forked from phpmyadmin/phpmyadmin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsqlvalidator.lib.php
102 lines (85 loc) · 3.02 KB
/
sqlvalidator.lib.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
/* $Id$ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* SQL Validator interface for phpMyAdmin
*
* Copyright 2002 Robin Johnson <robbat2@users.sourceforge.net>
* http://www.orbis-terrarum.net/?l=people.robbat2
*
* This function uses the Mimer SQL Validator service
* <http://developer.mimer.com/validator/index.htm> from phpMyAdmin
*
* Copyright for Server side validator systems:
* "All SQL statements are stored anonymously for statistical purposes.
* Mimer SQL Validator, Copyright 2002 Upright Database Technology.
* All rights reserved."
*
* All data is transported over HTTP-SOAP
* And uses the PEAR SOAP Module
*
* Install instructions for PEAR SOAP
* Make sure you have a really recent PHP with PEAR support
* run this: "pear install Mail_Mime Net_DIME SOAP"
*
* Enable the SQL Validator options in the configuration file
* $cfg['SQLQuery']['Validate'] = TRUE;
* $cfg['SQLValidator']['use'] = FALSE;
*
* Also set a username and password if you have a private one
*/
// We need the PEAR libraries, so do a minimum version check first
// I'm not sure if PEAR was available before this point
// For now we actually use a configuration flag
if ($cfg['SQLValidator']['use'] == TRUE) {
require_once('./libraries/sqlvalidator.class.php');
} // if ($cfg['SQLValidator']['use'] == TRUE)
/**
* This function utilizes the Mimer SQL Validator service
* to validate an SQL query
*
* <http://developer.mimer.com/validator/index.htm>
*
* @param string SQL query to validate
*
* @return string Validator result string
*
* @global array The PMA configuration array
*/
function PMA_validateSQL($sql)
{
global $cfg;
$str = '';
if ($cfg['SQLValidator']['use']) {
if (isset($GLOBALS['sqlvalidator_error'])
&& $GLOBALS['sqlvalidator_error']) {
$str = sprintf($GLOBALS['strValidatorError'], '<a href="./Documentation.html#faqsqlvalidator" target="documentation">', '</a>');
} else {
// create new class instance
$srv = new PMA_SQLValidator();
// Checks for username settings
// The class defaults to anonymous with an empty password
// automatically
if ($cfg['SQLValidator']['username'] != '') {
$srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']);
}
// Identify ourselves to the server properly...
$srv->appendCallingProgram('phpMyAdmin', PMA_VERSION);
// ... and specify what database system we are using
$srv->setTargetDbms('MySQL', PMA_MYSQL_STR_VERSION);
// Log on to service
$srv->start();
// Do service validation
$str = $srv->validationString($sql);
}
} // end if
/*
else {
// The service is not available so note that properly
$str = $GLOBALS['strValidatorDisabled'];
} // end if... else...
*/
// Gives string back to caller
return $str;
} // end of the "PMA_validateSQL()" function
?>