mirror of
https://github.com/wlinator/luminara.git
synced 2024-10-02 18:23:12 +00:00
Add SQL injection commands
This commit is contained in:
parent
ab0573b2fa
commit
efe166d999
5 changed files with 87 additions and 35 deletions
|
@ -15,16 +15,13 @@ def create_connection():
|
|||
def execute_query(query, values=None):
|
||||
conn = create_connection()
|
||||
cursor = conn.cursor()
|
||||
try:
|
||||
if values:
|
||||
cursor.execute(query, values)
|
||||
else:
|
||||
cursor.execute(query)
|
||||
|
||||
conn.commit()
|
||||
except Error as e:
|
||||
print("'execute_query()' Error occurred: {}".format(e))
|
||||
if values:
|
||||
cursor.execute(query, values)
|
||||
else:
|
||||
cursor.execute(query)
|
||||
|
||||
conn.commit()
|
||||
return cursor
|
||||
|
||||
|
||||
|
@ -32,30 +29,22 @@ def select_query(query, values=None):
|
|||
conn = create_connection()
|
||||
cursor = conn.cursor()
|
||||
|
||||
try:
|
||||
if values:
|
||||
return cursor.execute(query, values).fetchall()
|
||||
else:
|
||||
return cursor.execute(query).fetchall()
|
||||
|
||||
except Error as e:
|
||||
return f"ERROR: {e}"
|
||||
if values:
|
||||
return cursor.execute(query, values).fetchall()
|
||||
else:
|
||||
return cursor.execute(query).fetchall()
|
||||
|
||||
|
||||
def select_query_one(query, values=None):
|
||||
conn = create_connection()
|
||||
cursor = conn.cursor()
|
||||
|
||||
try:
|
||||
if values:
|
||||
output = cursor.execute(query, values).fetchone()
|
||||
else:
|
||||
output = cursor.execute(query).fetchone()
|
||||
if values:
|
||||
output = cursor.execute(query, values).fetchone()
|
||||
else:
|
||||
output = cursor.execute(query).fetchone()
|
||||
|
||||
if output:
|
||||
return output[0]
|
||||
if output:
|
||||
return output[0]
|
||||
|
||||
return None
|
||||
|
||||
except Error as e:
|
||||
return f"ERROR: {e}"
|
||||
return None
|
||||
|
|
|
@ -13,7 +13,8 @@ class Basic(commands.Cog):
|
|||
|
||||
@commands.slash_command(
|
||||
name="ping",
|
||||
description="Show the bot's latency."
|
||||
description="Show the bot's latency.",
|
||||
guild_only=True
|
||||
)
|
||||
@commands.check(universal.channel_check)
|
||||
async def ping(self, ctx):
|
||||
|
|
60
modules/owneronly.py
Normal file
60
modules/owneronly.py
Normal file
|
@ -0,0 +1,60 @@
|
|||
import json
|
||||
import os
|
||||
import sqlite3
|
||||
|
||||
import discord
|
||||
from discord.ext import commands
|
||||
from dotenv import load_dotenv
|
||||
|
||||
from db import database
|
||||
from sb_tools import universal
|
||||
|
||||
load_dotenv('.env')
|
||||
|
||||
active_blackjack_games = {}
|
||||
special_balance_name = os.getenv("SPECIAL_BALANCE_NAME")
|
||||
cash_balance_name = os.getenv("CASH_BALANCE_NAME")
|
||||
|
||||
with open("config/economy.json") as file:
|
||||
json_data = json.load(file)
|
||||
|
||||
|
||||
class OwnerOnly(commands.Cog):
|
||||
def __init__(self, sbbot):
|
||||
self.bot = sbbot
|
||||
|
||||
sql = discord.SlashCommandGroup(name="sql", description="Perform SQL commands (DANGEROUS)")
|
||||
|
||||
@sql.command(
|
||||
name="select",
|
||||
description="Perform a SELECT query in the database.",
|
||||
guild_only=True
|
||||
)
|
||||
@commands.check(universal.owner_check)
|
||||
async def select(self, ctx, *, query: discord.Option(str)):
|
||||
if query.lower().startswith("select "):
|
||||
query = query[7:]
|
||||
|
||||
try:
|
||||
results = database.select_query(f"SELECT {query}")
|
||||
except sqlite3.Error as error:
|
||||
results = error
|
||||
|
||||
return await ctx.respond(content=f"```SELECT {query}```\n```{results}```", ephemeral=True)
|
||||
|
||||
@sql.command(
|
||||
name="inject",
|
||||
description="Change a value in the database. (DANGEROUS)",
|
||||
guild_only=True
|
||||
)
|
||||
@commands.check(universal.owner_check)
|
||||
async def inject(self, ctx, *, query: discord.Option(str)):
|
||||
try:
|
||||
database.execute_query(query)
|
||||
await ctx.respond(content=f"That worked!\n```{query}```", ephemeral=True)
|
||||
except sqlite3.Error as error:
|
||||
await ctx.respond(content=f"Query:\n```{query}```\nError message:\n```{error}```", ephemeral=True)
|
||||
|
||||
|
||||
def setup(sbbot):
|
||||
sbbot.add_cog(OwnerOnly(sbbot))
|
|
@ -27,7 +27,8 @@ class Stats(commands.Cog):
|
|||
|
||||
@stats.command(
|
||||
name="all",
|
||||
description="Show the stats for all Racu users."
|
||||
description="Show the stats for all Racu users.",
|
||||
guild_only=True
|
||||
)
|
||||
# @commands.check(universal.channel_check)
|
||||
@commands.check(universal.beta_check)
|
||||
|
@ -69,7 +70,8 @@ class Stats(commands.Cog):
|
|||
|
||||
@stats.command(
|
||||
name="me",
|
||||
description="Show your personal Racu stats."
|
||||
description="Show your personal Racu stats.",
|
||||
guild_only=True
|
||||
)
|
||||
# @commands.check(universal.channel_check)
|
||||
@commands.check(universal.beta_check)
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
import discord
|
||||
from discord.ext import commands
|
||||
from dotenv import load_dotenv
|
||||
import os
|
||||
|
||||
import discord
|
||||
from dotenv import load_dotenv
|
||||
|
||||
load_dotenv('.env')
|
||||
|
||||
|
||||
|
@ -25,7 +25,7 @@ async def beta_check(ctx):
|
|||
f"fine-tuning to ensure the best experience for all users. Stay tuned for its "
|
||||
f"official release.",
|
||||
color=discord.Color.red())
|
||||
await ctx.respond(embed=embed)
|
||||
await ctx.respond(embed=embed, ephemeral=True)
|
||||
return False
|
||||
|
||||
return True
|
||||
|
@ -36,7 +36,7 @@ async def owner_check(ctx):
|
|||
if ctx.author.id != int(owner_id):
|
||||
embed = discord.Embed(description=f"Only Tess can do this command.",
|
||||
color=discord.Color.red())
|
||||
await ctx.respond(embed=embed)
|
||||
await ctx.respond(embed=embed, ephemeral=True)
|
||||
return False
|
||||
|
||||
return True
|
||||
|
|
Loading…
Reference in a new issue