[1050,5611,1131],{"class":1130},[1050,5613,5572],{"class":1071},[1050,5615,5616,5618,5620,5622,5624,5626,5628,5631,5633],{"class":1052,"line":1373},[1050,5617,5555],{"class":1071},[1050,5619,1131],{"class":1130},[1050,5621,4045],{"class":1134},[1050,5623,1131],{"class":1130},[1050,5625,1140],{"class":1071},[1050,5627,1291],{"class":1130},[1050,5629,5630],{"class":1134},"Last Login",[1050,5632,1131],{"class":1130},[1050,5634,5572],{"class":1071},[1050,5636,5637],{"class":1052,"line":1379},[1050,5638,5639],{"class":1071}," ],\n",[1050,5641,5642,5644,5646,5648],{"class":1052,"line":2026},[1050,5643,5404],{"class":1792},[1050,5645,1109],{"class":1071},[1050,5647,4865],{"class":2527},[1050,5649,2023],{"class":1071},[1050,5651,5652,5655,5657,5659,5661],{"class":1052,"line":2038},[1050,5653,5654],{"class":1792}," initial",[1050,5656,1109],{"class":1071},[1050,5658,1131],{"class":1130},[1050,5660,1135],{"class":1134},[1050,5662,1983],{"class":1130},[1050,5664,5665],{"class":1052,"line":2049},[1050,5666,2536],{"class":1071},[1050,5668,5669],{"class":1052,"line":2069},[1050,5670,1100],{"class":1099},[1050,5672,5673,5675,5677,5679,5681,5683],{"class":1052,"line":2074},[1050,5674,4095],{"class":1099},[1050,5676,1109],{"class":1071},[1050,5678,5380],{"class":1099},[1050,5680,1115],{"class":1071},[1050,5682,5540],{"class":1124},[1050,5684,2011],{"class":1071},[1050,5686,5687,5689,5692,5694,5696,5698,5700,5702,5705,5707,5710,5712,5714,5716,5718,5720,5722,5725,5727],{"class":1052,"line":2080},[1050,5688,5547],{"class":1792},[1050,5690,5691],{"class":1071},"=[(",[1050,5693,1131],{"class":1130},[1050,5695,4123],{"class":1134},[1050,5697,1131],{"class":1130},[1050,5699,1140],{"class":1071},[1050,5701,1291],{"class":1130},[1050,5703,5704],{"class":1134},"Ascending",[1050,5706,1131],{"class":1130},[1050,5708,5709],{"class":1071},"),",[1050,5711,1550],{"class":1071},[1050,5713,1131],{"class":1130},[1050,5715,4208],{"class":1134},[1050,5717,1131],{"class":1130},[1050,5719,1140],{"class":1071},[1050,5721,1291],{"class":1130},[1050,5723,5724],{"class":1134},"Descending",[1050,5726,1131],{"class":1130},[1050,5728,5729],{"class":1071},")],\n",[1050,5731,5732,5734,5736,5738],{"class":1052,"line":2115},[1050,5733,5404],{"class":1792},[1050,5735,1109],{"class":1071},[1050,5737,4865],{"class":2527},[1050,5739,2023],{"class":1071},[1050,5741,5742,5744,5746,5748,5750],{"class":1052,"line":2120},[1050,5743,5654],{"class":1792},[1050,5745,1109],{"class":1071},[1050,5747,1131],{"class":1130},[1050,5749,4123],{"class":1134},[1050,5751,1983],{"class":1130},[1050,5753,5754],{"class":1052,"line":2134},[1050,5755,2536],{"class":1071},[1050,5757,5758],{"class":1052,"line":2144},[1050,5759,1100],{"class":1099},[1050,5761,5762,5765,5768,5770,5774],{"class":1052,"line":2149},[1050,5763,5764],{"class":1063}," def",[1050,5766,5767],{"class":1067}," clean_username",[1050,5769,1072],{"class":1071},[1050,5771,5773],{"class":5772},"sRjD_","self",[1050,5775,1079],{"class":1071},[1050,5777,5778,5781,5784],{"class":1052,"line":2170},[1050,5779,5780],{"class":1085}," \"\"\"",[1050,5782,5783],{"class":1089},"Validate username field",[1050,5785,1093],{"class":1085},[1050,5787,5788,5791,5793,5796,5798,5801,5803,5805,5807,5809],{"class":1052,"line":2175},[1050,5789,5790],{"class":1099}," username ",[1050,5792,1109],{"class":1071},[1050,5794,5795],{"class":3481}," self",[1050,5797,1115],{"class":1071},[1050,5799,5800],{"class":1781},"cleaned_data",[1050,5802,3685],{"class":1071},[1050,5804,1131],{"class":1130},[1050,5806,1135],{"class":1134},[1050,5808,1131],{"class":1130},[1050,5810,2531],{"class":1071},[1050,5812,5813],{"class":1052,"line":2208},[1050,5814,2741],{"class":1099},[1050,5816,5817,5819,5822],{"class":1052,"line":2213},[1050,5818,3657],{"class":1194},[1050,5820,5821],{"class":1099}," username",[1050,5823,2222],{"class":1071},[1050,5825,5826],{"class":1052,"line":2225},[1050,5827,5828],{"class":1056}," # Remove potentially dangerous characters\n",[1050,5830,5831,5834,5836,5839,5841,5844,5846,5849,5851,5854,5857,5861,5865,5867,5869,5871,5873,5875,5877],{"class":1052,"line":2231},[1050,5832,5833],{"class":1099}," username ",[1050,5835,1109],{"class":1071},[1050,5837,5838],{"class":1099}," re",[1050,5840,1115],{"class":1071},[1050,5842,5843],{"class":1124},"sub",[1050,5845,1072],{"class":1071},[1050,5847,5848],{"class":1063},"r",[1050,5850,1131],{"class":1130},[1050,5852,3685],{"class":5853},"sETVe",[1050,5855,5856],{"class":1412},"^",[1050,5858,5860],{"class":5859},"sRJPX","\\w",[1050,5862,5864],{"class":5863},"sk0MF","\\-\\.",[1050,5866,3871],{"class":5853},[1050,5868,1131],{"class":1130},[1050,5870,1140],{"class":1071},[1050,5872,1143],{"class":1130},[1050,5874,1140],{"class":1071},[1050,5876,5821],{"class":1124},[1050,5878,1146],{"class":1071},[1050,5880,5881],{"class":1052,"line":2251},[1050,5882,3695],{"class":1099},[1050,5884,5885],{"class":1052,"line":2272},[1050,5886,5887],{"class":1056}," # Limit length\n",[1050,5889,5890,5892,5894,5896,5898,5900,5902,5905],{"class":1052,"line":2290},[1050,5891,3705],{"class":1194},[1050,5893,4583],{"class":1555},[1050,5895,1072],{"class":1071},[1050,5897,1135],{"class":1124},[1050,5899,1247],{"class":1071},[1050,5901,4592],{"class":1412},[1050,5903,5904],{"class":1576}," 150",[1050,5906,2222],{"class":1071},[1050,5908,5909,5912,5915,5917,5919,5922,5924],{"class":1052,"line":2308},[1050,5910,5911],{"class":1194}," raise",[1050,5913,5914],{"class":1124}," ValidationError",[1050,5916,1072],{"class":1071},[1050,5918,2513],{"class":1130},[1050,5920,5921],{"class":1134},"Username too long",[1050,5923,2513],{"class":1130},[1050,5925,1146],{"class":1071},[1050,5927,5928],{"class":1052,"line":2324},[1050,5929,2741],{"class":1099},[1050,5931,5932,5935],{"class":1052,"line":2330},[1050,5933,5934],{"class":1194}," return",[1050,5936,3189],{"class":1099},[1050,5938,5939],{"class":1052,"line":2338},[1050,5940,1100],{"class":1099},[1050,5942,5943,5945,5948,5950,5952],{"class":1052,"line":2358},[1050,5944,5764],{"class":1063},[1050,5946,5947],{"class":1067}," clean",[1050,5949,1072],{"class":1071},[1050,5951,5773],{"class":5772},[1050,5953,1079],{"class":1071},[1050,5955,5956,5958,5961],{"class":1052,"line":2363},[1050,5957,5780],{"class":1085},[1050,5959,5960],{"class":1089},"Cross-field validation",[1050,5962,1093],{"class":1085},[1050,5964,5965,5968,5970,5973,5975,5978],{"class":1052,"line":4172},[1050,5966,5967],{"class":1099}," cleaned_data ",[1050,5969,1109],{"class":1071},[1050,5971,5972],{"class":3843}," super",[1050,5974,4301],{"class":1071},[1050,5976,5977],{"class":1124},"clean",[1050,5979,1228],{"class":1071},[1050,5981,5982],{"class":1052,"line":4177},[1050,5983,2741],{"class":1099},[1050,5985,5986,5988,5990,5993,5995,5997,5999,6001,6003,6005],{"class":1052,"line":4183},[1050,5987,5790],{"class":1099},[1050,5989,1109],{"class":1071},[1050,5991,5992],{"class":1099}," cleaned_data",[1050,5994,1115],{"class":1071},[1050,5996,1125],{"class":1124},[1050,5998,1072],{"class":1071},[1050,6000,1131],{"class":1130},[1050,6002,1135],{"class":1134},[1050,6004,1131],{"class":1130},[1050,6006,1146],{"class":1071},[1050,6008,6009,6012,6014,6016,6018,6020,6022,6024,6026,6028],{"class":1052,"line":4216},[1050,6010,6011],{"class":1099}," email ",[1050,6013,1109],{"class":1071},[1050,6015,5992],{"class":1099},[1050,6017,1115],{"class":1071},[1050,6019,1125],{"class":1124},[1050,6021,1072],{"class":1071},[1050,6023,1131],{"class":1130},[1050,6025,1936],{"class":1134},[1050,6027,1131],{"class":1130},[1050,6029,1146],{"class":1071},[1050,6031,6032],{"class":1052,"line":4230},[1050,6033,2741],{"class":1099},[1050,6035,6036],{"class":1052,"line":4235},[1050,6037,6038],{"class":1056}," # Require at least one search criterion\n",[1050,6040,6041,6043,6046,6048,6051,6053,6056],{"class":1052,"line":4241},[1050,6042,3657],{"class":1194},[1050,6044,6045],{"class":1412}," not",[1050,6047,1425],{"class":1099},[1050,6049,6050],{"class":1412},"and",[1050,6052,6045],{"class":1412},[1050,6054,6055],{"class":1099}," email",[1050,6057,2222],{"class":1071},[1050,6059,6060,6063,6065,6067,6069,6072,6074],{"class":1052,"line":4258},[1050,6061,6062],{"class":1194}," raise",[1050,6064,5914],{"class":1124},[1050,6066,1072],{"class":1071},[1050,6068,2513],{"class":1130},[1050,6070,6071],{"class":1134},"Please provide at least one search criterion",[1050,6073,2513],{"class":1130},[1050,6075,1146],{"class":1071},[1050,6077,6078],{"class":1052,"line":4278},[1050,6079,2741],{"class":1099},[1050,6081,6082,6084],{"class":1052,"line":4283},[1050,6083,5934],{"class":1194},[1050,6085,6086],{"class":1099}," cleaned_data\n",[1050,6088,6089],{"class":1052,"line":4312},[1050,6090,1324],{"emptyLinePlaceholder":1323},[1050,6092,6093],{"class":1052,"line":4317},[1050,6094,6095],{"class":1056},"# Using the form in views\n",[1050,6097,6099,6101,6104,6106,6108],{"class":1052,"line":6098},65,[1050,6100,1064],{"class":1063},[1050,6102,6103],{"class":1067}," secure_search_view",[1050,6105,1072],{"class":1071},[1050,6107,1076],{"class":1075},[1050,6109,1079],{"class":1071},[1050,6111,6113,6115,6118],{"class":1052,"line":6112},66,[1050,6114,1086],{"class":1085},[1050,6116,6117],{"class":1089},"Secure search using validated form data",[1050,6119,1093],{"class":1085},[1050,6121,6123],{"class":1052,"line":6122},67,[1050,6124,1100],{"class":1099},[1050,6126,6128,6131,6133,6135,6137,6139,6141,6143],{"class":1052,"line":6127},68,[1050,6129,6130],{"class":1099}," form ",[1050,6132,1109],{"class":1071},[1050,6134,5345],{"class":1124},[1050,6136,1072],{"class":1071},[1050,6138,1076],{"class":1124},[1050,6140,1115],{"class":1071},[1050,6142,1119],{"class":1118},[1050,6144,1146],{"class":1071},[1050,6146,6148,6150,6152],{"class":1052,"line":6147},69,[1050,6149,1771],{"class":1099},[1050,6151,1109],{"class":1071},[1050,6153,6154],{"class":1071}," []\n",[1050,6156,6158],{"class":1052,"line":6157},70,[1050,6159,1100],{"class":1099},[1050,6161,6163,6165,6168,6170,6173],{"class":1052,"line":6162},71,[1050,6164,2216],{"class":1194},[1050,6166,6167],{"class":1099}," form",[1050,6169,1115],{"class":1071},[1050,6171,6172],{"class":1124},"is_valid",[1050,6174,3652],{"class":1071},[1050,6176,6178],{"class":1052,"line":6177},72,[1050,6179,6180],{"class":1056}," # Use validated data for queries\n",[1050,6182,6184,6186,6188,6190,6192,6194,6196,6198,6200,6202,6204,6206],{"class":1052,"line":6183},73,[1050,6185,5790],{"class":1099},[1050,6187,1109],{"class":1071},[1050,6189,6167],{"class":1099},[1050,6191,1115],{"class":1071},[1050,6193,5800],{"class":1781},[1050,6195,1115],{"class":1071},[1050,6197,1125],{"class":1124},[1050,6199,1072],{"class":1071},[1050,6201,1131],{"class":1130},[1050,6203,1135],{"class":1134},[1050,6205,1131],{"class":1130},[1050,6207,1146],{"class":1071},[1050,6209,6211,6213,6215,6217,6219,6221,6223,6225,6227,6229,6231,6233],{"class":1052,"line":6210},74,[1050,6212,6011],{"class":1099},[1050,6214,1109],{"class":1071},[1050,6216,6167],{"class":1099},[1050,6218,1115],{"class":1071},[1050,6220,5800],{"class":1781},[1050,6222,1115],{"class":1071},[1050,6224,1125],{"class":1124},[1050,6226,1072],{"class":1071},[1050,6228,1131],{"class":1130},[1050,6230,1936],{"class":1134},[1050,6232,1131],{"class":1130},[1050,6234,1146],{"class":1071},[1050,6236,6238,6240,6242,6244,6246,6248,6250,6252,6254,6256,6258,6260,6262,6264,6266,6268],{"class":1052,"line":6237},75,[1050,6239,4158],{"class":1099},[1050,6241,1109],{"class":1071},[1050,6243,6167],{"class":1099},[1050,6245,1115],{"class":1071},[1050,6247,5800],{"class":1781},[1050,6249,1115],{"class":1071},[1050,6251,1125],{"class":1124},[1050,6253,1072],{"class":1071},[1050,6255,1131],{"class":1130},[1050,6257,3280],{"class":1134},[1050,6259,1131],{"class":1130},[1050,6261,1140],{"class":1071},[1050,6263,1291],{"class":1130},[1050,6265,1135],{"class":1134},[1050,6267,1131],{"class":1130},[1050,6269,1146],{"class":1071},[1050,6271,6273,6275,6277,6279,6281,6283,6285,6287,6289,6291,6293,6295,6297,6299,6301,6303],{"class":1052,"line":6272},76,[1050,6274,4219],{"class":1099},[1050,6276,1109],{"class":1071},[1050,6278,6167],{"class":1099},[1050,6280,1115],{"class":1071},[1050,6282,5800],{"class":1781},[1050,6284,1115],{"class":1071},[1050,6286,1125],{"class":1124},[1050,6288,1072],{"class":1071},[1050,6290,1131],{"class":1130},[1050,6292,4114],{"class":1134},[1050,6294,1131],{"class":1130},[1050,6296,1140],{"class":1071},[1050,6298,1291],{"class":1130},[1050,6300,4123],{"class":1134},[1050,6302,1131],{"class":1130},[1050,6304,1146],{"class":1071},[1050,6306,6308],{"class":1052,"line":6307},77,[1050,6309,2741],{"class":1099},[1050,6311,6313],{"class":1052,"line":6312},78,[1050,6314,6315],{"class":1056}," # Build query safely\n",[1050,6317,6319,6321,6323,6325,6327,6329,6331,6333],{"class":1052,"line":6318},79,[1050,6320,4623],{"class":1099},[1050,6322,1109],{"class":1071},[1050,6324,1776],{"class":1099},[1050,6326,1115],{"class":1071},[1050,6328,1782],{"class":1781},[1050,6330,1115],{"class":1071},[1050,6332,4298],{"class":1124},[1050,6334,1228],{"class":1071},[1050,6336,6338],{"class":1052,"line":6337},80,[1050,6339,2741],{"class":1099},[1050,6341,6343,6345,6347],{"class":1052,"line":6342},81,[1050,6344,3657],{"class":1194},[1050,6346,5821],{"class":1099},[1050,6348,2222],{"class":1071},[1050,6350,6352,6354,6356,6358,6360,6362,6364,6366,6368,6370],{"class":1052,"line":6351},82,[1050,6353,4768],{"class":1099},[1050,6355,1109],{"class":1071},[1050,6357,4628],{"class":1099},[1050,6359,1115],{"class":1071},[1050,6361,1787],{"class":1124},[1050,6363,1072],{"class":1071},[1050,6365,2259],{"class":1792},[1050,6367,1109],{"class":1071},[1050,6369,1135],{"class":1124},[1050,6371,1146],{"class":1071},[1050,6373,6375],{"class":1052,"line":6374},83,[1050,6376,2741],{"class":1099},[1050,6378,6380,6382,6384],{"class":1052,"line":6379},84,[1050,6381,3657],{"class":1194},[1050,6383,6055],{"class":1099},[1050,6385,2222],{"class":1071},[1050,6387,6389,6391,6393,6395,6397,6399,6401,6403,6405,6407],{"class":1052,"line":6388},85,[1050,6390,4768],{"class":1099},[1050,6392,1109],{"class":1071},[1050,6394,4628],{"class":1099},[1050,6396,1115],{"class":1071},[1050,6398,1787],{"class":1124},[1050,6400,1072],{"class":1071},[1050,6402,2315],{"class":1792},[1050,6404,1109],{"class":1071},[1050,6406,1936],{"class":1124},[1050,6408,1146],{"class":1071},[1050,6410,6412],{"class":1052,"line":6411},86,[1050,6413,2741],{"class":1099},[1050,6415,6417],{"class":1052,"line":6416},87,[1050,6418,6419],{"class":1056}," # Apply ordering\n",[1050,6421,6423,6425,6427,6429,6431,6433,6435],{"class":1052,"line":6422},88,[1050,6424,3657],{"class":1194},[1050,6426,4188],{"class":1099},[1050,6428,3710],{"class":1412},[1050,6430,1291],{"class":1130},[1050,6432,4208],{"class":1134},[1050,6434,1131],{"class":1130},[1050,6436,2222],{"class":1071},[1050,6438,6440,6443,6445,6447,6449,6451,6453,6455],{"class":1052,"line":6439},89,[1050,6441,6442],{"class":1099}," order_by ",[1050,6444,1109],{"class":1071},[1050,6446,1168],{"class":1063},[1050,6448,4267],{"class":1134},[1050,6450,1175],{"class":1174},[1050,6452,3280],{"class":1099},[1050,6454,1180],{"class":1174},[1050,6456,1983],{"class":1134},[1050,6458,6460],{"class":1052,"line":6459},90,[1050,6461,2741],{"class":1099},[1050,6463,6465,6467,6469,6471,6473,6475,6477,6479,6482,6484,6486],{"class":1052,"line":6464},91,[1050,6466,2234],{"class":1099},[1050,6468,1109],{"class":1071},[1050,6470,4628],{"class":1099},[1050,6472,1115],{"class":1071},[1050,6474,3280],{"class":1124},[1050,6476,1072],{"class":1071},[1050,6478,3280],{"class":1124},[1050,6480,6481],{"class":1071},")[:",[1050,6483,4612],{"class":1576},[1050,6485,3871],{"class":1071},[1050,6487,6488],{"class":1056}," # Limit results\n",[1050,6490,6492],{"class":1052,"line":6491},92,[1050,6493,1100],{"class":1099},[1050,6495,6497,6499,6501,6503,6505,6507,6509,6512,6514,6516],{"class":1052,"line":6496},93,[1050,6498,1279],{"class":1194},[1050,6500,1282],{"class":1124},[1050,6502,1072],{"class":1071},[1050,6504,1076],{"class":1124},[1050,6506,1140],{"class":1071},[1050,6508,1291],{"class":1130},[1050,6510,6511],{"class":1134},"search.html",[1050,6513,1131],{"class":1130},[1050,6515,1140],{"class":1071},[1050,6517,3488],{"class":1071},[1050,6519,6521,6523,6526,6528,6530,6532],{"class":1052,"line":6520},94,[1050,6522,3493],{"class":1130},[1050,6524,6525],{"class":1134},"form",[1050,6527,1131],{"class":1130},[1050,6529,1311],{"class":1071},[1050,6531,6167],{"class":1124},[1050,6533,2023],{"class":1071},[1050,6535,6537,6539,6541,6543,6545],{"class":1052,"line":6536},95,[1050,6538,3493],{"class":1130},[1050,6540,1843],{"class":1134},[1050,6542,1131],{"class":1130},[1050,6544,1311],{"class":1071},[1050,6546,6547],{"class":1124}," users\n",[1050,6549,6551],{"class":1052,"line":6550},96,[1050,6552,6553],{"class":1071}," })\n",[1035,6555,6557],{"id":6556},"model-level-validation","Model-Level Validation",[1040,6559,6561],{"className":1042,"code":6560,"language":1044,"meta":1045,"style":1045},"# models.py - Model validation for SQL safety\nfrom django.db import models\nfrom django.core.exceptions import ValidationError\nimport re\n\ndef validate_sql_safe_string(value):\n \"\"\"Validator to ensure string is safe for SQL operations\"\"\"\n \n # Check for SQL injection patterns\n dangerous_patterns = [\n r\"'.*'\", # Single quotes\n r'\".*\"', # Double quotes\n r'--', # SQL comments\n r'/\\*.*\\*/', # Multi-line comments\n r'\\bunion\\b', # UNION keyword\n r'\\bselect\\b', # SELECT keyword\n r'\\binsert\\b', # INSERT keyword\n r'\\bupdate\\b', # UPDATE keyword\n r'\\bdelete\\b', # DELETE keyword\n r'\\bdrop\\b', # DROP keyword\n ]\n \n value_lower = value.lower()\n for pattern in dangerous_patterns:\n if re.search(pattern, value_lower):\n raise ValidationError(f\"Value contains potentially dangerous SQL pattern: {pattern}\")\n\nclass SecureUserProfile(models.Model):\n \"\"\"User profile with SQL injection protection\"\"\"\n \n user = models.OneToOneField(User, on_delete=models.CASCADE)\n \n bio = models.TextField(\n max_length=1000,\n validators=[validate_sql_safe_string],\n help_text=\"Bio cannot contain SQL keywords or special characters\"\n )\n \n website = models.URLField(\n blank=True,\n validators=[validate_sql_safe_string]\n )\n \n def clean(self):\n \"\"\"Additional model validation\"\"\"\n super().clean()\n \n # Additional bio validation\n if self.bio:\n # Remove potentially dangerous characters\n cleaned_bio = re.sub(r'[\u003C>\"\\']', '', self.bio)\n if cleaned_bio != self.bio:\n raise ValidationError(\"Bio contains invalid characters\")\n",[1047,6562,6563,6568,6583,6601,6607,6611,6624,6633,6637,6642,6651,6675,6696,6712,6739,6760,6780,6800,6820,6840,6860,6864,6868,6883,6897,6919,6943,6947,6966,6975,6979,7015,7019,7035,7045,7059,7073,7077,7081,7097,7108,7118,7122,7126,7138,7147,7158,7162,7167,7180,7184,7230,7248],{"__ignoreMap":1045},[1050,6564,6565],{"class":1052,"line":1053},[1050,6566,6567],{"class":1056},"# models.py - Model validation for SQL safety\n",[1050,6569,6570,6572,6574,6576,6578,6580],{"class":1052,"line":1060},[1050,6571,1675],{"class":1194},[1050,6573,1198],{"class":1099},[1050,6575,1115],{"class":1071},[1050,6577,1203],{"class":1099},[1050,6579,1206],{"class":1194},[1050,6581,6582],{"class":1099}," models\n",[1050,6584,6585,6587,6589,6591,6593,6595,6597,6599],{"class":1052,"line":1082},[1050,6586,1675],{"class":1194},[1050,6588,1198],{"class":1099},[1050,6590,1115],{"class":1071},[1050,6592,5315],{"class":1099},[1050,6594,1115],{"class":1071},[1050,6596,5320],{"class":1099},[1050,6598,1206],{"class":1194},[1050,6600,5325],{"class":1099},[1050,6602,6603,6605],{"class":1052,"line":1096},[1050,6604,1206],{"class":1194},[1050,6606,5332],{"class":1099},[1050,6608,6609],{"class":1052,"line":1103},[1050,6610,1324],{"emptyLinePlaceholder":1323},[1050,6612,6613,6615,6618,6620,6622],{"class":1052,"line":1149},[1050,6614,1064],{"class":1063},[1050,6616,6617],{"class":1067}," validate_sql_safe_string",[1050,6619,1072],{"class":1071},[1050,6621,3821],{"class":1075},[1050,6623,1079],{"class":1071},[1050,6625,6626,6628,6631],{"class":1052,"line":1154},[1050,6627,1086],{"class":1085},[1050,6629,6630],{"class":1089},"Validator to ensure string is safe for SQL operations",[1050,6632,1093],{"class":1085},[1050,6634,6635],{"class":1052,"line":1160},[1050,6636,1100],{"class":1099},[1050,6638,6639],{"class":1052,"line":1186},[1050,6640,6641],{"class":1056}," # Check for SQL injection patterns\n",[1050,6643,6644,6647,6649],{"class":1052,"line":1191},[1050,6645,6646],{"class":1099}," dangerous_patterns ",[1050,6648,1109],{"class":1071},[1050,6650,3993],{"class":1071},[1050,6652,6653,6656,6658,6661,6663,6666,6668,6670,6672],{"class":1052,"line":1212},[1050,6654,6655],{"class":1063}," r",[1050,6657,2513],{"class":1130},[1050,6659,1131],{"class":6660},"s27EL",[1050,6662,1115],{"class":5859},[1050,6664,1561],{"class":6665},"sGuSu",[1050,6667,1131],{"class":6660},[1050,6669,2513],{"class":1130},[1050,6671,1140],{"class":1071},[1050,6673,6674],{"class":1056}," # Single quotes\n",[1050,6676,6677,6679,6681,6683,6685,6687,6689,6691,6693],{"class":1052,"line":1231},[1050,6678,6655],{"class":1063},[1050,6680,1131],{"class":1130},[1050,6682,2513],{"class":6660},[1050,6684,1115],{"class":5859},[1050,6686,1561],{"class":6665},[1050,6688,2513],{"class":6660},[1050,6690,1131],{"class":1130},[1050,6692,1140],{"class":1071},[1050,6694,6695],{"class":1056}," # Double quotes\n",[1050,6697,6698,6700,6702,6705,6707,6709],{"class":1052,"line":1253},[1050,6699,6655],{"class":1063},[1050,6701,1131],{"class":1130},[1050,6703,6704],{"class":6660},"--",[1050,6706,1131],{"class":1130},[1050,6708,1140],{"class":1071},[1050,6710,6711],{"class":1056}," # SQL comments\n",[1050,6713,6714,6716,6718,6721,6724,6726,6728,6730,6732,6734,6736],{"class":1052,"line":1258},[1050,6715,6655],{"class":1063},[1050,6717,1131],{"class":1130},[1050,6719,6720],{"class":6660},"/",[1050,6722,6723],{"class":5863},"\\*",[1050,6725,1115],{"class":5859},[1050,6727,1561],{"class":6665},[1050,6729,6723],{"class":5863},[1050,6731,6720],{"class":6660},[1050,6733,1131],{"class":1130},[1050,6735,1140],{"class":1071},[1050,6737,6738],{"class":1056}," # Multi-line comments\n",[1050,6740,6741,6743,6745,6748,6751,6753,6755,6757],{"class":1052,"line":1276},[1050,6742,6655],{"class":1063},[1050,6744,1131],{"class":1130},[1050,6746,6747],{"class":5859},"\\b",[1050,6749,6750],{"class":6660},"union",[1050,6752,6747],{"class":5859},[1050,6754,1131],{"class":1130},[1050,6756,1140],{"class":1071},[1050,6758,6759],{"class":1056}," # UNION keyword\n",[1050,6761,6762,6764,6766,6768,6771,6773,6775,6777],{"class":1052,"line":1320},[1050,6763,6655],{"class":1063},[1050,6765,1131],{"class":1130},[1050,6767,6747],{"class":5859},[1050,6769,6770],{"class":6660},"select",[1050,6772,6747],{"class":5859},[1050,6774,1131],{"class":1130},[1050,6776,1140],{"class":1071},[1050,6778,6779],{"class":1056}," # SELECT keyword\n",[1050,6781,6782,6784,6786,6788,6791,6793,6795,6797],{"class":1052,"line":1327},[1050,6783,6655],{"class":1063},[1050,6785,1131],{"class":1130},[1050,6787,6747],{"class":5859},[1050,6789,6790],{"class":6660},"insert",[1050,6792,6747],{"class":5859},[1050,6794,1131],{"class":1130},[1050,6796,1140],{"class":1071},[1050,6798,6799],{"class":1056}," # INSERT keyword\n",[1050,6801,6802,6804,6806,6808,6811,6813,6815,6817],{"class":1052,"line":1333},[1050,6803,6655],{"class":1063},[1050,6805,1131],{"class":1130},[1050,6807,6747],{"class":5859},[1050,6809,6810],{"class":6660},"update",[1050,6812,6747],{"class":5859},[1050,6814,1131],{"class":1130},[1050,6816,1140],{"class":1071},[1050,6818,6819],{"class":1056}," # UPDATE keyword\n",[1050,6821,6822,6824,6826,6828,6831,6833,6835,6837],{"class":1052,"line":1339},[1050,6823,6655],{"class":1063},[1050,6825,1131],{"class":1130},[1050,6827,6747],{"class":5859},[1050,6829,6830],{"class":6660},"delete",[1050,6832,6747],{"class":5859},[1050,6834,1131],{"class":1130},[1050,6836,1140],{"class":1071},[1050,6838,6839],{"class":1056}," # DELETE keyword\n",[1050,6841,6842,6844,6846,6848,6851,6853,6855,6857],{"class":1052,"line":1345},[1050,6843,6655],{"class":1063},[1050,6845,1131],{"class":1130},[1050,6847,6747],{"class":5859},[1050,6849,6850],{"class":6660},"drop",[1050,6852,6747],{"class":5859},[1050,6854,1131],{"class":1130},[1050,6856,1140],{"class":1071},[1050,6858,6859],{"class":1056}," # DROP keyword\n",[1050,6861,6862],{"class":1052,"line":1351},[1050,6863,4052],{"class":1071},[1050,6865,6866],{"class":1052,"line":1356},[1050,6867,1100],{"class":1099},[1050,6869,6870,6873,6875,6877,6879,6881],{"class":1052,"line":1362},[1050,6871,6872],{"class":1099}," value_lower ",[1050,6874,1109],{"class":1071},[1050,6876,3671],{"class":1099},[1050,6878,1115],{"class":1071},[1050,6880,3732],{"class":1124},[1050,6882,1228],{"class":1071},[1050,6884,6885,6887,6890,6892,6895],{"class":1052,"line":1368},[1050,6886,3627],{"class":1194},[1050,6888,6889],{"class":1099}," pattern ",[1050,6891,3638],{"class":1194},[1050,6893,6894],{"class":1099}," dangerous_patterns",[1050,6896,2222],{"class":1071},[1050,6898,6899,6901,6903,6905,6907,6909,6912,6914,6917],{"class":1052,"line":1373},[1050,6900,3657],{"class":1194},[1050,6902,5838],{"class":1099},[1050,6904,1115],{"class":1071},[1050,6906,2197],{"class":1124},[1050,6908,1072],{"class":1071},[1050,6910,6911],{"class":1124},"pattern",[1050,6913,1140],{"class":1071},[1050,6915,6916],{"class":1124}," value_lower",[1050,6918,1079],{"class":1071},[1050,6920,6921,6923,6925,6927,6930,6933,6935,6937,6939,6941],{"class":1052,"line":1379},[1050,6922,6062],{"class":1194},[1050,6924,5914],{"class":1124},[1050,6926,1072],{"class":1071},[1050,6928,6929],{"class":1063},"f",[1050,6931,6932],{"class":1134},"\"Value contains potentially dangerous SQL pattern: ",[1050,6934,1175],{"class":1174},[1050,6936,6911],{"class":1124},[1050,6938,1180],{"class":1174},[1050,6940,2513],{"class":1134},[1050,6942,1146],{"class":1071},[1050,6944,6945],{"class":1052,"line":2026},[1050,6946,1324],{"emptyLinePlaceholder":1323},[1050,6948,6949,6951,6954,6956,6959,6961,6964],{"class":1052,"line":2038},[1050,6950,5341],{"class":1063},[1050,6952,6953],{"class":5344}," SecureUserProfile",[1050,6955,1072],{"class":1071},[1050,6957,6958],{"class":5350},"models",[1050,6960,1115],{"class":1071},[1050,6962,6963],{"class":5350},"Model",[1050,6965,1079],{"class":1071},[1050,6967,6968,6970,6973],{"class":1052,"line":2049},[1050,6969,1086],{"class":1085},[1050,6971,6972],{"class":1089},"User profile with SQL injection protection",[1050,6974,1093],{"class":1085},[1050,6976,6977],{"class":1052,"line":2069},[1050,6978,1100],{"class":1099},[1050,6980,6981,6984,6986,6989,6991,6994,6996,6999,7001,7004,7006,7008,7010,7013],{"class":1052,"line":2074},[1050,6982,6983],{"class":1099}," user ",[1050,6985,1109],{"class":1071},[1050,6987,6988],{"class":1099}," models",[1050,6990,1115],{"class":1071},[1050,6992,6993],{"class":1124},"OneToOneField",[1050,6995,1072],{"class":1071},[1050,6997,6998],{"class":1124},"User",[1050,7000,1140],{"class":1071},[1050,7002,7003],{"class":1792}," on_delete",[1050,7005,1109],{"class":1071},[1050,7007,6958],{"class":1124},[1050,7009,1115],{"class":1071},[1050,7011,7012],{"class":1118},"CASCADE",[1050,7014,1146],{"class":1071},[1050,7016,7017],{"class":1052,"line":2080},[1050,7018,1100],{"class":1099},[1050,7020,7021,7024,7026,7028,7030,7033],{"class":1052,"line":2115},[1050,7022,7023],{"class":1099}," bio ",[1050,7025,1109],{"class":1071},[1050,7027,6988],{"class":1099},[1050,7029,1115],{"class":1071},[1050,7031,7032],{"class":1124},"TextField",[1050,7034,2011],{"class":1071},[1050,7036,7037,7039,7041,7043],{"class":1052,"line":2120},[1050,7038,5392],{"class":1792},[1050,7040,1109],{"class":1071},[1050,7042,5233],{"class":1576},[1050,7044,2023],{"class":1071},[1050,7046,7047,7050,7053,7056],{"class":1052,"line":2134},[1050,7048,7049],{"class":1792}," validators",[1050,7051,7052],{"class":1071},"=[",[1050,7054,7055],{"class":1124},"validate_sql_safe_string",[1050,7057,7058],{"class":1071},"],\n",[1050,7060,7061,7064,7066,7068,7071],{"class":1052,"line":2144},[1050,7062,7063],{"class":1792}," help_text",[1050,7065,1109],{"class":1071},[1050,7067,2513],{"class":1130},[1050,7069,7070],{"class":1134},"Bio cannot contain SQL keywords or special characters",[1050,7072,2701],{"class":1130},[1050,7074,7075],{"class":1052,"line":2149},[1050,7076,2536],{"class":1071},[1050,7078,7079],{"class":1052,"line":2170},[1050,7080,1100],{"class":1099},[1050,7082,7083,7086,7088,7090,7092,7095],{"class":1052,"line":2175},[1050,7084,7085],{"class":1099}," website ",[1050,7087,1109],{"class":1071},[1050,7089,6988],{"class":1099},[1050,7091,1115],{"class":1071},[1050,7093,7094],{"class":1124},"URLField",[1050,7096,2011],{"class":1071},[1050,7098,7099,7102,7104,7106],{"class":1052,"line":2208},[1050,7100,7101],{"class":1792}," blank",[1050,7103,1109],{"class":1071},[1050,7105,4786],{"class":2527},[1050,7107,2023],{"class":1071},[1050,7109,7110,7112,7114,7116],{"class":1052,"line":2213},[1050,7111,7049],{"class":1792},[1050,7113,7052],{"class":1071},[1050,7115,7055],{"class":1124},[1050,7117,2531],{"class":1071},[1050,7119,7120],{"class":1052,"line":2225},[1050,7121,2536],{"class":1071},[1050,7123,7124],{"class":1052,"line":2231},[1050,7125,1100],{"class":1099},[1050,7127,7128,7130,7132,7134,7136],{"class":1052,"line":2251},[1050,7129,5764],{"class":1063},[1050,7131,5947],{"class":1067},[1050,7133,1072],{"class":1071},[1050,7135,5773],{"class":5772},[1050,7137,1079],{"class":1071},[1050,7139,7140,7142,7145],{"class":1052,"line":2272},[1050,7141,5780],{"class":1085},[1050,7143,7144],{"class":1089},"Additional model validation",[1050,7146,1093],{"class":1085},[1050,7148,7149,7152,7154,7156],{"class":1052,"line":2290},[1050,7150,7151],{"class":3843}," super",[1050,7153,4301],{"class":1071},[1050,7155,5977],{"class":1124},[1050,7157,1228],{"class":1071},[1050,7159,7160],{"class":1052,"line":2308},[1050,7161,2741],{"class":1099},[1050,7163,7164],{"class":1052,"line":2324},[1050,7165,7166],{"class":1056}," # Additional bio validation\n",[1050,7168,7169,7171,7173,7175,7178],{"class":1052,"line":2330},[1050,7170,3657],{"class":1194},[1050,7172,5795],{"class":3481},[1050,7174,1115],{"class":1071},[1050,7176,7177],{"class":1781},"bio",[1050,7179,2222],{"class":1071},[1050,7181,7182],{"class":1052,"line":2338},[1050,7183,5828],{"class":1056},[1050,7185,7186,7189,7191,7193,7195,7197,7199,7201,7203,7205,7209,7212,7214,7216,7218,7220,7222,7224,7226,7228],{"class":1052,"line":2358},[1050,7187,7188],{"class":1099}," cleaned_bio ",[1050,7190,1109],{"class":1071},[1050,7192,5838],{"class":1099},[1050,7194,1115],{"class":1071},[1050,7196,5843],{"class":1124},[1050,7198,1072],{"class":1071},[1050,7200,5848],{"class":1063},[1050,7202,1131],{"class":1130},[1050,7204,3685],{"class":5853},[1050,7206,7208],{"class":7207},"sz9Cv","\u003C>\"",[1050,7210,7211],{"class":5863},"\\'",[1050,7213,3871],{"class":5853},[1050,7215,1131],{"class":1130},[1050,7217,1140],{"class":1071},[1050,7219,1143],{"class":1130},[1050,7221,1140],{"class":1071},[1050,7223,5795],{"class":3481},[1050,7225,1115],{"class":1071},[1050,7227,7177],{"class":1781},[1050,7229,1146],{"class":1071},[1050,7231,7232,7234,7237,7240,7242,7244,7246],{"class":1052,"line":2363},[1050,7233,3705],{"class":1194},[1050,7235,7236],{"class":1099}," cleaned_bio ",[1050,7238,7239],{"class":1412},"!=",[1050,7241,5795],{"class":3481},[1050,7243,1115],{"class":1071},[1050,7245,7177],{"class":1781},[1050,7247,2222],{"class":1071},[1050,7249,7250,7252,7254,7256,7258,7261,7263],{"class":1052,"line":4172},[1050,7251,5911],{"class":1194},[1050,7253,5914],{"class":1124},[1050,7255,1072],{"class":1071},[1050,7257,2513],{"class":1130},[1050,7259,7260],{"class":1134},"Bio contains invalid characters",[1050,7262,2513],{"class":1130},[1050,7264,1146],{"class":1071},[1030,7266,7268],{"id":7267},"database-specific-protections","Database-Specific Protections",[1035,7270,7272],{"id":7271},"postgresql-security-features","PostgreSQL Security Features",[1040,7274,7276],{"className":1042,"code":7275,"language":1044,"meta":1045,"style":1045},"# PostgreSQL-specific security settings\nDATABASES = {\n 'default': {\n 'ENGINE': 'django.db.backends.postgresql',\n 'NAME': 'myapp_db',\n 'USER': 'myapp_user', # Limited privilege user\n 'PASSWORD': os.environ.get('DB_PASSWORD'),\n 'HOST': 'localhost',\n 'PORT': '5432',\n 'OPTIONS': {\n # Enable SSL\n 'sslmode': 'require',\n \n # Connection security\n 'connect_timeout': 10,\n \n # Additional security options\n 'options': '-c default_transaction_isolation=serializable'\n },\n }\n}\n\n# PostgreSQL row-level security example\ndef setup_row_level_security():\n \"\"\"Setup row-level security policies\"\"\"\n \n from django.db import connection\n \n with connection.cursor() as cursor:\n # Enable RLS on sensitive table\n cursor.execute(\"ALTER TABLE sensitive_data ENABLE ROW LEVEL SECURITY\")\n \n # Create policy for user access\n cursor.execute(\"\"\"\n CREATE POLICY user_data_policy ON sensitive_data\n FOR ALL TO app_user\n USING (user_id = current_setting('app.current_user_id')::integer)\n \"\"\")\n",[1047,7277,7278,7283,7292,7306,7326,7346,7369,7403,7423,7443,7456,7461,7482,7486,7491,7507,7511,7516,7534,7539,7543,7547,7551,7556,7565,7574,7578,7592,7596,7614,7619,7638,7642,7647,7659,7664,7669,7674],{"__ignoreMap":1045},[1050,7279,7280],{"class":1052,"line":1053},[1050,7281,7282],{"class":1056},"# PostgreSQL-specific security settings\n",[1050,7284,7285,7288,7290],{"class":1052,"line":1060},[1050,7286,7287],{"class":3481},"DATABASES",[1050,7289,3485],{"class":1071},[1050,7291,3488],{"class":1071},[1050,7293,7294,7297,7300,7302,7304],{"class":1052,"line":1082},[1050,7295,7296],{"class":1130}," '",[1050,7298,7299],{"class":1134},"default",[1050,7301,1131],{"class":1130},[1050,7303,1311],{"class":1071},[1050,7305,3488],{"class":1071},[1050,7307,7308,7310,7313,7315,7317,7319,7322,7324],{"class":1052,"line":1096},[1050,7309,3493],{"class":1130},[1050,7311,7312],{"class":1134},"ENGINE",[1050,7314,1131],{"class":1130},[1050,7316,1311],{"class":1071},[1050,7318,1291],{"class":1130},[1050,7320,7321],{"class":1134},"django.db.backends.postgresql",[1050,7323,1131],{"class":1130},[1050,7325,2023],{"class":1071},[1050,7327,7328,7330,7333,7335,7337,7339,7342,7344],{"class":1052,"line":1103},[1050,7329,3493],{"class":1130},[1050,7331,7332],{"class":1134},"NAME",[1050,7334,1131],{"class":1130},[1050,7336,1311],{"class":1071},[1050,7338,1291],{"class":1130},[1050,7340,7341],{"class":1134},"myapp_db",[1050,7343,1131],{"class":1130},[1050,7345,2023],{"class":1071},[1050,7347,7348,7350,7353,7355,7357,7359,7362,7364,7366],{"class":1052,"line":1149},[1050,7349,3493],{"class":1130},[1050,7351,7352],{"class":1134},"USER",[1050,7354,1131],{"class":1130},[1050,7356,1311],{"class":1071},[1050,7358,1291],{"class":1130},[1050,7360,7361],{"class":1134},"myapp_user",[1050,7363,1131],{"class":1130},[1050,7365,1140],{"class":1071},[1050,7367,7368],{"class":1056}," # Limited privilege user\n",[1050,7370,7371,7373,7376,7378,7380,7383,7385,7388,7390,7392,7394,7396,7399,7401],{"class":1052,"line":1154},[1050,7372,3493],{"class":1130},[1050,7374,7375],{"class":1134},"PASSWORD",[1050,7377,1131],{"class":1130},[1050,7379,1311],{"class":1071},[1050,7381,7382],{"class":1099}," os",[1050,7384,1115],{"class":1071},[1050,7386,7387],{"class":1781},"environ",[1050,7389,1115],{"class":1071},[1050,7391,1125],{"class":1124},[1050,7393,1072],{"class":1071},[1050,7395,1131],{"class":1130},[1050,7397,7398],{"class":1134},"DB_PASSWORD",[1050,7400,1131],{"class":1130},[1050,7402,5572],{"class":1071},[1050,7404,7405,7407,7410,7412,7414,7416,7419,7421],{"class":1052,"line":1160},[1050,7406,3493],{"class":1130},[1050,7408,7409],{"class":1134},"HOST",[1050,7411,1131],{"class":1130},[1050,7413,1311],{"class":1071},[1050,7415,1291],{"class":1130},[1050,7417,7418],{"class":1134},"localhost",[1050,7420,1131],{"class":1130},[1050,7422,2023],{"class":1071},[1050,7424,7425,7427,7430,7432,7434,7436,7439,7441],{"class":1052,"line":1186},[1050,7426,3493],{"class":1130},[1050,7428,7429],{"class":1134},"PORT",[1050,7431,1131],{"class":1130},[1050,7433,1311],{"class":1071},[1050,7435,1291],{"class":1130},[1050,7437,7438],{"class":1134},"5432",[1050,7440,1131],{"class":1130},[1050,7442,2023],{"class":1071},[1050,7444,7445,7447,7450,7452,7454],{"class":1052,"line":1191},[1050,7446,3493],{"class":1130},[1050,7448,7449],{"class":1134},"OPTIONS",[1050,7451,1131],{"class":1130},[1050,7453,1311],{"class":1071},[1050,7455,3488],{"class":1071},[1050,7457,7458],{"class":1052,"line":1212},[1050,7459,7460],{"class":1056}," # Enable SSL\n",[1050,7462,7463,7466,7469,7471,7473,7475,7478,7480],{"class":1052,"line":1231},[1050,7464,7465],{"class":1130}," '",[1050,7467,7468],{"class":1134},"sslmode",[1050,7470,1131],{"class":1130},[1050,7472,1311],{"class":1071},[1050,7474,1291],{"class":1130},[1050,7476,7477],{"class":1134},"require",[1050,7479,1131],{"class":1130},[1050,7481,2023],{"class":1071},[1050,7483,7484],{"class":1052,"line":1253},[1050,7485,3695],{"class":1099},[1050,7487,7488],{"class":1052,"line":1258},[1050,7489,7490],{"class":1056}," # Connection security\n",[1050,7492,7493,7495,7498,7500,7502,7505],{"class":1052,"line":1276},[1050,7494,7465],{"class":1130},[1050,7496,7497],{"class":1134},"connect_timeout",[1050,7499,1131],{"class":1130},[1050,7501,1311],{"class":1071},[1050,7503,7504],{"class":1576}," 10",[1050,7506,2023],{"class":1071},[1050,7508,7509],{"class":1052,"line":1320},[1050,7510,3695],{"class":1099},[1050,7512,7513],{"class":1052,"line":1327},[1050,7514,7515],{"class":1056}," # Additional security options\n",[1050,7517,7518,7520,7523,7525,7527,7529,7532],{"class":1052,"line":1333},[1050,7519,7465],{"class":1130},[1050,7521,7522],{"class":1134},"options",[1050,7524,1131],{"class":1130},[1050,7526,1311],{"class":1071},[1050,7528,1291],{"class":1130},[1050,7530,7531],{"class":1134},"-c default_transaction_isolation=serializable",[1050,7533,1983],{"class":1130},[1050,7535,7536],{"class":1052,"line":1339},[1050,7537,7538],{"class":1071}," },\n",[1050,7540,7541],{"class":1052,"line":1345},[1050,7542,3604],{"class":1071},[1050,7544,7545],{"class":1052,"line":1351},[1050,7546,2998],{"class":1071},[1050,7548,7549],{"class":1052,"line":1356},[1050,7550,1324],{"emptyLinePlaceholder":1323},[1050,7552,7553],{"class":1052,"line":1362},[1050,7554,7555],{"class":1056},"# PostgreSQL row-level security example\n",[1050,7557,7558,7560,7563],{"class":1052,"line":1368},[1050,7559,1064],{"class":1063},[1050,7561,7562],{"class":1067}," setup_row_level_security",[1050,7564,3652],{"class":1071},[1050,7566,7567,7569,7572],{"class":1052,"line":1373},[1050,7568,1086],{"class":1085},[1050,7570,7571],{"class":1089},"Setup row-level security policies",[1050,7573,1093],{"class":1085},[1050,7575,7576],{"class":1052,"line":1379},[1050,7577,1100],{"class":1099},[1050,7579,7580,7582,7584,7586,7588,7590],{"class":1052,"line":2026},[1050,7581,1195],{"class":1194},[1050,7583,1198],{"class":1099},[1050,7585,1115],{"class":1071},[1050,7587,1203],{"class":1099},[1050,7589,1206],{"class":1194},[1050,7591,1209],{"class":1099},[1050,7593,7594],{"class":1052,"line":2038},[1050,7595,1100],{"class":1099},[1050,7597,7598,7600,7602,7604,7606,7608,7610,7612],{"class":1052,"line":2049},[1050,7599,2658],{"class":1194},[1050,7601,1220],{"class":1099},[1050,7603,1115],{"class":1071},[1050,7605,1225],{"class":1124},[1050,7607,2667],{"class":1071},[1050,7609,2670],{"class":1194},[1050,7611,1266],{"class":1099},[1050,7613,2222],{"class":1071},[1050,7615,7616],{"class":1052,"line":2069},[1050,7617,7618],{"class":1056}," # Enable RLS on sensitive table\n",[1050,7620,7621,7623,7625,7627,7629,7631,7634,7636],{"class":1052,"line":2074},[1050,7622,2684],{"class":1099},[1050,7624,1115],{"class":1071},[1050,7626,1239],{"class":1124},[1050,7628,1072],{"class":1071},[1050,7630,2513],{"class":1130},[1050,7632,7633],{"class":1134},"ALTER TABLE sensitive_data ENABLE ROW LEVEL SECURITY",[1050,7635,2513],{"class":1130},[1050,7637,1146],{"class":1071},[1050,7639,7640],{"class":1052,"line":2080},[1050,7641,2741],{"class":1099},[1050,7643,7644],{"class":1052,"line":2115},[1050,7645,7646],{"class":1056}," # Create policy for user access\n",[1050,7648,7649,7651,7653,7655,7657],{"class":1052,"line":2120},[1050,7650,2684],{"class":1099},[1050,7652,1115],{"class":1071},[1050,7654,1239],{"class":1124},[1050,7656,1072],{"class":1071},[1050,7658,1093],{"class":1130},[1050,7660,7661],{"class":1052,"line":2134},[1050,7662,7663],{"class":1134}," CREATE POLICY user_data_policy ON sensitive_data\n",[1050,7665,7666],{"class":1052,"line":2144},[1050,7667,7668],{"class":1134}," FOR ALL TO app_user\n",[1050,7670,7671],{"class":1052,"line":2149},[1050,7672,7673],{"class":1134}," USING (user_id = current_setting('app.current_user_id')::integer)\n",[1050,7675,7676,7678],{"class":1052,"line":2170},[1050,7677,5780],{"class":1130},[1050,7679,1146],{"class":1071},[1035,7681,7683],{"id":7682},"mysql-security-configuration","MySQL Security Configuration",[1040,7685,7687],{"className":1042,"code":7686,"language":1044,"meta":1045,"style":1045},"# MySQL-specific security settings\nDATABASES = {\n 'default': {\n 'ENGINE': 'django.db.backends.mysql',\n 'NAME': 'myapp_db',\n 'USER': 'myapp_user',\n 'PASSWORD': os.environ.get('DB_PASSWORD'),\n 'HOST': 'localhost',\n 'PORT': '3306',\n 'OPTIONS': {\n # Enable SSL\n 'ssl': {\n 'ssl_ca': '/path/to/ca-cert.pem',\n 'ssl_cert': '/path/to/client-cert.pem',\n 'ssl_key': '/path/to/client-key.pem',\n },\n \n # SQL mode for strict validation\n 'init_command': \"SET sql_mode='STRICT_TRANS_TABLES'\",\n \n # Character set\n 'charset': 'utf8mb4',\n },\n }\n}\n",[1047,7688,7689,7694,7702,7714,7733,7751,7769,7799,7817,7836,7848,7852,7865,7886,7906,7926,7931,7935,7940,7960,7964,7969,7989,7993,7997],{"__ignoreMap":1045},[1050,7690,7691],{"class":1052,"line":1053},[1050,7692,7693],{"class":1056},"# MySQL-specific security settings\n",[1050,7695,7696,7698,7700],{"class":1052,"line":1060},[1050,7697,7287],{"class":3481},[1050,7699,3485],{"class":1071},[1050,7701,3488],{"class":1071},[1050,7703,7704,7706,7708,7710,7712],{"class":1052,"line":1082},[1050,7705,7296],{"class":1130},[1050,7707,7299],{"class":1134},[1050,7709,1131],{"class":1130},[1050,7711,1311],{"class":1071},[1050,7713,3488],{"class":1071},[1050,7715,7716,7718,7720,7722,7724,7726,7729,7731],{"class":1052,"line":1096},[1050,7717,3493],{"class":1130},[1050,7719,7312],{"class":1134},[1050,7721,1131],{"class":1130},[1050,7723,1311],{"class":1071},[1050,7725,1291],{"class":1130},[1050,7727,7728],{"class":1134},"django.db.backends.mysql",[1050,7730,1131],{"class":1130},[1050,7732,2023],{"class":1071},[1050,7734,7735,7737,7739,7741,7743,7745,7747,7749],{"class":1052,"line":1103},[1050,7736,3493],{"class":1130},[1050,7738,7332],{"class":1134},[1050,7740,1131],{"class":1130},[1050,7742,1311],{"class":1071},[1050,7744,1291],{"class":1130},[1050,7746,7341],{"class":1134},[1050,7748,1131],{"class":1130},[1050,7750,2023],{"class":1071},[1050,7752,7753,7755,7757,7759,7761,7763,7765,7767],{"class":1052,"line":1149},[1050,7754,3493],{"class":1130},[1050,7756,7352],{"class":1134},[1050,7758,1131],{"class":1130},[1050,7760,1311],{"class":1071},[1050,7762,1291],{"class":1130},[1050,7764,7361],{"class":1134},[1050,7766,1131],{"class":1130},[1050,7768,2023],{"class":1071},[1050,7770,7771,7773,7775,7777,7779,7781,7783,7785,7787,7789,7791,7793,7795,7797],{"class":1052,"line":1154},[1050,7772,3493],{"class":1130},[1050,7774,7375],{"class":1134},[1050,7776,1131],{"class":1130},[1050,7778,1311],{"class":1071},[1050,7780,7382],{"class":1099},[1050,7782,1115],{"class":1071},[1050,7784,7387],{"class":1781},[1050,7786,1115],{"class":1071},[1050,7788,1125],{"class":1124},[1050,7790,1072],{"class":1071},[1050,7792,1131],{"class":1130},[1050,7794,7398],{"class":1134},[1050,7796,1131],{"class":1130},[1050,7798,5572],{"class":1071},[1050,7800,7801,7803,7805,7807,7809,7811,7813,7815],{"class":1052,"line":1160},[1050,7802,3493],{"class":1130},[1050,7804,7409],{"class":1134},[1050,7806,1131],{"class":1130},[1050,7808,1311],{"class":1071},[1050,7810,1291],{"class":1130},[1050,7812,7418],{"class":1134},[1050,7814,1131],{"class":1130},[1050,7816,2023],{"class":1071},[1050,7818,7819,7821,7823,7825,7827,7829,7832,7834],{"class":1052,"line":1186},[1050,7820,3493],{"class":1130},[1050,7822,7429],{"class":1134},[1050,7824,1131],{"class":1130},[1050,7826,1311],{"class":1071},[1050,7828,1291],{"class":1130},[1050,7830,7831],{"class":1134},"3306",[1050,7833,1131],{"class":1130},[1050,7835,2023],{"class":1071},[1050,7837,7838,7840,7842,7844,7846],{"class":1052,"line":1191},[1050,7839,3493],{"class":1130},[1050,7841,7449],{"class":1134},[1050,7843,1131],{"class":1130},[1050,7845,1311],{"class":1071},[1050,7847,3488],{"class":1071},[1050,7849,7850],{"class":1052,"line":1212},[1050,7851,7460],{"class":1056},[1050,7853,7854,7856,7859,7861,7863],{"class":1052,"line":1231},[1050,7855,7465],{"class":1130},[1050,7857,7858],{"class":1134},"ssl",[1050,7860,1131],{"class":1130},[1050,7862,1311],{"class":1071},[1050,7864,3488],{"class":1071},[1050,7866,7867,7870,7873,7875,7877,7879,7882,7884],{"class":1052,"line":1253},[1050,7868,7869],{"class":1130}," '",[1050,7871,7872],{"class":1134},"ssl_ca",[1050,7874,1131],{"class":1130},[1050,7876,1311],{"class":1071},[1050,7878,1291],{"class":1130},[1050,7880,7881],{"class":1134},"/path/to/ca-cert.pem",[1050,7883,1131],{"class":1130},[1050,7885,2023],{"class":1071},[1050,7887,7888,7890,7893,7895,7897,7899,7902,7904],{"class":1052,"line":1258},[1050,7889,7869],{"class":1130},[1050,7891,7892],{"class":1134},"ssl_cert",[1050,7894,1131],{"class":1130},[1050,7896,1311],{"class":1071},[1050,7898,1291],{"class":1130},[1050,7900,7901],{"class":1134},"/path/to/client-cert.pem",[1050,7903,1131],{"class":1130},[1050,7905,2023],{"class":1071},[1050,7907,7908,7910,7913,7915,7917,7919,7922,7924],{"class":1052,"line":1276},[1050,7909,7869],{"class":1130},[1050,7911,7912],{"class":1134},"ssl_key",[1050,7914,1131],{"class":1130},[1050,7916,1311],{"class":1071},[1050,7918,1291],{"class":1130},[1050,7920,7921],{"class":1134},"/path/to/client-key.pem",[1050,7923,1131],{"class":1130},[1050,7925,2023],{"class":1071},[1050,7927,7928],{"class":1052,"line":1320},[1050,7929,7930],{"class":1071}," },\n",[1050,7932,7933],{"class":1052,"line":1327},[1050,7934,3695],{"class":1099},[1050,7936,7937],{"class":1052,"line":1333},[1050,7938,7939],{"class":1056}," # SQL mode for strict validation\n",[1050,7941,7942,7944,7947,7949,7951,7953,7956,7958],{"class":1052,"line":1339},[1050,7943,7465],{"class":1130},[1050,7945,7946],{"class":1134},"init_command",[1050,7948,1131],{"class":1130},[1050,7950,1311],{"class":1071},[1050,7952,3174],{"class":1130},[1050,7954,7955],{"class":1134},"SET sql_mode='STRICT_TRANS_TABLES'",[1050,7957,2513],{"class":1130},[1050,7959,2023],{"class":1071},[1050,7961,7962],{"class":1052,"line":1345},[1050,7963,3695],{"class":1099},[1050,7965,7966],{"class":1052,"line":1351},[1050,7967,7968],{"class":1056}," # Character set\n",[1050,7970,7971,7973,7976,7978,7980,7982,7985,7987],{"class":1052,"line":1356},[1050,7972,7465],{"class":1130},[1050,7974,7975],{"class":1134},"charset",[1050,7977,1131],{"class":1130},[1050,7979,1311],{"class":1071},[1050,7981,1291],{"class":1130},[1050,7983,7984],{"class":1134},"utf8mb4",[1050,7986,1131],{"class":1130},[1050,7988,2023],{"class":1071},[1050,7990,7991],{"class":1052,"line":1362},[1050,7992,7538],{"class":1071},[1050,7994,7995],{"class":1052,"line":1368},[1050,7996,3604],{"class":1071},[1050,7998,7999],{"class":1052,"line":1373},[1050,8000,2998],{"class":1071},[1030,8002,8004],{"id":8003},"monitoring-and-detection","Monitoring and Detection",[1035,8006,8008],{"id":8007},"sql-injection-detection","SQL Injection Detection",[1040,8010,8012],{"className":1042,"code":8011,"language":1044,"meta":1045,"style":1045},"# middleware.py - SQL injection detection middleware\nimport re\nimport logging\n\nlogger = logging.getLogger('security')\n\nclass SQLInjectionDetectionMiddleware:\n \"\"\"Detect potential SQL injection attempts\"\"\"\n \n def __init__(self, get_response):\n self.get_response = get_response\n \n # SQL injection patterns\n self.sql_patterns = [\n r\"'.*'\",\n r'\".*\"',\n r'--',\n r'/\\*.*\\*/',\n r'\\bunion\\s+select\\b',\n r'\\bor\\s+1\\s*=\\s*1\\b',\n r'\\band\\s+1\\s*=\\s*1\\b',\n r'\\bdrop\\s+table\\b',\n r'\\binsert\\s+into\\b',\n r'\\bupdate\\s+.*\\s+set\\b',\n r'\\bdelete\\s+from\\b',\n ]\n \n self.compiled_patterns = [\n re.compile(pattern, re.IGNORECASE) \n for pattern in self.sql_patterns\n ]\n \n def __call__(self, request):\n # Check for SQL injection patterns\n self.check_request_for_sql_injection(request)\n \n response = self.get_response(request)\n \n return response\n \n def check_request_for_sql_injection(self, request):\n \"\"\"Check request parameters for SQL injection patterns\"\"\"\n \n # Check GET parameters\n for key, value in request.GET.items():\n if self.contains_sql_injection(value):\n self.log_sql_injection_attempt(request, 'GET', key, value)\n \n # Check POST parameters\n for key, value in request.POST.items():\n if self.contains_sql_injection(str(value)):\n self.log_sql_injection_attempt(request, 'POST', key, value)\n \n def contains_sql_injection(self, value):\n \"\"\"Check if value contains SQL injection patterns\"\"\"\n \n for pattern in self.compiled_patterns:\n if pattern.search(value):\n return True\n \n return False\n \n def log_sql_injection_attempt(self, request, method, parameter, value):\n \"\"\"Log SQL injection attempt\"\"\"\n \n logger.warning(\n f\"Potential SQL injection attempt detected\",\n extra={\n 'ip_address': self.get_client_ip(request),\n 'user_agent': request.META.get('HTTP_USER_AGENT', ''),\n 'path': request.path,\n 'method': method,\n 'parameter': parameter,\n 'value': value[:100], # Limit logged value length\n 'user': getattr(request, 'user', None),\n }\n )\n \n def get_client_ip(self, request):\n \"\"\"Get client IP address\"\"\"\n x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')\n if x_forwarded_for:\n ip = x_forwarded_for.split(',')[0]\n else:\n ip = request.META.get('REMOTE_ADDR')\n return ip\n",[1047,8013,8014,8019,8025,8032,8036,8062,8066,8075,8084,8088,8106,8121,8125,8130,8143,8162,8180,8192,8214,8238,8273,8307,8330,8353,8384,8406,8411,8415,8428,8455,8471,8475,8479,8496,8501,8516,8520,8539,8543,8550,8554,8571,8580,8584,8589,8615,8632,8664,8668,8673,8698,8720,8750,8754,8771,8780,8784,8800,8817,8825,8829,8836,8840,8871,8880,8884,8896,8906,8914,8938,8975,8994,9009,9024,9046,9079,9084,9088,9092,9109,9118,9146,9155,9184,9191,9218],{"__ignoreMap":1045},[1050,8015,8016],{"class":1052,"line":1053},[1050,8017,8018],{"class":1056},"# middleware.py - SQL injection detection middleware\n",[1050,8020,8021,8023],{"class":1052,"line":1060},[1050,8022,1206],{"class":1194},[1050,8024,5332],{"class":1099},[1050,8026,8027,8029],{"class":1052,"line":1082},[1050,8028,1206],{"class":1194},[1050,8030,8031],{"class":1099}," logging\n",[1050,8033,8034],{"class":1052,"line":1096},[1050,8035,1324],{"emptyLinePlaceholder":1323},[1050,8037,8038,8041,8043,8046,8048,8051,8053,8055,8058,8060],{"class":1052,"line":1103},[1050,8039,8040],{"class":1099},"logger ",[1050,8042,1109],{"class":1071},[1050,8044,8045],{"class":1099}," logging",[1050,8047,1115],{"class":1071},[1050,8049,8050],{"class":1124},"getLogger",[1050,8052,1072],{"class":1071},[1050,8054,1131],{"class":1130},[1050,8056,8057],{"class":1134},"security",[1050,8059,1131],{"class":1130},[1050,8061,1146],{"class":1071},[1050,8063,8064],{"class":1052,"line":1149},[1050,8065,1324],{"emptyLinePlaceholder":1323},[1050,8067,8068,8070,8073],{"class":1052,"line":1154},[1050,8069,5341],{"class":1063},[1050,8071,8072],{"class":5344}," SQLInjectionDetectionMiddleware",[1050,8074,2222],{"class":1071},[1050,8076,8077,8079,8082],{"class":1052,"line":1160},[1050,8078,1086],{"class":1085},[1050,8080,8081],{"class":1089},"Detect potential SQL injection attempts",[1050,8083,1093],{"class":1085},[1050,8085,8086],{"class":1052,"line":1186},[1050,8087,1100],{"class":1099},[1050,8089,8090,8092,8095,8097,8099,8101,8104],{"class":1052,"line":1191},[1050,8091,5764],{"class":1063},[1050,8093,8094],{"class":1555}," __init__",[1050,8096,1072],{"class":1071},[1050,8098,5773],{"class":5772},[1050,8100,1140],{"class":1071},[1050,8102,8103],{"class":1075}," get_response",[1050,8105,1079],{"class":1071},[1050,8107,8108,8111,8113,8116,8118],{"class":1052,"line":1212},[1050,8109,8110],{"class":3481}," self",[1050,8112,1115],{"class":1071},[1050,8114,8115],{"class":1781},"get_response",[1050,8117,3485],{"class":1071},[1050,8119,8120],{"class":1099}," get_response\n",[1050,8122,8123],{"class":1052,"line":1231},[1050,8124,2741],{"class":1099},[1050,8126,8127],{"class":1052,"line":1253},[1050,8128,8129],{"class":1056}," # SQL injection patterns\n",[1050,8131,8132,8134,8136,8139,8141],{"class":1052,"line":1258},[1050,8133,8110],{"class":3481},[1050,8135,1115],{"class":1071},[1050,8137,8138],{"class":1781},"sql_patterns",[1050,8140,3485],{"class":1071},[1050,8142,3993],{"class":1071},[1050,8144,8145,8148,8150,8152,8154,8156,8158,8160],{"class":1052,"line":1276},[1050,8146,8147],{"class":1063}," r",[1050,8149,2513],{"class":1130},[1050,8151,1131],{"class":6660},[1050,8153,1115],{"class":5859},[1050,8155,1561],{"class":6665},[1050,8157,1131],{"class":6660},[1050,8159,2513],{"class":1130},[1050,8161,2023],{"class":1071},[1050,8163,8164,8166,8168,8170,8172,8174,8176,8178],{"class":1052,"line":1320},[1050,8165,8147],{"class":1063},[1050,8167,1131],{"class":1130},[1050,8169,2513],{"class":6660},[1050,8171,1115],{"class":5859},[1050,8173,1561],{"class":6665},[1050,8175,2513],{"class":6660},[1050,8177,1131],{"class":1130},[1050,8179,2023],{"class":1071},[1050,8181,8182,8184,8186,8188,8190],{"class":1052,"line":1327},[1050,8183,8147],{"class":1063},[1050,8185,1131],{"class":1130},[1050,8187,6704],{"class":6660},[1050,8189,1131],{"class":1130},[1050,8191,2023],{"class":1071},[1050,8193,8194,8196,8198,8200,8202,8204,8206,8208,8210,8212],{"class":1052,"line":1333},[1050,8195,8147],{"class":1063},[1050,8197,1131],{"class":1130},[1050,8199,6720],{"class":6660},[1050,8201,6723],{"class":5863},[1050,8203,1115],{"class":5859},[1050,8205,1561],{"class":6665},[1050,8207,6723],{"class":5863},[1050,8209,6720],{"class":6660},[1050,8211,1131],{"class":1130},[1050,8213,2023],{"class":1071},[1050,8215,8216,8218,8220,8222,8224,8227,8230,8232,8234,8236],{"class":1052,"line":1339},[1050,8217,8147],{"class":1063},[1050,8219,1131],{"class":1130},[1050,8221,6747],{"class":5859},[1050,8223,6750],{"class":6660},[1050,8225,8226],{"class":5859},"\\s",[1050,8228,8229],{"class":6665},"+",[1050,8231,6770],{"class":6660},[1050,8233,6747],{"class":5859},[1050,8235,1131],{"class":1130},[1050,8237,2023],{"class":1071},[1050,8239,8240,8242,8244,8246,8249,8251,8253,8255,8257,8259,8261,8263,8265,8267,8269,8271],{"class":1052,"line":1345},[1050,8241,8147],{"class":1063},[1050,8243,1131],{"class":1130},[1050,8245,6747],{"class":5859},[1050,8247,8248],{"class":6660},"or",[1050,8250,8226],{"class":5859},[1050,8252,8229],{"class":6665},[1050,8254,1442],{"class":6660},[1050,8256,8226],{"class":5859},[1050,8258,1561],{"class":6665},[1050,8260,1109],{"class":6660},[1050,8262,8226],{"class":5859},[1050,8264,1561],{"class":6665},[1050,8266,1442],{"class":6660},[1050,8268,6747],{"class":5859},[1050,8270,1131],{"class":1130},[1050,8272,2023],{"class":1071},[1050,8274,8275,8277,8279,8281,8283,8285,8287,8289,8291,8293,8295,8297,8299,8301,8303,8305],{"class":1052,"line":1351},[1050,8276,8147],{"class":1063},[1050,8278,1131],{"class":1130},[1050,8280,6747],{"class":5859},[1050,8282,6050],{"class":6660},[1050,8284,8226],{"class":5859},[1050,8286,8229],{"class":6665},[1050,8288,1442],{"class":6660},[1050,8290,8226],{"class":5859},[1050,8292,1561],{"class":6665},[1050,8294,1109],{"class":6660},[1050,8296,8226],{"class":5859},[1050,8298,1561],{"class":6665},[1050,8300,1442],{"class":6660},[1050,8302,6747],{"class":5859},[1050,8304,1131],{"class":1130},[1050,8306,2023],{"class":1071},[1050,8308,8309,8311,8313,8315,8317,8319,8321,8324,8326,8328],{"class":1052,"line":1356},[1050,8310,8147],{"class":1063},[1050,8312,1131],{"class":1130},[1050,8314,6747],{"class":5859},[1050,8316,6850],{"class":6660},[1050,8318,8226],{"class":5859},[1050,8320,8229],{"class":6665},[1050,8322,8323],{"class":6660},"table",[1050,8325,6747],{"class":5859},[1050,8327,1131],{"class":1130},[1050,8329,2023],{"class":1071},[1050,8331,8332,8334,8336,8338,8340,8342,8344,8347,8349,8351],{"class":1052,"line":1362},[1050,8333,8147],{"class":1063},[1050,8335,1131],{"class":1130},[1050,8337,6747],{"class":5859},[1050,8339,6790],{"class":6660},[1050,8341,8226],{"class":5859},[1050,8343,8229],{"class":6665},[1050,8345,8346],{"class":6660},"into",[1050,8348,6747],{"class":5859},[1050,8350,1131],{"class":1130},[1050,8352,2023],{"class":1071},[1050,8354,8355,8357,8359,8361,8363,8365,8367,8369,8371,8373,8375,8378,8380,8382],{"class":1052,"line":1368},[1050,8356,8147],{"class":1063},[1050,8358,1131],{"class":1130},[1050,8360,6747],{"class":5859},[1050,8362,6810],{"class":6660},[1050,8364,8226],{"class":5859},[1050,8366,8229],{"class":6665},[1050,8368,1115],{"class":5859},[1050,8370,1561],{"class":6665},[1050,8372,8226],{"class":5859},[1050,8374,8229],{"class":6665},[1050,8376,8377],{"class":6660},"set",[1050,8379,6747],{"class":5859},[1050,8381,1131],{"class":1130},[1050,8383,2023],{"class":1071},[1050,8385,8386,8388,8390,8392,8394,8396,8398,8400,8402,8404],{"class":1052,"line":1373},[1050,8387,8147],{"class":1063},[1050,8389,1131],{"class":1130},[1050,8391,6747],{"class":5859},[1050,8393,6830],{"class":6660},[1050,8395,8226],{"class":5859},[1050,8397,8229],{"class":6665},[1050,8399,1675],{"class":6660},[1050,8401,6747],{"class":5859},[1050,8403,1131],{"class":1130},[1050,8405,2023],{"class":1071},[1050,8407,8408],{"class":1052,"line":1379},[1050,8409,8410],{"class":1071}," ]\n",[1050,8412,8413],{"class":1052,"line":2026},[1050,8414,2741],{"class":1099},[1050,8416,8417,8419,8421,8424,8426],{"class":1052,"line":2038},[1050,8418,8110],{"class":3481},[1050,8420,1115],{"class":1071},[1050,8422,8423],{"class":1781},"compiled_patterns",[1050,8425,3485],{"class":1071},[1050,8427,3993],{"class":1071},[1050,8429,8430,8433,8435,8438,8440,8442,8444,8446,8448,8451,8453],{"class":1052,"line":2049},[1050,8431,8432],{"class":1099}," re",[1050,8434,1115],{"class":1071},[1050,8436,8437],{"class":1124},"compile",[1050,8439,1072],{"class":1071},[1050,8441,6911],{"class":1124},[1050,8443,1140],{"class":1071},[1050,8445,5838],{"class":1124},[1050,8447,1115],{"class":1071},[1050,8449,8450],{"class":1118},"IGNORECASE",[1050,8452,1247],{"class":1071},[1050,8454,4030],{"class":1099},[1050,8456,8457,8460,8462,8464,8466,8468],{"class":1052,"line":2069},[1050,8458,8459],{"class":1194}," for",[1050,8461,6889],{"class":1099},[1050,8463,3638],{"class":1194},[1050,8465,5795],{"class":3481},[1050,8467,1115],{"class":1071},[1050,8469,8470],{"class":1781},"sql_patterns\n",[1050,8472,8473],{"class":1052,"line":2074},[1050,8474,8410],{"class":1071},[1050,8476,8477],{"class":1052,"line":2080},[1050,8478,1100],{"class":1099},[1050,8480,8481,8483,8486,8488,8490,8492,8494],{"class":1052,"line":2115},[1050,8482,5764],{"class":1063},[1050,8484,8485],{"class":1555}," __call__",[1050,8487,1072],{"class":1071},[1050,8489,5773],{"class":5772},[1050,8491,1140],{"class":1071},[1050,8493,1112],{"class":1075},[1050,8495,1079],{"class":1071},[1050,8497,8498],{"class":1052,"line":2120},[1050,8499,8500],{"class":1056}," # Check for SQL injection patterns\n",[1050,8502,8503,8505,8507,8510,8512,8514],{"class":1052,"line":2134},[1050,8504,8110],{"class":3481},[1050,8506,1115],{"class":1071},[1050,8508,8509],{"class":1124},"check_request_for_sql_injection",[1050,8511,1072],{"class":1071},[1050,8513,1076],{"class":1124},[1050,8515,1146],{"class":1071},[1050,8517,8518],{"class":1052,"line":2144},[1050,8519,2741],{"class":1099},[1050,8521,8522,8525,8527,8529,8531,8533,8535,8537],{"class":1052,"line":2149},[1050,8523,8524],{"class":1099}," response ",[1050,8526,1109],{"class":1071},[1050,8528,5795],{"class":3481},[1050,8530,1115],{"class":1071},[1050,8532,8115],{"class":1124},[1050,8534,1072],{"class":1071},[1050,8536,1076],{"class":1124},[1050,8538,1146],{"class":1071},[1050,8540,8541],{"class":1052,"line":2170},[1050,8542,2741],{"class":1099},[1050,8544,8545,8547],{"class":1052,"line":2175},[1050,8546,5934],{"class":1194},[1050,8548,8549],{"class":1099}," response\n",[1050,8551,8552],{"class":1052,"line":2208},[1050,8553,1100],{"class":1099},[1050,8555,8556,8558,8561,8563,8565,8567,8569],{"class":1052,"line":2213},[1050,8557,5764],{"class":1063},[1050,8559,8560],{"class":1067}," check_request_for_sql_injection",[1050,8562,1072],{"class":1071},[1050,8564,5773],{"class":5772},[1050,8566,1140],{"class":1071},[1050,8568,1112],{"class":1075},[1050,8570,1079],{"class":1071},[1050,8572,8573,8575,8578],{"class":1052,"line":2225},[1050,8574,5780],{"class":1085},[1050,8576,8577],{"class":1089},"Check request parameters for SQL injection patterns",[1050,8579,1093],{"class":1085},[1050,8581,8582],{"class":1052,"line":2231},[1050,8583,2741],{"class":1099},[1050,8585,8586],{"class":1052,"line":2251},[1050,8587,8588],{"class":1056}," # Check GET parameters\n",[1050,8590,8591,8594,8597,8599,8601,8603,8605,8607,8609,8611,8613],{"class":1052,"line":2272},[1050,8592,8593],{"class":1194}," for",[1050,8595,8596],{"class":1099}," key",[1050,8598,1140],{"class":1071},[1050,8600,3635],{"class":1099},[1050,8602,3638],{"class":1194},[1050,8604,1112],{"class":1099},[1050,8606,1115],{"class":1071},[1050,8608,1119],{"class":1118},[1050,8610,1115],{"class":1071},[1050,8612,3649],{"class":1124},[1050,8614,3652],{"class":1071},[1050,8616,8617,8619,8621,8623,8626,8628,8630],{"class":1052,"line":2290},[1050,8618,3705],{"class":1194},[1050,8620,5795],{"class":3481},[1050,8622,1115],{"class":1071},[1050,8624,8625],{"class":1124},"contains_sql_injection",[1050,8627,1072],{"class":1071},[1050,8629,3821],{"class":1124},[1050,8631,1079],{"class":1071},[1050,8633,8634,8637,8639,8642,8644,8646,8648,8650,8652,8654,8656,8658,8660,8662],{"class":1052,"line":2308},[1050,8635,8636],{"class":3481}," self",[1050,8638,1115],{"class":1071},[1050,8640,8641],{"class":1124},"log_sql_injection_attempt",[1050,8643,1072],{"class":1071},[1050,8645,1076],{"class":1124},[1050,8647,1140],{"class":1071},[1050,8649,1291],{"class":1130},[1050,8651,1119],{"class":1134},[1050,8653,1131],{"class":1130},[1050,8655,1140],{"class":1071},[1050,8657,8596],{"class":1124},[1050,8659,1140],{"class":1071},[1050,8661,3671],{"class":1124},[1050,8663,1146],{"class":1071},[1050,8665,8666],{"class":1052,"line":2324},[1050,8667,2741],{"class":1099},[1050,8669,8670],{"class":1052,"line":2330},[1050,8671,8672],{"class":1056}," # Check POST parameters\n",[1050,8674,8675,8677,8679,8681,8683,8685,8687,8689,8692,8694,8696],{"class":1052,"line":2338},[1050,8676,8593],{"class":1194},[1050,8678,8596],{"class":1099},[1050,8680,1140],{"class":1071},[1050,8682,3635],{"class":1099},[1050,8684,3638],{"class":1194},[1050,8686,1112],{"class":1099},[1050,8688,1115],{"class":1071},[1050,8690,8691],{"class":1118},"POST",[1050,8693,1115],{"class":1071},[1050,8695,3649],{"class":1124},[1050,8697,3652],{"class":1071},[1050,8699,8700,8702,8704,8706,8708,8710,8713,8715,8717],{"class":1052,"line":2358},[1050,8701,3705],{"class":1194},[1050,8703,5795],{"class":3481},[1050,8705,1115],{"class":1071},[1050,8707,8625],{"class":1124},[1050,8709,1072],{"class":1071},[1050,8711,8712],{"class":3843},"str",[1050,8714,1072],{"class":1071},[1050,8716,3821],{"class":1124},[1050,8718,8719],{"class":1071},")):\n",[1050,8721,8722,8724,8726,8728,8730,8732,8734,8736,8738,8740,8742,8744,8746,8748],{"class":1052,"line":2363},[1050,8723,8636],{"class":3481},[1050,8725,1115],{"class":1071},[1050,8727,8641],{"class":1124},[1050,8729,1072],{"class":1071},[1050,8731,1076],{"class":1124},[1050,8733,1140],{"class":1071},[1050,8735,1291],{"class":1130},[1050,8737,8691],{"class":1134},[1050,8739,1131],{"class":1130},[1050,8741,1140],{"class":1071},[1050,8743,8596],{"class":1124},[1050,8745,1140],{"class":1071},[1050,8747,3671],{"class":1124},[1050,8749,1146],{"class":1071},[1050,8751,8752],{"class":1052,"line":4172},[1050,8753,1100],{"class":1099},[1050,8755,8756,8758,8761,8763,8765,8767,8769],{"class":1052,"line":4177},[1050,8757,5764],{"class":1063},[1050,8759,8760],{"class":1067}," contains_sql_injection",[1050,8762,1072],{"class":1071},[1050,8764,5773],{"class":5772},[1050,8766,1140],{"class":1071},[1050,8768,3671],{"class":1075},[1050,8770,1079],{"class":1071},[1050,8772,8773,8775,8778],{"class":1052,"line":4183},[1050,8774,5780],{"class":1085},[1050,8776,8777],{"class":1089},"Check if value contains SQL injection patterns",[1050,8779,1093],{"class":1085},[1050,8781,8782],{"class":1052,"line":4216},[1050,8783,2741],{"class":1099},[1050,8785,8786,8788,8790,8792,8794,8796,8798],{"class":1052,"line":4230},[1050,8787,8593],{"class":1194},[1050,8789,6889],{"class":1099},[1050,8791,3638],{"class":1194},[1050,8793,5795],{"class":3481},[1050,8795,1115],{"class":1071},[1050,8797,8423],{"class":1781},[1050,8799,2222],{"class":1071},[1050,8801,8802,8804,8807,8809,8811,8813,8815],{"class":1052,"line":4235},[1050,8803,3705],{"class":1194},[1050,8805,8806],{"class":1099}," pattern",[1050,8808,1115],{"class":1071},[1050,8810,2197],{"class":1124},[1050,8812,1072],{"class":1071},[1050,8814,3821],{"class":1124},[1050,8816,1079],{"class":1071},[1050,8818,8819,8822],{"class":1052,"line":4241},[1050,8820,8821],{"class":1194}," return",[1050,8823,8824],{"class":2527}," True\n",[1050,8826,8827],{"class":1052,"line":4258},[1050,8828,2741],{"class":1099},[1050,8830,8831,8833],{"class":1052,"line":4278},[1050,8832,5934],{"class":1194},[1050,8834,8835],{"class":2527}," False\n",[1050,8837,8838],{"class":1052,"line":4283},[1050,8839,1100],{"class":1099},[1050,8841,8842,8844,8847,8849,8851,8853,8855,8857,8860,8862,8865,8867,8869],{"class":1052,"line":4312},[1050,8843,5764],{"class":1063},[1050,8845,8846],{"class":1067}," log_sql_injection_attempt",[1050,8848,1072],{"class":1071},[1050,8850,5773],{"class":5772},[1050,8852,1140],{"class":1071},[1050,8854,1112],{"class":1075},[1050,8856,1140],{"class":1071},[1050,8858,8859],{"class":1075}," method",[1050,8861,1140],{"class":1071},[1050,8863,8864],{"class":1075}," parameter",[1050,8866,1140],{"class":1071},[1050,8868,3671],{"class":1075},[1050,8870,1079],{"class":1071},[1050,8872,8873,8875,8878],{"class":1052,"line":4317},[1050,8874,5780],{"class":1085},[1050,8876,8877],{"class":1089},"Log SQL injection attempt",[1050,8879,1093],{"class":1085},[1050,8881,8882],{"class":1052,"line":6098},[1050,8883,2741],{"class":1099},[1050,8885,8886,8889,8891,8894],{"class":1052,"line":6112},[1050,8887,8888],{"class":1099}," logger",[1050,8890,1115],{"class":1071},[1050,8892,8893],{"class":1124},"warning",[1050,8895,2011],{"class":1071},[1050,8897,8898,8901,8904],{"class":1052,"line":6122},[1050,8899,8900],{"class":1063}," f",[1050,8902,8903],{"class":1134},"\"Potential SQL injection attempt detected\"",[1050,8905,2023],{"class":1071},[1050,8907,8908,8911],{"class":1052,"line":6127},[1050,8909,8910],{"class":1792}," extra",[1050,8912,8913],{"class":1071},"={\n",[1050,8915,8916,8918,8921,8923,8925,8927,8929,8932,8934,8936],{"class":1052,"line":6147},[1050,8917,7869],{"class":1130},[1050,8919,8920],{"class":1134},"ip_address",[1050,8922,1131],{"class":1130},[1050,8924,1311],{"class":1071},[1050,8926,5795],{"class":3481},[1050,8928,1115],{"class":1071},[1050,8930,8931],{"class":1124},"get_client_ip",[1050,8933,1072],{"class":1071},[1050,8935,1076],{"class":1124},[1050,8937,5572],{"class":1071},[1050,8939,8940,8942,8945,8947,8949,8951,8953,8956,8958,8960,8962,8964,8967,8969,8971,8973],{"class":1052,"line":6157},[1050,8941,7869],{"class":1130},[1050,8943,8944],{"class":1134},"user_agent",[1050,8946,1131],{"class":1130},[1050,8948,1311],{"class":1071},[1050,8950,1112],{"class":1124},[1050,8952,1115],{"class":1071},[1050,8954,8955],{"class":1118},"META",[1050,8957,1115],{"class":1071},[1050,8959,1125],{"class":1124},[1050,8961,1072],{"class":1071},[1050,8963,1131],{"class":1130},[1050,8965,8966],{"class":1134},"HTTP_USER_AGENT",[1050,8968,1131],{"class":1130},[1050,8970,1140],{"class":1071},[1050,8972,1143],{"class":1130},[1050,8974,5572],{"class":1071},[1050,8976,8977,8979,8982,8984,8986,8988,8990,8992],{"class":1052,"line":6162},[1050,8978,7869],{"class":1130},[1050,8980,8981],{"class":1134},"path",[1050,8983,1131],{"class":1130},[1050,8985,1311],{"class":1071},[1050,8987,1112],{"class":1124},[1050,8989,1115],{"class":1071},[1050,8991,8981],{"class":1781},[1050,8993,2023],{"class":1071},[1050,8995,8996,8998,9001,9003,9005,9007],{"class":1052,"line":6177},[1050,8997,7869],{"class":1130},[1050,8999,9000],{"class":1134},"method",[1050,9002,1131],{"class":1130},[1050,9004,1311],{"class":1071},[1050,9006,8859],{"class":1124},[1050,9008,2023],{"class":1071},[1050,9010,9011,9013,9016,9018,9020,9022],{"class":1052,"line":6183},[1050,9012,7869],{"class":1130},[1050,9014,9015],{"class":1134},"parameter",[1050,9017,1131],{"class":1130},[1050,9019,1311],{"class":1071},[1050,9021,8864],{"class":1124},[1050,9023,2023],{"class":1071},[1050,9025,9026,9028,9030,9032,9034,9036,9038,9040,9043],{"class":1052,"line":6210},[1050,9027,7869],{"class":1130},[1050,9029,3821],{"class":1134},[1050,9031,1131],{"class":1130},[1050,9033,1311],{"class":1071},[1050,9035,3671],{"class":1124},[1050,9037,4609],{"class":1071},[1050,9039,4612],{"class":1576},[1050,9041,9042],{"class":1071},"],",[1050,9044,9045],{"class":1056}," # Limit logged value length\n",[1050,9047,9048,9050,9053,9055,9057,9060,9062,9064,9066,9068,9070,9072,9074,9077],{"class":1052,"line":6237},[1050,9049,7869],{"class":1130},[1050,9051,9052],{"class":1134},"user",[1050,9054,1131],{"class":1130},[1050,9056,1311],{"class":1071},[1050,9058,9059],{"class":1555}," getattr",[1050,9061,1072],{"class":1071},[1050,9063,1076],{"class":1124},[1050,9065,1140],{"class":1071},[1050,9067,1291],{"class":1130},[1050,9069,9052],{"class":1134},[1050,9071,1131],{"class":1130},[1050,9073,1140],{"class":1071},[1050,9075,9076],{"class":2527}," None",[1050,9078,5572],{"class":1071},[1050,9080,9081],{"class":1052,"line":6272},[1050,9082,9083],{"class":1071}," }\n",[1050,9085,9086],{"class":1052,"line":6307},[1050,9087,2327],{"class":1071},[1050,9089,9090],{"class":1052,"line":6312},[1050,9091,1100],{"class":1099},[1050,9093,9094,9096,9099,9101,9103,9105,9107],{"class":1052,"line":6318},[1050,9095,5764],{"class":1063},[1050,9097,9098],{"class":1067}," get_client_ip",[1050,9100,1072],{"class":1071},[1050,9102,5773],{"class":5772},[1050,9104,1140],{"class":1071},[1050,9106,1112],{"class":1075},[1050,9108,1079],{"class":1071},[1050,9110,9111,9113,9116],{"class":1052,"line":6337},[1050,9112,5780],{"class":1085},[1050,9114,9115],{"class":1089},"Get client IP address",[1050,9117,1093],{"class":1085},[1050,9119,9120,9123,9125,9127,9129,9131,9133,9135,9137,9139,9142,9144],{"class":1052,"line":6342},[1050,9121,9122],{"class":1099}," x_forwarded_for ",[1050,9124,1109],{"class":1071},[1050,9126,1112],{"class":1099},[1050,9128,1115],{"class":1071},[1050,9130,8955],{"class":1118},[1050,9132,1115],{"class":1071},[1050,9134,1125],{"class":1124},[1050,9136,1072],{"class":1071},[1050,9138,1131],{"class":1130},[1050,9140,9141],{"class":1134},"HTTP_X_FORWARDED_FOR",[1050,9143,1131],{"class":1130},[1050,9145,1146],{"class":1071},[1050,9147,9148,9150,9153],{"class":1052,"line":6351},[1050,9149,3657],{"class":1194},[1050,9151,9152],{"class":1099}," x_forwarded_for",[1050,9154,2222],{"class":1071},[1050,9156,9157,9160,9162,9164,9166,9169,9171,9173,9175,9177,9180,9182],{"class":1052,"line":6374},[1050,9158,9159],{"class":1099}," ip ",[1050,9161,1109],{"class":1071},[1050,9163,9152],{"class":1099},[1050,9165,1115],{"class":1071},[1050,9167,9168],{"class":1124},"split",[1050,9170,1072],{"class":1071},[1050,9172,1131],{"class":1130},[1050,9174,1140],{"class":1134},[1050,9176,1131],{"class":1130},[1050,9178,9179],{"class":1071},")[",[1050,9181,4989],{"class":1576},[1050,9183,2531],{"class":1071},[1050,9185,9186,9189],{"class":1052,"line":6379},[1050,9187,9188],{"class":1194}," else",[1050,9190,2222],{"class":1071},[1050,9192,9193,9195,9197,9199,9201,9203,9205,9207,9209,9211,9214,9216],{"class":1052,"line":6388},[1050,9194,9159],{"class":1099},[1050,9196,1109],{"class":1071},[1050,9198,1112],{"class":1099},[1050,9200,1115],{"class":1071},[1050,9202,8955],{"class":1118},[1050,9204,1115],{"class":1071},[1050,9206,1125],{"class":1124},[1050,9208,1072],{"class":1071},[1050,9210,1131],{"class":1130},[1050,9212,9213],{"class":1134},"REMOTE_ADDR",[1050,9215,1131],{"class":1130},[1050,9217,1146],{"class":1071},[1050,9219,9220,9222],{"class":1052,"line":6411},[1050,9221,5934],{"class":1194},[1050,9223,9224],{"class":1099}," ip\n",[1030,9226,9228],{"id":9227},"testing-sql-injection-protection","Testing SQL Injection Protection",[1035,9230,9232],{"id":9231},"security-tests","Security Tests",[1040,9234,9236],{"className":1042,"code":9235,"language":1044,"meta":1045,"style":1045},"# tests.py - SQL injection protection tests\nfrom django.test import TestCase, Client\nfrom django.contrib.auth.models import User\nfrom django.urls import reverse\n\nclass SQLInjectionProtectionTests(TestCase):\n \"\"\"Test SQL injection protection\"\"\"\n \n def setUp(self):\n self.client = Client()\n self.user = User.objects.create_user(\n username='testuser',\n password='testpass123'\n )\n \n def test_orm_protection_against_injection(self):\n \"\"\"Test that ORM protects against SQL injection\"\"\"\n \n # Attempt SQL injection through ORM\n malicious_username = \"admin' OR '1'='1' --\"\n \n # This should not return all users\n users = User.objects.filter(username=malicious_username)\n \n # Should return no results (not all users)\n self.assertEqual(users.count(), 0)\n \n def test_search_form_injection_protection(self):\n \"\"\"Test search form protection against injection\"\"\"\n \n # Attempt injection through search form\n response = self.client.get(reverse('user_search'), {\n 'username': \"admin' OR '1'='1' --\",\n 'email': \"test@example.com\"\n })\n \n # Should not cause error or return unexpected results\n self.assertEqual(response.status_code, 200)\n \n # Check that no users are returned (injection failed)\n self.assertNotContains(response, 'testuser')\n \n def test_raw_sql_parameterization(self):\n \"\"\"Test that raw SQL uses proper parameterization\"\"\"\n \n from django.db import connection\n \n # Test parameterized query\n with connection.cursor() as cursor:\n cursor.execute(\n \"SELECT * FROM auth_user WHERE username = %s\",\n [\"admin' OR '1'='1' --\"]\n )\n results = cursor.fetchall()\n \n # Should return no results (injection prevented)\n self.assertEqual(len(results), 0)\n \n def test_injection_detection_middleware(self):\n \"\"\"Test SQL injection detection middleware\"\"\"\n \n # Make request with injection attempt\n response = self.client.get('/search/', {\n 'q': \"'; DROP TABLE auth_user; --\"\n })\n \n # Should not cause server error\n self.assertNotEqual(response.status_code, 500)\n \n # Check that attempt was logged (would need to check logs in real test)\n",[1047,9237,9238,9243,9264,9286,9302,9306,9320,9329,9333,9346,9362,9385,9401,9415,9419,9423,9436,9445,9449,9454,9468,9472,9477,9504,9508,9513,9538,9542,9555,9564,9568,9573,9607,9625,9642,9647,9651,9656,9681,9685,9690,9713,9717,9730,9739,9743,9758,9762,9767,9786,9797,9811,9824,9829,9844,9848,9853,9876,9880,9893,9902,9906,9911,9940,9958,9962,9966,9971,9995,9999],{"__ignoreMap":1045},[1050,9239,9240],{"class":1052,"line":1053},[1050,9241,9242],{"class":1056},"# tests.py - SQL injection protection tests\n",[1050,9244,9245,9247,9249,9251,9254,9256,9259,9261],{"class":1052,"line":1060},[1050,9246,1675],{"class":1194},[1050,9248,1198],{"class":1099},[1050,9250,1115],{"class":1071},[1050,9252,9253],{"class":1099},"test ",[1050,9255,1206],{"class":1194},[1050,9257,9258],{"class":1099}," TestCase",[1050,9260,1140],{"class":1071},[1050,9262,9263],{"class":1099}," Client\n",[1050,9265,9266,9268,9270,9272,9274,9276,9278,9280,9282,9284],{"class":1052,"line":1082},[1050,9267,1675],{"class":1194},[1050,9269,1198],{"class":1099},[1050,9271,1115],{"class":1071},[1050,9273,1682],{"class":1099},[1050,9275,1115],{"class":1071},[1050,9277,1687],{"class":1099},[1050,9279,1115],{"class":1071},[1050,9281,1692],{"class":1099},[1050,9283,1206],{"class":1194},[1050,9285,1697],{"class":1099},[1050,9287,9288,9290,9292,9294,9297,9299],{"class":1052,"line":1096},[1050,9289,1675],{"class":1194},[1050,9291,1198],{"class":1099},[1050,9293,1115],{"class":1071},[1050,9295,9296],{"class":1099},"urls ",[1050,9298,1206],{"class":1194},[1050,9300,9301],{"class":1099}," reverse\n",[1050,9303,9304],{"class":1052,"line":1103},[1050,9305,1324],{"emptyLinePlaceholder":1323},[1050,9307,9308,9310,9313,9315,9318],{"class":1052,"line":1149},[1050,9309,5341],{"class":1063},[1050,9311,9312],{"class":5344}," SQLInjectionProtectionTests",[1050,9314,1072],{"class":1071},[1050,9316,9317],{"class":5350},"TestCase",[1050,9319,1079],{"class":1071},[1050,9321,9322,9324,9327],{"class":1052,"line":1154},[1050,9323,1086],{"class":1085},[1050,9325,9326],{"class":1089},"Test SQL injection protection",[1050,9328,1093],{"class":1085},[1050,9330,9331],{"class":1052,"line":1160},[1050,9332,1100],{"class":1099},[1050,9334,9335,9337,9340,9342,9344],{"class":1052,"line":1186},[1050,9336,5764],{"class":1063},[1050,9338,9339],{"class":1067}," setUp",[1050,9341,1072],{"class":1071},[1050,9343,5773],{"class":5772},[1050,9345,1079],{"class":1071},[1050,9347,9348,9350,9352,9355,9357,9360],{"class":1052,"line":1191},[1050,9349,8110],{"class":3481},[1050,9351,1115],{"class":1071},[1050,9353,9354],{"class":1781},"client",[1050,9356,3485],{"class":1071},[1050,9358,9359],{"class":1124}," Client",[1050,9361,1228],{"class":1071},[1050,9363,9364,9366,9368,9370,9372,9374,9376,9378,9380,9383],{"class":1052,"line":1212},[1050,9365,8110],{"class":3481},[1050,9367,1115],{"class":1071},[1050,9369,9052],{"class":1781},[1050,9371,3485],{"class":1071},[1050,9373,1776],{"class":1099},[1050,9375,1115],{"class":1071},[1050,9377,1782],{"class":1781},[1050,9379,1115],{"class":1071},[1050,9381,9382],{"class":1124},"create_user",[1050,9384,2011],{"class":1071},[1050,9386,9387,9390,9392,9394,9397,9399],{"class":1052,"line":1231},[1050,9388,9389],{"class":1792}," username",[1050,9391,1109],{"class":1071},[1050,9393,1131],{"class":1130},[1050,9395,9396],{"class":1134},"testuser",[1050,9398,1131],{"class":1130},[1050,9400,2023],{"class":1071},[1050,9402,9403,9406,9408,9410,9413],{"class":1052,"line":1253},[1050,9404,9405],{"class":1792}," password",[1050,9407,1109],{"class":1071},[1050,9409,1131],{"class":1130},[1050,9411,9412],{"class":1134},"testpass123",[1050,9414,1983],{"class":1130},[1050,9416,9417],{"class":1052,"line":1258},[1050,9418,2327],{"class":1071},[1050,9420,9421],{"class":1052,"line":1276},[1050,9422,1100],{"class":1099},[1050,9424,9425,9427,9430,9432,9434],{"class":1052,"line":1320},[1050,9426,5764],{"class":1063},[1050,9428,9429],{"class":1067}," test_orm_protection_against_injection",[1050,9431,1072],{"class":1071},[1050,9433,5773],{"class":5772},[1050,9435,1079],{"class":1071},[1050,9437,9438,9440,9443],{"class":1052,"line":1327},[1050,9439,5780],{"class":1085},[1050,9441,9442],{"class":1089},"Test that ORM protects against SQL injection",[1050,9444,1093],{"class":1085},[1050,9446,9447],{"class":1052,"line":1333},[1050,9448,2741],{"class":1099},[1050,9450,9451],{"class":1052,"line":1339},[1050,9452,9453],{"class":1056}," # Attempt SQL injection through ORM\n",[1050,9455,9456,9459,9461,9463,9466],{"class":1052,"line":1345},[1050,9457,9458],{"class":1099}," malicious_username ",[1050,9460,1109],{"class":1071},[1050,9462,3174],{"class":1130},[1050,9464,9465],{"class":1134},"admin' OR '1'='1' --",[1050,9467,2701],{"class":1130},[1050,9469,9470],{"class":1052,"line":1351},[1050,9471,2741],{"class":1099},[1050,9473,9474],{"class":1052,"line":1356},[1050,9475,9476],{"class":1056}," # This should not return all users\n",[1050,9478,9479,9481,9483,9485,9487,9489,9491,9493,9495,9497,9499,9502],{"class":1052,"line":1362},[1050,9480,2234],{"class":1099},[1050,9482,1109],{"class":1071},[1050,9484,1776],{"class":1099},[1050,9486,1115],{"class":1071},[1050,9488,1782],{"class":1781},[1050,9490,1115],{"class":1071},[1050,9492,1787],{"class":1124},[1050,9494,1072],{"class":1071},[1050,9496,1135],{"class":1792},[1050,9498,1109],{"class":1071},[1050,9500,9501],{"class":1124},"malicious_username",[1050,9503,1146],{"class":1071},[1050,9505,9506],{"class":1052,"line":1368},[1050,9507,2741],{"class":1099},[1050,9509,9510],{"class":1052,"line":1373},[1050,9511,9512],{"class":1056}," # Should return no results (not all users)\n",[1050,9514,9515,9517,9519,9522,9524,9526,9528,9531,9534,9536],{"class":1052,"line":1379},[1050,9516,8110],{"class":3481},[1050,9518,1115],{"class":1071},[1050,9520,9521],{"class":1124},"assertEqual",[1050,9523,1072],{"class":1071},[1050,9525,1843],{"class":1124},[1050,9527,1115],{"class":1071},[1050,9529,9530],{"class":1124},"count",[1050,9532,9533],{"class":1071},"(),",[1050,9535,1577],{"class":1576},[1050,9537,1146],{"class":1071},[1050,9539,9540],{"class":1052,"line":2026},[1050,9541,1100],{"class":1099},[1050,9543,9544,9546,9549,9551,9553],{"class":1052,"line":2038},[1050,9545,5764],{"class":1063},[1050,9547,9548],{"class":1067}," test_search_form_injection_protection",[1050,9550,1072],{"class":1071},[1050,9552,5773],{"class":5772},[1050,9554,1079],{"class":1071},[1050,9556,9557,9559,9562],{"class":1052,"line":2049},[1050,9558,5780],{"class":1085},[1050,9560,9561],{"class":1089},"Test search form protection against injection",[1050,9563,1093],{"class":1085},[1050,9565,9566],{"class":1052,"line":2069},[1050,9567,2741],{"class":1099},[1050,9569,9570],{"class":1052,"line":2074},[1050,9571,9572],{"class":1056}," # Attempt injection through search form\n",[1050,9574,9575,9577,9579,9581,9583,9585,9587,9589,9591,9594,9596,9598,9601,9603,9605],{"class":1052,"line":2080},[1050,9576,8524],{"class":1099},[1050,9578,1109],{"class":1071},[1050,9580,5795],{"class":3481},[1050,9582,1115],{"class":1071},[1050,9584,9354],{"class":1781},[1050,9586,1115],{"class":1071},[1050,9588,1125],{"class":1124},[1050,9590,1072],{"class":1071},[1050,9592,9593],{"class":1124},"reverse",[1050,9595,1072],{"class":1071},[1050,9597,1131],{"class":1130},[1050,9599,9600],{"class":1134},"user_search",[1050,9602,1131],{"class":1130},[1050,9604,5709],{"class":1071},[1050,9606,3488],{"class":1071},[1050,9608,9609,9611,9613,9615,9617,9619,9621,9623],{"class":1052,"line":2115},[1050,9610,7465],{"class":1130},[1050,9612,1135],{"class":1134},[1050,9614,1131],{"class":1130},[1050,9616,1311],{"class":1071},[1050,9618,3174],{"class":1130},[1050,9620,9465],{"class":1134},[1050,9622,2513],{"class":1130},[1050,9624,2023],{"class":1071},[1050,9626,9627,9629,9631,9633,9635,9637,9640],{"class":1052,"line":2120},[1050,9628,7465],{"class":1130},[1050,9630,1936],{"class":1134},[1050,9632,1131],{"class":1130},[1050,9634,1311],{"class":1071},[1050,9636,3174],{"class":1130},[1050,9638,9639],{"class":1134},"test@example.com",[1050,9641,2701],{"class":1130},[1050,9643,9644],{"class":1052,"line":2134},[1050,9645,9646],{"class":1071}," })\n",[1050,9648,9649],{"class":1052,"line":2144},[1050,9650,2741],{"class":1099},[1050,9652,9653],{"class":1052,"line":2149},[1050,9654,9655],{"class":1056}," # Should not cause error or return unexpected results\n",[1050,9657,9658,9660,9662,9664,9666,9669,9671,9674,9676,9679],{"class":1052,"line":2170},[1050,9659,8110],{"class":3481},[1050,9661,1115],{"class":1071},[1050,9663,9521],{"class":1124},[1050,9665,1072],{"class":1071},[1050,9667,9668],{"class":1124},"response",[1050,9670,1115],{"class":1071},[1050,9672,9673],{"class":1781},"status_code",[1050,9675,1140],{"class":1071},[1050,9677,9678],{"class":1576}," 200",[1050,9680,1146],{"class":1071},[1050,9682,9683],{"class":1052,"line":2175},[1050,9684,2741],{"class":1099},[1050,9686,9687],{"class":1052,"line":2208},[1050,9688,9689],{"class":1056}," # Check that no users are returned (injection failed)\n",[1050,9691,9692,9694,9696,9699,9701,9703,9705,9707,9709,9711],{"class":1052,"line":2213},[1050,9693,8110],{"class":3481},[1050,9695,1115],{"class":1071},[1050,9697,9698],{"class":1124},"assertNotContains",[1050,9700,1072],{"class":1071},[1050,9702,9668],{"class":1124},[1050,9704,1140],{"class":1071},[1050,9706,1291],{"class":1130},[1050,9708,9396],{"class":1134},[1050,9710,1131],{"class":1130},[1050,9712,1146],{"class":1071},[1050,9714,9715],{"class":1052,"line":2225},[1050,9716,1100],{"class":1099},[1050,9718,9719,9721,9724,9726,9728],{"class":1052,"line":2231},[1050,9720,5764],{"class":1063},[1050,9722,9723],{"class":1067}," test_raw_sql_parameterization",[1050,9725,1072],{"class":1071},[1050,9727,5773],{"class":5772},[1050,9729,1079],{"class":1071},[1050,9731,9732,9734,9737],{"class":1052,"line":2251},[1050,9733,5780],{"class":1085},[1050,9735,9736],{"class":1089},"Test that raw SQL uses proper parameterization",[1050,9738,1093],{"class":1085},[1050,9740,9741],{"class":1052,"line":2272},[1050,9742,2741],{"class":1099},[1050,9744,9745,9748,9750,9752,9754,9756],{"class":1052,"line":2290},[1050,9746,9747],{"class":1194}," from",[1050,9749,1198],{"class":1099},[1050,9751,1115],{"class":1071},[1050,9753,1203],{"class":1099},[1050,9755,1206],{"class":1194},[1050,9757,1209],{"class":1099},[1050,9759,9760],{"class":1052,"line":2308},[1050,9761,2741],{"class":1099},[1050,9763,9764],{"class":1052,"line":2324},[1050,9765,9766],{"class":1056}," # Test parameterized query\n",[1050,9768,9769,9772,9774,9776,9778,9780,9782,9784],{"class":1052,"line":2330},[1050,9770,9771],{"class":1194}," with",[1050,9773,1220],{"class":1099},[1050,9775,1115],{"class":1071},[1050,9777,1225],{"class":1124},[1050,9779,2667],{"class":1071},[1050,9781,2670],{"class":1194},[1050,9783,1266],{"class":1099},[1050,9785,2222],{"class":1071},[1050,9787,9788,9791,9793,9795],{"class":1052,"line":2338},[1050,9789,9790],{"class":1099}," cursor",[1050,9792,1115],{"class":1071},[1050,9794,1239],{"class":1124},[1050,9796,2011],{"class":1071},[1050,9798,9799,9802,9805,9807,9809],{"class":1052,"line":2358},[1050,9800,9801],{"class":1130}," \"",[1050,9803,9804],{"class":1134},"SELECT * FROM auth_user WHERE username = ",[1050,9806,2505],{"class":1174},[1050,9808,2513],{"class":1130},[1050,9810,2023],{"class":1071},[1050,9812,9813,9816,9818,9820,9822],{"class":1052,"line":2363},[1050,9814,9815],{"class":1071}," [",[1050,9817,2513],{"class":1130},[1050,9819,9465],{"class":1134},[1050,9821,2513],{"class":1130},[1050,9823,2531],{"class":1071},[1050,9825,9826],{"class":1052,"line":4172},[1050,9827,9828],{"class":1071}," )\n",[1050,9830,9831,9834,9836,9838,9840,9842],{"class":1052,"line":4177},[1050,9832,9833],{"class":1099}," results ",[1050,9835,1109],{"class":1071},[1050,9837,1266],{"class":1099},[1050,9839,1115],{"class":1071},[1050,9841,1271],{"class":1124},[1050,9843,1228],{"class":1071},[1050,9845,9846],{"class":1052,"line":4183},[1050,9847,2741],{"class":1099},[1050,9849,9850],{"class":1052,"line":4216},[1050,9851,9852],{"class":1056}," # Should return no results (injection prevented)\n",[1050,9854,9855,9857,9859,9861,9863,9866,9868,9870,9872,9874],{"class":1052,"line":4230},[1050,9856,8110],{"class":3481},[1050,9858,1115],{"class":1071},[1050,9860,9521],{"class":1124},[1050,9862,1072],{"class":1071},[1050,9864,9865],{"class":1555},"len",[1050,9867,1072],{"class":1071},[1050,9869,1306],{"class":1124},[1050,9871,5709],{"class":1071},[1050,9873,1577],{"class":1576},[1050,9875,1146],{"class":1071},[1050,9877,9878],{"class":1052,"line":4235},[1050,9879,1100],{"class":1099},[1050,9881,9882,9884,9887,9889,9891],{"class":1052,"line":4241},[1050,9883,5764],{"class":1063},[1050,9885,9886],{"class":1067}," test_injection_detection_middleware",[1050,9888,1072],{"class":1071},[1050,9890,5773],{"class":5772},[1050,9892,1079],{"class":1071},[1050,9894,9895,9897,9900],{"class":1052,"line":4258},[1050,9896,5780],{"class":1085},[1050,9898,9899],{"class":1089},"Test SQL injection detection middleware",[1050,9901,1093],{"class":1085},[1050,9903,9904],{"class":1052,"line":4278},[1050,9905,2741],{"class":1099},[1050,9907,9908],{"class":1052,"line":4283},[1050,9909,9910],{"class":1056}," # Make request with injection attempt\n",[1050,9912,9913,9915,9917,9919,9921,9923,9925,9927,9929,9931,9934,9936,9938],{"class":1052,"line":4312},[1050,9914,8524],{"class":1099},[1050,9916,1109],{"class":1071},[1050,9918,5795],{"class":3481},[1050,9920,1115],{"class":1071},[1050,9922,9354],{"class":1781},[1050,9924,1115],{"class":1071},[1050,9926,1125],{"class":1124},[1050,9928,1072],{"class":1071},[1050,9930,1131],{"class":1130},[1050,9932,9933],{"class":1134},"/search/",[1050,9935,1131],{"class":1130},[1050,9937,1140],{"class":1071},[1050,9939,3488],{"class":1071},[1050,9941,9942,9944,9947,9949,9951,9953,9956],{"class":1052,"line":4317},[1050,9943,7465],{"class":1130},[1050,9945,9946],{"class":1134},"q",[1050,9948,1131],{"class":1130},[1050,9950,1311],{"class":1071},[1050,9952,3174],{"class":1130},[1050,9954,9955],{"class":1134},"'; DROP TABLE auth_user; --",[1050,9957,2701],{"class":1130},[1050,9959,9960],{"class":1052,"line":6098},[1050,9961,9646],{"class":1071},[1050,9963,9964],{"class":1052,"line":6112},[1050,9965,2741],{"class":1099},[1050,9967,9968],{"class":1052,"line":6122},[1050,9969,9970],{"class":1056}," # Should not cause server error\n",[1050,9972,9973,9975,9977,9980,9982,9984,9986,9988,9990,9993],{"class":1052,"line":6127},[1050,9974,8110],{"class":3481},[1050,9976,1115],{"class":1071},[1050,9978,9979],{"class":1124},"assertNotEqual",[1050,9981,1072],{"class":1071},[1050,9983,9668],{"class":1124},[1050,9985,1115],{"class":1071},[1050,9987,9673],{"class":1781},[1050,9989,1140],{"class":1071},[1050,9991,9992],{"class":1576}," 500",[1050,9994,1146],{"class":1071},[1050,9996,9997],{"class":1052,"line":6147},[1050,9998,2741],{"class":1099},[1050,10000,10001],{"class":1052,"line":6157},[1050,10002,10003],{"class":1056}," # Check that attempt was logged (would need to check logs in real test)\n",[1030,10005,10007],{"id":10006},"best-practices-summary","Best Practices Summary",[1035,10009,10011],{"id":10010},"orm-usage","ORM Usage",[10013,10014,10015,10019,10022,10025],"ul",{},[10016,10017,10018],"li",{},"Always use Django ORM for database operations when possible",[10016,10020,10021],{},"Use parameterized queries for raw SQL",[10016,10023,10024],{},"Validate and sanitize all user inputs",[10016,10026,10027],{},"Use whitelisting for dynamic query parameters",[1035,10029,10031],{"id":10030},"input-validation","Input Validation",[10013,10033,10034,10037,10040,10043],{},[10016,10035,10036],{},"Implement comprehensive form validation",[10016,10038,10039],{},"Use model validators for additional protection",[10016,10041,10042],{},"Sanitize user input at multiple levels",[10016,10044,10045],{},"Limit input length and complexity",[1035,10047,10049],{"id":10048},"query-construction","Query Construction",[10013,10051,10052,10055,10058,10061],{},[10016,10053,10054],{},"Never use string formatting or concatenation in SQL",[10016,10056,10057],{},"Use Django's query methods and Q objects",[10016,10059,10060],{},"Validate dynamic ordering and filtering parameters",[10016,10062,10063],{},"Implement proper error handling",[1035,10065,8004],{"id":10066},"monitoring-and-detection-1",[10013,10068,10069,10072,10075,10078],{},[10016,10070,10071],{},"Log potential injection attempts",[10016,10073,10074],{},"Monitor database query patterns",[10016,10076,10077],{},"Implement rate limiting for database operations",[10016,10079,10080],{},"Regular security audits and penetration testing",[1030,10082,10084],{"id":10083},"next-steps","Next Steps",[1026,10086,10087],{},"Now that you understand SQL injection protection, let's explore clickjacking protection and how to prevent UI redress attacks in Django applications.",[10089,10090,10091],"style",{},"html pre.shiki code .s9Tkl, html code.shiki .s9Tkl{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#A0ADA0;--shiki-default-font-style:inherit;--shiki-dark:#758575DD;--shiki-dark-font-style:inherit}html pre.shiki code .s5Kfy, html code.shiki .s5Kfy{--shiki-light:#9C3EDA;--shiki-default:#AB5959;--shiki-dark:#CB7676}html pre.shiki code .sljsM, html code.shiki .sljsM{--shiki-light:#6182B8;--shiki-default:#59873A;--shiki-dark:#80A665}html pre.shiki code .soVBu, html code.shiki .soVBu{--shiki-light:#39ADB5;--shiki-default:#999999;--shiki-dark:#666666}html pre.shiki code .sCyAa, html code.shiki .sCyAa{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#393A34;--shiki-default-font-style:inherit;--shiki-dark:#DBD7CAEE;--shiki-dark-font-style:inherit}html pre.shiki code .sm7ve, html code.shiki .sm7ve{--shiki-light:#39ADB5;--shiki-light-font-style:italic;--shiki-default:#B5695977;--shiki-default-font-style:inherit;--shiki-dark:#C98A7D77;--shiki-dark-font-style:inherit}html pre.shiki code .sVyVU, html code.shiki .sVyVU{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#B56959;--shiki-default-font-style:inherit;--shiki-dark:#C98A7D;--shiki-dark-font-style:inherit}html pre.shiki code .sftqT, html code.shiki .sftqT{--shiki-light:#90A4AE;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .sFGJz, html code.shiki .sFGJz{--shiki-light:#E53935;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .siWMO, html code.shiki .siWMO{--shiki-light:#6182B8;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .sbYkP, html code.shiki .sbYkP{--shiki-light:#39ADB5;--shiki-default:#B5695977;--shiki-dark:#C98A7D77}html pre.shiki code .sTbE_, html code.shiki .sTbE_{--shiki-light:#91B859;--shiki-default:#B56959;--shiki-dark:#C98A7D}html pre.shiki code .s3h35, html code.shiki .s3h35{--shiki-light:#F76D47;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .siDh9, html code.shiki .siDh9{--shiki-light:#39ADB5;--shiki-light-font-style:italic;--shiki-default:#1E754F;--shiki-default-font-style:inherit;--shiki-dark:#4D9375;--shiki-dark-font-style:inherit}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .scgAs, html code.shiki .scgAs{--shiki-light:#F76D47;--shiki-default:#1E754F;--shiki-dark:#4D9375}html pre.shiki code .sVsLi, html code.shiki .sVsLi{--shiki-light:#39ADB5;--shiki-default:#AB5959;--shiki-dark:#CB7676}html pre.shiki code .sJdAF, html code.shiki .sJdAF{--shiki-light:#6182B8;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .s7CZa, html code.shiki .s7CZa{--shiki-light:#F76D47;--shiki-default:#2F798A;--shiki-dark:#4C9A91}html pre.shiki code .sBPpx, html code.shiki .sBPpx{--shiki-light:#E53935;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .sqOPj, html code.shiki .sqOPj{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#B07D48;--shiki-default-font-style:inherit;--shiki-dark:#BD976A;--shiki-dark-font-style:inherit}html pre.shiki code .s8XtY, html code.shiki .s8XtY{--shiki-light:#39ADB5;--shiki-default:#1E754F;--shiki-dark:#4D9375}html pre.shiki code .se3Ec, html code.shiki .se3Ec{--shiki-light:#90A4AE;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .sa2tF, html code.shiki .sa2tF{--shiki-light:#E2931D;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .sD-vU, html code.shiki .sD-vU{--shiki-light:#E2931D;--shiki-default:#2E8F82;--shiki-dark:#5DA994}html pre.shiki code .sYn-s, html code.shiki .sYn-s{--shiki-light:#E2931D;--shiki-default:#59873A;--shiki-dark:#80A665}html pre.shiki code .sRjD_, html code.shiki .sRjD_{--shiki-light:#E53935;--shiki-light-font-style:italic;--shiki-default:#393A34;--shiki-default-font-style:inherit;--shiki-dark:#DBD7CAEE;--shiki-dark-font-style:inherit}html pre.shiki code .sETVe, html code.shiki .sETVe{--shiki-light:#39ADB5;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .sRJPX, html code.shiki .sRJPX{--shiki-light:#91B859;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .sk0MF, html code.shiki .sk0MF{--shiki-light:#90A4AE;--shiki-default:#BDA437;--shiki-dark:#E6CC77}html pre.shiki code .s27EL, html code.shiki .s27EL{--shiki-light:#91B859;--shiki-default:#AB5E3F;--shiki-dark:#C4704F}html pre.shiki code .sGuSu, html code.shiki .sGuSu{--shiki-light:#39ADB5;--shiki-default:#2F798A;--shiki-dark:#4C9A91}html pre.shiki code .sz9Cv, html code.shiki .sz9Cv{--shiki-light:#91B859;--shiki-default:#A65E2B;--shiki-dark:#C99076}",{"title":1045,"searchDepth":1053,"depth":1060,"links":10093},[10094,10098,10103,10107,10111,10115,10118,10121,10127],{"id":1032,"depth":1060,"text":1033,"children":10095},[10096,10097],{"id":1037,"depth":1082,"text":1038},{"id":1385,"depth":1082,"text":1386},{"id":1652,"depth":1060,"text":1653,"children":10099},[10100,10101,10102],{"id":1656,"depth":1082,"text":1657},{"id":2398,"depth":1082,"text":2399},{"id":3062,"depth":1082,"text":3063},{"id":3430,"depth":1060,"text":3431,"children":10104},[10105,10106],{"id":3434,"depth":1082,"text":3435},{"id":4352,"depth":1082,"text":4353},{"id":5277,"depth":1060,"text":5278,"children":10108},[10109,10110],{"id":5281,"depth":1082,"text":5282},{"id":6556,"depth":1082,"text":6557},{"id":7267,"depth":1060,"text":7268,"children":10112},[10113,10114],{"id":7271,"depth":1082,"text":7272},{"id":7682,"depth":1082,"text":7683},{"id":8003,"depth":1060,"text":8004,"children":10116},[10117],{"id":8007,"depth":1082,"text":8008},{"id":9227,"depth":1060,"text":9228,"children":10119},[10120],{"id":9231,"depth":1082,"text":9232},{"id":10006,"depth":1060,"text":10007,"children":10122},[10123,10124,10125,10126],{"id":10010,"depth":1082,"text":10011},{"id":10030,"depth":1082,"text":10031},{"id":10048,"depth":1082,"text":10049},{"id":10066,"depth":1082,"text":8004},{"id":10083,"depth":1060,"text":10084},"md",null,{},{"title":559,"description":1028},"s5nJI2B4v9iSLbvfDbHkC3xGeB5uMH16aCRCQB0rrZM",[10134,10136],{"title":555,"path":556,"stem":557,"description":10135,"children":-1},"Cross-Site Scripting (XSS) is a vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. Django provides robust protection against XSS attacks through automatic template escaping and security best practices.",{"title":563,"path":564,"stem":565,"description":10137,"children":-1},"Clickjacking is a malicious technique where attackers trick users into clicking on something different from what they perceive, potentially leading to unauthorized actions. Django provides built-in protection against clickjacking attacks through frame options and Content Security Policy headers.",1772474938756]