From 7f89571b8e197179cc7a81f6ea00363a497f77d0 Mon Sep 17 00:00:00 2001
From: sudocurse <947518+sudocurse@users.noreply.github.com>
Date: Thu, 24 Apr 2025 11:10:59 -0700
Subject: [PATCH] malicious commit test

---
 GithubTest.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/GithubTest.py b/GithubTest.py
index ac218736..825bc4ae 100644
--- a/GithubTest.py
+++ b/GithubTest.py
@@ -1,6 +1,17 @@
 from github import Github
-
+from fake import database
 g = Github( ${{Pygithub.secrets}} )
 
 for repo in g.get_user().get_repos():
     print(repo.name)
+
+def get_user_by_email(email):
+    query = "SELECT * FROM users WHERE email = '{}';".format(email)
+    return query
+
+# Example of user input that would simulate SQL injection
+malicious_input = "'; DROP TABLE users; --"
+q = get_user_by_email(malicious_input)
+print(q)
+db.query(q)
+