From 80d41940cbdbc0373f9891a58b1c3a1ff1ca88e2 Mon Sep 17 00:00:00 2001
From: Ana Scolari <127357173+apsscolari@users.noreply.github.com>
Date: Mon, 10 Mar 2025 17:43:53 -0700
Subject: [PATCH] Create unsanitized.py

---
 unsanitized.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 unsanitized.py

diff --git a/unsanitized.py b/unsanitized.py
new file mode 100644
index 0000000..f1f6122
--- /dev/null
+++ b/unsanitized.py
@@ -0,0 +1,25 @@
+import sqlite3
+
+# Connect to an in-memory SQLite database for testing
+conn = sqlite3.connect(":memory:")
+cursor = conn.cursor()
+
+# Create a sample users table
+cursor.execute("CREATE TABLE users (id INTEGER PRIMARY KEY, username TEXT, password TEXT)")
+cursor.execute("INSERT INTO users (username, password) VALUES ('admin', 'securepass')")
+conn.commit()
+
+# UNSANITIZED User Input (Vulnerable to SQL Injection)
+username = input("Enter your username: ")
+query = f"SELECT * FROM users WHERE username = '{username}'"
+print("\n[DEBUG] Executing Query:", query)  # Debugging purpose
+
+cursor.execute(query)
+result = cursor.fetchall()
+
+if result:
+    print("\n User found:", result)
+else:
+    print("\n No user found.")
+
+conn.close()