| 250 |
kaklik |
1 |
<?php |
|
|
2 |
/* $Id: sqlvalidator.lib.php,v 2.3 2005/10/08 15:17:42 nijel Exp $ */ |
|
|
3 |
// vim: expandtab sw=4 ts=4 sts=4: |
|
|
4 |
|
|
|
5 |
|
|
|
6 |
/** |
|
|
7 |
* SQL Validator interface for phpMyAdmin |
|
|
8 |
* |
|
|
9 |
* Copyright 2002 Robin Johnson <robbat2@users.sourceforge.net> |
|
|
10 |
* http://www.orbis-terrarum.net/?l=people.robbat2 |
|
|
11 |
* |
|
|
12 |
* This function uses the Mimer SQL Validator service |
|
|
13 |
* <http://developer.mimer.com/validator/index.htm> from phpMyAdmin |
|
|
14 |
* |
|
|
15 |
* Copyright for Server side validator systems: |
|
|
16 |
* "All SQL statements are stored anonymously for statistical purposes. |
|
|
17 |
* Mimer SQL Validator, Copyright 2002 Upright Database Technology. |
|
|
18 |
* All rights reserved." |
|
|
19 |
* |
|
|
20 |
* All data is transported over HTTP-SOAP |
|
|
21 |
* And uses the PEAR SOAP Module |
|
|
22 |
* |
|
|
23 |
* Install instructions for PEAR SOAP |
|
|
24 |
* Make sure you have a really recent PHP with PEAR support |
|
|
25 |
* run this: "pear install Mail_Mime Net_DIME SOAP" |
|
|
26 |
* |
|
|
27 |
* Enable the SQL Validator options in the configuration file |
|
|
28 |
* $cfg['SQLQuery']['Validate'] = TRUE; |
|
|
29 |
* $cfg['SQLValidator']['use'] = FALSE; |
|
|
30 |
* |
|
|
31 |
* Also set a username and password if you have a private one |
|
|
32 |
*/ |
|
|
33 |
|
|
|
34 |
|
|
|
35 |
// We need the PEAR libraries, so do a minimum version check first |
|
|
36 |
// I'm not sure if PEAR was available before this point |
|
|
37 |
// For now we actually use a configuration flag |
|
|
38 |
if ($cfg['SQLValidator']['use'] == TRUE) { |
|
|
39 |
require_once('./libraries/sqlvalidator.class.php'); |
|
|
40 |
} // if ($cfg['SQLValidator']['use'] == TRUE) |
|
|
41 |
|
|
|
42 |
|
|
|
43 |
/** |
|
|
44 |
* This function utilizes the Mimer SQL Validator service |
|
|
45 |
* to validate an SQL query |
|
|
46 |
* |
|
|
47 |
* <http://developer.mimer.com/validator/index.htm> |
|
|
48 |
* |
|
|
49 |
* @param string SQL query to validate |
|
|
50 |
* |
|
|
51 |
* @return string Validator result string |
|
|
52 |
* |
|
|
53 |
* @global array The PMA configuration array |
|
|
54 |
*/ |
|
|
55 |
function PMA_validateSQL($sql) |
|
|
56 |
{ |
|
|
57 |
global $cfg; |
|
|
58 |
|
|
|
59 |
$str = ''; |
|
|
60 |
|
|
|
61 |
if ($cfg['SQLValidator']['use']) { |
|
|
62 |
if (isset($GLOBALS['sqlvalidator_error']) |
|
|
63 |
&& $GLOBALS['sqlvalidator_error']) { |
|
|
64 |
$str = sprintf($GLOBALS['strValidatorError'], '<a href="./Documentation.html#faqsqlvalidator" target="documentation">', '</a>'); |
|
|
65 |
} else { |
|
|
66 |
// create new class instance |
|
|
67 |
$srv = new PMA_SQLValidator(); |
|
|
68 |
|
|
|
69 |
// Checks for username settings |
|
|
70 |
// The class defaults to anonymous with an empty password |
|
|
71 |
// automatically |
|
|
72 |
if ($cfg['SQLValidator']['username'] != '') { |
|
|
73 |
$srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']); |
|
|
74 |
} |
|
|
75 |
|
|
|
76 |
// Identify ourselves to the server properly... |
|
|
77 |
$srv->appendCallingProgram('phpMyAdmin', PMA_VERSION); |
|
|
78 |
|
|
|
79 |
// ... and specify what database system we are using |
|
|
80 |
$srv->setTargetDbms('MySQL', PMA_MYSQL_STR_VERSION); |
|
|
81 |
|
|
|
82 |
// Log on to service |
|
|
83 |
$srv->start(); |
|
|
84 |
|
|
|
85 |
// Do service validation |
|
|
86 |
$str = $srv->validationString($sql); |
|
|
87 |
} |
|
|
88 |
|
|
|
89 |
} // end if |
|
|
90 |
|
|
|
91 |
// Gives string back to caller |
|
|
92 |
return $str; |
|
|
93 |
} // end of the "PMA_validateSQL()" function |
|
|
94 |
|
|
|
95 |
?> |