📄 sqlparser.lib.php
字号:
|| ($d_cur{0} == '_' && PMA_STR_binarySearchInArr(substr($d_cur, 1), $mysql_charsets, $mysql_charsets_count))) { $t_suffix = '_charset'; } else { // Do nothing } // check if present in the list of forbidden words if ($t_suffix == '_reservedWord' && PMA_STR_binarySearchInArr($d_cur_upper, $PMA_SQPdata_forbidden_word, $PMA_SQPdata_forbidden_word_cnt)) { $sql_array[$i]['forbidden'] = TRUE; } else { $sql_array[$i]['forbidden'] = FALSE; } $sql_array[$i]['type'] .= $t_suffix; } } // end for // Stores the size of the array inside the array, as count() is a slow // operation. $sql_array['len'] = $arraysize; // Sends the data back return $sql_array; } // end of the "PMA_SQP_parse()" function /** * Checks for token types being what we want... * * @param string String of type that we have * @param string String of type that we want * * @return boolean result of check * * @access private */ function PMA_SQP_typeCheck($toCheck, $whatWeWant) { $typeSeperator = '_'; if (strcmp($whatWeWant, $toCheck) == 0) { return TRUE; } else { if (strpos($whatWeWant, $typeSeperator) === FALSE) { return strncmp($whatWeWant, $toCheck, strpos($toCheck, $typeSeperator)) == 0; } else { return FALSE; } } } /** * Analyzes SQL queries * * @param array The SQL queries * * @return array The analyzed SQL queries * * @access public */ function PMA_SQP_analyze($arr) { if ($arr == array()) { return array(); } $result = array(); $size = $arr['len']; $subresult = array( 'querytype' => '', 'select_expr_clause'=> '', // the whole stuff between SELECT and FROM , except DISTINCT 'position_of_first_select' => '', // the array index 'from_clause'=> '', 'group_by_clause'=> '', 'order_by_clause'=> '', 'having_clause' => '', 'where_clause' => '', 'where_clause_identifiers' => array(), 'unsorted_query' => '', 'queryflags' => array(), 'select_expr' => array(), 'table_ref' => array(), 'foreign_keys' => array(), 'create_table_fields' => array() ); $subresult_empty = $subresult; $seek_queryend = FALSE; $seen_end_of_table_ref = FALSE; $number_of_brackets_in_extract = 0; $number_of_brackets_in_group_concat = 0; // for SELECT EXTRACT(YEAR_MONTH FROM CURDATE()) // we must not use CURDATE as a table_ref // so we track wether we are in the EXTRACT() $in_extract = FALSE; // for GROUP_CONCAT( ... ) $in_group_concat = FALSE;/* Description of analyzer results by lem9 * * db, table, column, alias * ------------------------ * * Inside the $subresult array, we create ['select_expr'] and ['table_ref'] arrays. * * The SELECT syntax (simplified) is * * SELECT * select_expression,... * [FROM [table_references] * * * ['select_expr'] is filled with each expression, the key represents the * expression position in the list (0-based) (so we don't lose track of * multiple occurences of the same column). * * ['table_ref'] is filled with each table ref, same thing for the key. * * I create all sub-values empty, even if they are * not present (for example no select_expression alias). * * There is a debug section at the end of loop #1, if you want to * see the exact contents of select_expr and table_ref * * queryflags * ---------- * * In $subresult, array 'queryflags' is filled, according to what we * find in the query. * * Currently, those are generated: * * ['queryflags']['need_confirm'] = 1; if the query needs confirmation * ['queryflags']['select_from'] = 1; if this is a real SELECT...FROM * ['queryflags']['distinct'] = 1; for a DISTINCT * ['queryflags']['union'] = 1; for a UNION * ['queryflags']['join'] = 1; for a JOIN * ['queryflags']['offset'] = 1; for the presence of OFFSET * * query clauses * ------------- * * The select is splitted in those clauses: * ['select_expr_clause'] * ['from_clause'] * ['group_by_clause'] * ['order_by_clause'] * ['having_clause'] * ['where_clause'] * * The identifiers of the WHERE clause are put into the array * ['where_clause_identifier'] * * For a SELECT, the whole query without the ORDER BY clause is put into * ['unsorted_query'] * * foreign keys * ------------ * The CREATE TABLE may contain FOREIGN KEY clauses, so they get * analyzed and ['foreign_keys'] is an array filled with * the constraint name, the index list, * the REFERENCES table name and REFERENCES index list, * and ON UPDATE | ON DELETE clauses * * position_of_first_select * ------------------------ * * The array index of the first SELECT we find. Will be used to * insert a SQL_CALC_FOUND_ROWS. * * create_table_fields * ------------------- * * For now, mostly used to detect the DEFAULT CURRENT_TIMESTAMP and * ON UPDATE CURRENT_TIMESTAMP clauses of the CREATE TABLE query. * An array, each element is the identifier name. * Note that for now, the timestamp_not_null element is created * even for non-TIMESTAMP fields. * * Sub-elements: ['type'] which contains the column type * optional (currently they are never false but can be absent): * ['default_current_timestamp'] boolean * ['on_update_current_timestamp'] boolean * ['timestamp_not_null'] boolean * * section_before_limit, section_after_limit * ----------------------------------------- * * Marks the point of the query where we can insert a LIMIT clause; * so the section_before_limit will contain the left part before * a possible LIMIT clause * * * End of description of analyzer results */ // must be sorted // TODO: current logic checks for only one word, so I put only the // first word of the reserved expressions that end a table ref; // maybe this is not ok (the first word might mean something else)// $words_ending_table_ref = array(// 'FOR UPDATE',// 'GROUP BY',// 'HAVING',// 'LIMIT',// 'LOCK IN SHARE MODE',// 'ORDER BY',// 'PROCEDURE',// 'UNION',// 'WHERE'// ); $words_ending_table_ref = array( 'FOR', 'GROUP', 'HAVING', 'LIMIT', 'LOCK', 'ORDER', 'PROCEDURE', 'UNION', 'WHERE' ); $words_ending_table_ref_cnt = 9; //count($words_ending_table_ref); $words_ending_clauses = array( 'FOR', 'LIMIT', 'LOCK', 'PROCEDURE', 'UNION' ); $words_ending_clauses_cnt = 5; //count($words_ending_clauses); // must be sorted $supported_query_types = array( 'SELECT' /* // Support for these additional query types will come later on. 'DELETE', 'INSERT', 'REPLACE', 'TRUNCATE', 'UPDATE' 'EXPLAIN', 'DESCRIBE', 'SHOW', 'CREATE', 'SET', 'ALTER' */ ); $supported_query_types_cnt = count($supported_query_types); // loop #1 for each token: select_expr, table_ref for SELECT for ($i = 0; $i < $size; $i++) {//DEBUG echo "trace loop1 <b>" . $arr[$i]['data'] . "</b> (" . $arr[$i]['type'] . ")<br />"; // High speed seek for locating the end of the current query if ($seek_queryend == TRUE) { if ($arr[$i]['type'] == 'punct_queryend') { $seek_queryend = FALSE; } else { continue; } // end if (type == punct_queryend) } // end if ($seek_queryend) // TODO: when we find a UNION, should we split // in another subresult? // Note: do not split if this is a punct_queryend for the // first and only query if ($arr[$i]['type'] == 'punct_queryend' && ($i + 1 != $size)) { $result[] = $subresult; $subresult = $subresult_empty; continue; } // end if (type == punct_queryend)// ============================================================== if ($arr[$i]['type'] == 'punct_bracket_open_round') { if ($in_extract) { $number_of_brackets_in_extract++; } if ($in_group_concat) { $number_of_brackets_in_group_concat++; } }// ============================================================== if ($arr[$i]['type'] == 'punct_bracket_close_round') { if ($in_extract) { $number_of_brackets_in_extract--; if ($number_of_brackets_in_extract == 0) { $in_extract = FALSE; } } if ($in_group_concat) { $number_of_brackets_in_group_concat--; if ($number_of_brackets_in_group_concat == 0) { $in_group_concat = FALSE; } } }// ============================================================== if ($arr[$i]['type'] == 'alpha_functionName') { $upper_data = strtoupper($arr[$i]['data']); if ($upper_data =='EXTRACT') { $in_extract = TRUE; $number_of_brackets_in_extract = 0; } if ($upper_data =='GROUP_CONCAT') { $in_group_concat = TRUE; $number_of_brackets_in_group_concat = 0; } }// ============================================================== if ($arr[$i]['type'] == 'alpha_reservedWord'// && $arr[$i]['forbidden'] == FALSE) { ) { // We don't know what type of query yet, so run this if ($subresult['querytype'] == '') { $subresult['querytype'] = strtoupper($arr[$i]['data']); } // end if (querytype was empty) // Check if we support this type of query if (!PMA_STR_binarySearchInArr($subresult['querytype'], $supported_query_types, $supported_query_types_cnt)) {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -