From 93721fdd94f90d48b290749398a26cef277ad129 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Tue, 24 Jun 2014 16:56:21 +0200
Subject: Added SQL injection protection for Mysqli and several test cases

---
 tests/sql/mysqli_multiselect_subselect.phpt | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 tests/sql/mysqli_multiselect_subselect.phpt

(limited to 'tests/sql/mysqli_multiselect_subselect.phpt')

diff --git a/tests/sql/mysqli_multiselect_subselect.phpt b/tests/sql/mysqli_multiselect_subselect.phpt
new file mode 100644
index 0000000..e629720
--- /dev/null
+++ b/tests/sql/mysqli_multiselect_subselect.phpt
@@ -0,0 +1,25 @@
+--TEST--
+Mysqli query with sub-SELECT
+--INI--
+extension=mysqli.so
+suhosin.sql.bailout_on_error=0
+suhosin.sql.comment=0
+suhosin.sql.opencomment=0
+suhosin.sql.multiselect=1
+suhosin.sql.union=0
+suhosin.log.stdout=32
+--SKIPIF--
+<?php
+include('skipifmysqli.inc');
+include('skipif.inc');
+?>
+--FILE--
+<?php
+include('connect.inc');
+$mysqli = connect_mysqli_oostyle();
+$result = $mysqli->query("SELECT * FROM (SELECT 1)");
+flush();
+echo "mark.";
+?>
+--EXPECTREGEX--
+ALERT - Multiple SELECT in SQL query.*mark.
\ No newline at end of file
-- 
cgit v1.3