Sanitize-SQL
A simple SQL sanitizer library to help prevent SQL injection attacks. Sanitize-SQL is designed to be used in conjunction with other security measures, such as prepared statements.
Installation
Using npm:
npm install sanitize-sqlUsage
const { SQL } = require("sanitize-sql");
const sql = new SQL();
const unsafeQuery = "SELECT * FROM users WHERE username='admin' AND password='password';";
const sanitizedQuery = sql.sanitize(unsafeQuery);
console.log(sanitizedQuery);API
sanitize(query)
Sanitize the values within an SQL query to prevent SQL injection.
-
query(string) - The SQL query to sanitize. Returns the sanitized SQL query as a string.
addRestrictedKeyword(keyword)
Add a restricted keyword to the list of keywords that should be removed from queries.
-
keyword(string) - The restricted keyword to add.removeRestrictedKeyword(keyword)
Remove a restricted keyword from the list of keywords that should be removed from queries.
-
keyword(string) - The restricted keyword to remove.isValidKeyword(keyword)
Check if the provided keyword is valid.
keyword (string) - The keyword to validate.
Returns true if the keyword is valid, false otherwise.
Contributing
- Fork the repository on GitHub: https://github.com/aaronmansfield5/sanitize-sql
- Clone your forked repository locally
- Create a new branch for your changes
- Make your changes and commit them
- Push your changes to your forked repository on GitHub
- Create a Pull Request targeting the main branch
Credits
Created by aaronmansfield5.