Function: containsSQLInjection()
containsSQLInjection(Defined in: validators.ts:252 Detect SQL-injection patterns (UNION SELECT, DROP TABLE, comment-based bypasses, always-true tautologies, stacked queries) in input. Not a replacement for parameterised queries. Use this as a defense-in-depth signal in addition to a properly bound prepared statement, never as the only barrier.input):ThreatFinding[]
Parameters
input
string
String to scan. Truncated at 100 000 characters.
Returns
ThreatFinding[]
Empty array, or one finding of type "sql_injection".