📄 escapeprocessor.java
字号:
/*
* MM JDBC Drivers for MySQL
*
* $Id: EscapeProcessor.java,v 1.2 1998/08/25 00:53:47 mmatthew Exp $
*
* Copyright (C) 1998 Mark Matthews <mmatthew@worldserver.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*
* See the COPYING file located in the top-level-directory of
* the archive of this library for complete text of license.
*/
/**
* EscapeProcessor performs all escape code processing as outlined
* in the JDBC spec by JavaSoft.
*
* @author Mark Matthews <mmatthew@worldserver.com>
* @version $Id$
*/
package org.gjt.mm.mysql;
import java.util.StringTokenizer;
import java.util.Vector;
import java.util.Stack;
class EscapeProcessor
{
/**
* Escape process one string
*
* @param SQL the SQL to escape process.
* @return the SQL after it has been escape processed.
*/
public synchronized String escapeSQL(String SQL) throws java.sql.SQLException
{
boolean replaceEscapeSequence = false;
String EscapeSequence = null;
StringBuffer NewSQL = new StringBuffer();
boolean inBraces = false;
boolean inQuotes = false;
boolean escaped = false;
boolean unrecognizedEscape = false;
String OpeningBrace="";
if (SQL == null) {
return null;
}
/*
* Short circuit this code if we don't have a matching pair of
* "{}". - Suggested by Ryan Gustafason
*/
int begin_brace = SQL.indexOf("{");
int next_end_brace = SQL.indexOf("}", begin_brace);
if (next_end_brace == -1) {
return SQL;
}
PushBackTokenizer PBT = new PushBackTokenizer(SQL, "{}'", true);
while (PBT.hasMoreTokens()) {
String Token = PBT.nextToken();
if (Token.startsWith("{")) {
if (escaped) {
NewSQL.append(Token);
escaped = false;
} else {
NewSQL.append(OpeningBrace);
inBraces = true;
OpeningBrace = Token;
}
}
else if (Token.startsWith("}")) {
if (escaped) {
NewSQL.append(Token);
escaped = false;
} else {
if (inBraces == false) {
NewSQL.append(Token);
} else {
inBraces = false;
if (!OpeningBrace.equals("")) {
NewSQL.append(OpeningBrace);
NewSQL.append(Token);
OpeningBrace="";
}
if (unrecognizedEscape) {
NewSQL.append(Token);
unrecognizedEscape = false;
}
}
}
}
else if (Token.startsWith("'")) {
if (escaped) {
NewSQL.append(Token);
escaped = false;
}
else {
NewSQL.append(Token);
inQuotes = !inQuotes;
}
}
else {
if (inBraces && !inQuotes) {
/*
* Process the escape code
*/
if (Token.startsWith("escape")) {
try {
StringTokenizer ST = new StringTokenizer(Token, " '");
ST.nextToken(); // eat the "escape" token
EscapeSequence = ST.nextToken();
if (EscapeSequence.length() < 3) {
throw new java.sql.SQLException("Syntax error for escape sequence '" + Token + "'", "42000");
}
EscapeSequence = EscapeSequence.substring( 1, EscapeSequence.length() - 1);
replaceEscapeSequence = true;
}
catch (java.util.NoSuchElementException E) {
throw new java.sql.SQLException("Syntax error for escape sequence '" + Token + "'", "42000");
}
}
else if (Token.startsWith("fn")) {
// just pass functions right to the DB
int start_pos = Token.indexOf("fn ") + 3;
int end_pos = Token.length();
NewSQL.append(Token.substring(start_pos, end_pos));
try {
NewSQL.append(parseComplexArgument(PBT));
}
catch (java.util.NoSuchElementException NSE) {
throw new java.sql.SQLException("Syntax error for FN escape code", "42000");
}
}
else if (Token.startsWith("d")) {
String Argument = "";
try {
Argument = parseArgument(PBT);
}
catch (java.util.NoSuchElementException NSE) {
throw new java.sql.SQLException("Illegal argument for DATE escape code '" + Argument + "'", "42000");
}
try {
StringTokenizer ST = new StringTokenizer(Argument, " -");
String YYYY = ST.nextToken();
String MM = ST.nextToken();
String DD = ST.nextToken();
String DateString = "'" + YYYY + "-" + MM + "-" + DD + "'";
NewSQL.append(DateString);
}
catch (java.util.NoSuchElementException E) {
throw new java.sql.SQLException("Syntax error for DATE escape sequence '" + Argument + "'", "42000");
}
}
else if (Token.startsWith("ts")) {
String Argument = "";
try {
Argument = parseArgument(PBT);
}
catch (java.util.NoSuchElementException NSE) {
throw new java.sql.SQLException("Illegal argument for TIMESTAMP escape code '" + Argument + "'", "42000");
}
try {
StringTokenizer ST = new StringTokenizer(Argument, " .-:");
String YYYY = ST.nextToken();
String MM = ST.nextToken();
String DD = ST.nextToken();
String HH = ST.nextToken();
String Mm = ST.nextToken();
String SS = ST.nextToken();
/*
* For now, we get the fractional seconds
* part, but we don't use it, as MySQL doesn't
* support it in it's TIMESTAMP data type
*/
String F = "";
if (ST.hasMoreTokens()) {
F = ST.nextToken();
}
/*
* Use the full format because number format
* will not work for "between" clauses.
*
* Ref. Mysql Docs
*
* You can specify DATETIME, DATE and TIMESTAMP values
* using any of a common set of formats:
*
* As a string in either 'YYYY-MM-DD HH:MM:SS' or
* 'YY-MM-DD HH:MM:SS' format.
*
* Thanks to Craig Longman for pointing out this bug
*/
NewSQL.append("'").append(YYYY).append("-").append(MM).append("-").append(DD).append(" ").append(HH).append(":").append(Mm).append(":").append(SS).append("'");
}
catch (java.util.NoSuchElementException E) {
throw new java.sql.SQLException("Syntax error for TIMESTAMP escape sequence '" + Argument + "'", "42000");
}
}
else if (Token.startsWith("t")) {
String Argument = "";
try {
Argument = parseArgument(PBT);
}
catch (java.util.NoSuchElementException NSE) {
throw new java.sql.SQLException("Illegal argument for TIME escape code '" + Argument + "'", "42000");
}
try {
StringTokenizer ST = new StringTokenizer(Argument, " ':");
String HH = ST.nextToken();
String MM = ST.nextToken();
String SS = ST.nextToken();
String TimeString = "'" + HH + ":" + MM + ":" +SS + "'";
NewSQL.append(TimeString);
}
catch (java.util.NoSuchElementException E) {
throw new java.sql.SQLException("Syntax error for escape sequence '" + Argument + "'", "42000");
}
}
else if (Token.startsWith("call") ||
Token.startsWith("? = call")) {
throw new java.sql.SQLException("Stored procedures not supported: " + Token, "S1C00");
}
else if (Token.startsWith("oj")) {
// MySQL already handles this escape sequence
// because of ODBC. Cool.
try {
NewSQL.append(parseComplexArgument(PBT));
}
catch (java.util.NoSuchElementException NSE) {
throw new java.sql.SQLException("Syntax error for OJ escape code", "42000");
}
}
else {
NewSQL.append(OpeningBrace);
NewSQL.append(Token);
unrecognizedEscape = true;
OpeningBrace = "";
}
OpeningBrace="";
}
else {
NewSQL.append(Token);
}
}
if (Token.endsWith("\\")) {
escaped = true;
}
}
NewSQL.append(OpeningBrace);
String EscapedSQL = NewSQL.toString();
if (replaceEscapeSequence) {
String CurrentSQL = EscapedSQL;
while (CurrentSQL.indexOf(EscapeSequence) != -1) {
int escapePos = CurrentSQL.indexOf(EscapeSequence);
String LHS = CurrentSQL.substring(0, escapePos);
String RHS = CurrentSQL.substring(escapePos + 1, CurrentSQL.length());
CurrentSQL = LHS + "\\" + RHS;
}
EscapedSQL = CurrentSQL;
}
// Do we need to do the concatenation operator?
if (EscapedSQL.indexOf("||") != -1) {
EscapedSQL = doConcat(EscapedSQL);
}
return EscapedSQL;
}
/**
* Do concatenation for the SQL operator "||" because
* MySQL doesn't support it, but some IDEs (i.e. VisualAge)
* use it.
*
* @param SQL A String to do concatenation operations on
*/
static String doConcat(String SQL)
{
Vector TokenList = new Vector();
StringTokenizer ST = new StringTokenizer(SQL, " '", true);
boolean inquotes = false;
StringBuffer QuotedString = null;
while (ST.hasMoreTokens()) {
String T = ST.nextToken();
if (T.equals("'")) {
if (inquotes == true) {
inquotes = false;
Token Tok = new Token(QuotedString.toString(), true);
TokenList.addElement(Tok);
}
else {
inquotes = true;
QuotedString = new StringBuffer();
}
}
else {
if (inquotes) {
QuotedString.append(T);
}
else {
Token Tok = new Token(T, false);
TokenList.addElement(Tok);
}
}
}
// Now go through and find what we need to concatenate
int pos = 0;
int length = TokenList.size();
Stack ToDo = new Stack();
while (pos < length) {
Token T1 = (Token)TokenList.elementAt(pos);
if (T1.Value.equals("||")) {
Token Pre = (Token)ToDo.pop();
pos++;
Token Post = (Token)TokenList.elementAt(pos);
Token Concat = new Token(Pre.Value + Post.Value, true);
ToDo.push(Concat);
pos++;
}
else {
ToDo.push(T1);
pos++;
}
}
length = ToDo.size();
StringBuffer NewQuery = new StringBuffer();
for (int i = 0; i < length; i++) {
Token T = (Token)ToDo.elementAt(i);
if (T.quoted) {
NewQuery.append("'");
NewQuery.append(T.Value);
NewQuery.append("'");
}
else {
NewQuery.append(T.Value);
}
}
return NewQuery.toString();
}
/**
* Given the current tokenizer, assemble an escape code argument
*/
private final static String parseArgument(PushBackTokenizer Tokenizer)
throws java.util.NoSuchElementException
{
StringBuffer Argument = new StringBuffer();
boolean done_parsing = false;
boolean seen_one_quote = false;
while (!done_parsing) {
String Tok = Tokenizer.nextToken();
if (Tok.equals("'")) {
if (seen_one_quote) {
done_parsing = true;
}
else {
seen_one_quote = true;
}
}
else {
Argument.append(Tok);
}
}
return Argument.toString();
}
/**
* Given the current tokenizer, assemble an escape code argument
*/
private final static String parseComplexArgument(PushBackTokenizer Tokenizer)
throws java.util.NoSuchElementException
{
StringBuffer Argument = new StringBuffer();
boolean done_parsing = false;
boolean in_quotes = false;
while (!done_parsing) {
String Tok = Tokenizer.nextToken();
if (Tok.equals("'")) {
in_quotes = !in_quotes;
Argument.append(Tok);
}
else {
if (!in_quotes && Tok.equals("}")) {
done_parsing = true;
Tokenizer.pushBack();
}
else {
Argument.append(Tok);
}
}
}
return Argument.toString();
}
};
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -