From 323af45ce4c8716e9787ed52c2c487b952e3d0cc Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 17 Dec 2010 07:53:58 +0000
Subject: [PATCH] added one more time request payload to confirm test results

---
 lib/controller/checks.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index a6e33fbc3..ffd56f9e8 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -341,10 +341,14 @@ def checkSqlInjection(place, parameter, value):
                         trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)
 
                         if trueResult:
-                            infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
-                            logger.info(infoMsg)
+                            # Confirm test's results
+                            trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True)
 
-                            injectable = True
+                            if trueResult:
+                                infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
+                                logger.info(infoMsg)
+
+                                injectable = True
 
                         # Restore value of socket timeout
                         socket.setdefaulttimeout(popValue())