diff --git a/libraries/common.lib.php3 b/libraries/common.lib.php3
index 05e85b709..a16f6cb8d 100644
--- a/libraries/common.lib.php3
+++ b/libraries/common.lib.php3
@@ -176,6 +176,11 @@ h1 {font-family: sans-serif; font-size: large; font-weight: bold}
include('./libraries/sqlparser.data.php3');
include('./libraries/sqlparser.lib.php3');
+ /**
+ * SQL Validator interface code
+ */
+ include('./libraries/sqlvalidator.php3');
+
// If zlib output compression is set in the php configuration file, no
// output buffering should be run
if (PMA_PHP_INT_VERSION < 40000
@@ -1120,6 +1125,8 @@ if (typeof(document.getElementById) != 'undefined'
}
if (!empty($GLOBALS['show_as_php'])) {
$query_base = '$sql = "' . $query_base;
+ } else if (!empty($GLOBALS['validatequery'])) {
+ $query_base = validateSQL($query_base);
} else {
$parsed_sql = PMA_SQP_parse($query_base);
$query_base = PMA_formatSql($parsed_sql);
@@ -1135,7 +1142,8 @@ if (typeof(document.getElementById) != 'undefined'
$edit_target = '';
}
- if (isset($cfg['SQLQuery']['Edit']) && $cfg['SQLQuery']['Edit'] == TRUE) {
+ if (isset($cfg['SQLQuery']['Edit'])
+ && $cfg['SQLQuery']['Edit'] == TRUE) {
if ($edit_target == 'tbl_properties.php3') {
$edit_link = '' . $GLOBALS['strExplain'];
} else if (eregi('^EXPLAIN[[:space:]]+SELECT[[:space:]]+', $GLOBALS['sql_query'])) {
@@ -1173,7 +1193,8 @@ if (typeof(document.getElementById) != 'undefined'
// Also we would like to get the SQL formed in some nice
// php-code (Mike Beck 2002-05-22)
- if (isset($cfg['SQLQuery']['ShowAsPHP']) && $cfg['SQLQuery']['ShowAsPHP'] == TRUE) {
+ if (isset($cfg['SQLQuery']['ShowAsPHP'])
+ && $cfg['SQLQuery']['ShowAsPHP'] == TRUE) {
if (!empty($GLOBALS['show_as_php'])) {
$php_link = '
+* http://www.orbis-terrarum.net/?l=people.robbat2
+*
+* All data is transported over HTTP-SOAP
+* And uses the PEAR SOAP Module
+*
+* Install instructions for PEAR SOAP
+* Make sure you have a really recent PHP with PEAR support
+* run this: "pear install Mail_Mime Net_DIME SOAP"
+*
+*
+* @access public
+* @author Robin Johnson
+* @version $Revision$
+*/
+
+if (!defined('PMA_SQL_VALIDATOR_CLASS_INCLUDED')) {
+ define('PMA_SQL_VALIDATOR_CLASS_INCLUDED', 1);
+
+ include("SOAP/Client.php");
+
+ // Ok, so we have SOAP Support, so let's use it!
+
+ class SQLValidator {
+
+ var $url;
+ var $serviceName;
+ var $wsdl;
+ var $outputType;
+
+ var $username;
+ var $password;
+ var $callingProgram;
+ var $callingProgramVersion;
+ var $targetDbms;
+ var $targetDbmsVersion;
+ var $connectionTechnology;
+ var $connectionTechnologyVersion;
+ var $interactive;
+
+ var $serviceLink = NULL;
+ var $sessionData = NULL;
+
+ function dataInit()
+ {
+ $this->url = "http://sqlvalidator.mimer.com/v1/services";
+ $this->serviceName = 'SQL99Validator';
+ $this->wsdl = '?wsdl';
+ $this->outputType = 'html';
+
+ $this->username = 'anonymous';
+ $this->password = '';
+ $this->callingProgram = 'PHP_SQLValidator';
+ $this->callingProgramVersion = '$Revision$';
+ $this->targetDbms = 'N/A';
+ $this->targetDbmsVersion = 'N/A';
+ $this->connectionTechnology = 'PHP';
+ $this->connectionTechnologyVersion = phpversion();
+ $this->interactive = 1;
+
+ $this->serviceLink = NULL;
+ $this->sessionData = NULL;
+ }
+
+ function SQLValidator()
+ {
+ $this->dataInit();
+ }
+
+ function setCredentials($username,$password)
+ {
+ $this->username = $username;
+ $this->password = $password;
+ }
+
+ function setCallingProgram($callingProgram,$callingProgramVersion)
+ {
+ $this->callingProgram = $callingProgram;
+ $this->callingProgramVersion = $callingProgramVersion;
+ }
+
+ function appendCallingProgram($callingProgram,$callingProgramVersion)
+ {
+ $this->callingProgram .= ' - ' . $callingProgram;
+ $this->callingProgramVersion .= ' - ' . $callingProgramVersion;
+ }
+
+ function setTargetDbms($targetDbms,$targetDbmsVersion)
+ {
+ $this->targetDbms = $targetDbms;
+ $this->targetDbmsVersion = $targetDbmsVersion;
+ }
+
+ function appendTargetDbms($targetDbms,$targetDbmsVersion)
+ {
+ $this->targetDbms .= ' - ' . $targetDbms;
+ $this->targetDbmsVersion .= ' - ' . $targetDbmsVersion;
+ }
+
+ function setConnectionTechnology($connectionTechnology,$connectionTechnologyVersion)
+ {
+ $this->connectionTechnology = $connectionTechnology;
+ $this->connectionTechnologyVersion = $connectionTechnologyVersion;
+ }
+
+ function appendConnectionTechnology($connectionTechnology,$connectionTechnologyVersion)
+ {
+ $this->connectionTechnology .= ' - ' . $connectionTechnology;
+ $this->connectionTechnologyVersion .= ' - ' . $connectionTechnologyVersion;
+ }
+
+ function setInteractive($interactive)
+ {
+ $this->interactive = $interactive;
+ }
+
+ function start()
+ {
+ $this->startService();
+ $this->startSession();
+ }
+
+ function startService()
+ {
+ $this->serviceLink = $this->_openService($this->url.'/'.$this->serviceName.$this->wsdl);
+ }
+
+ function startSession()
+ {
+ $this->sessionData = $this->_openSession($this->serviceLink, $this->username, $this->password, $this->callingProgram, $this->callingProgramVersion, $this->targetDbms, $this->targetDbmsVersion, $this->connectionTechnology, $this->connectionTechnologyVersion, $this->interactive);
+
+ if( isset($this->sessionData) &&
+ ($this->sessionData != NULL) &&
+ ($this->sessionData->target != $this->url))
+ {
+ // Reopen the service on the new URL that was provided
+ $url = $this->sessionData->target;
+ $this->startService();
+ }
+ }
+
+
+ function isValid($sql)
+ {
+ $res = $this->_validate($sql);
+ return $res->standard;
+ }
+
+ function ValidationString($sql)
+ {
+ $res = $this->_validate($sql);
+ return $res->data;
+ }
+
+ /* Private functions beyond here
+ *
+ */
+ function _openService($url)
+ {
+ $obj = new SOAP_Client($url,TRUE);
+ return $obj;
+ }
+
+ function _openSession($obj, $username, $password, $callingProgram, $callingProgramVersion, $targetDbms, $targetDbmsVersion, $connectionTechnology, $connectionTechnologyVersion, $interactive)
+ {
+
+ $ret = $obj->openSession($username, $password, $callingProgram, $callingProgramVersion, $targetDbms, $targetDbmsVersion, $connectionTechnology, $connectionTechnologyVersion, $interactive);
+
+ return $ret;
+ }
+
+ /**
+ * Standard calling method
+ *
+ * @param sql SQL statement to validate
+ * @return Raw string from Mimer
+ */
+ function _validateSQL($obj,$session,$sql,$method)
+ {
+ $res = $obj->validateSQL($session->sessionId, $session->sessionKey, $sql, $this->outputType);
+ return $res;
+ }
+
+ function _validate($sql)
+ {
+ $ret = $this->_validateSQL($this->serviceLink, $this->sessionData, $sql, $this->outputType);
+ return $ret;
+ }
+ }
+
+} // $__PMA_SQL_VALIDATOR_CLASS__
+
+?>
diff --git a/libraries/sqlvalidator.php3 b/libraries/sqlvalidator.php3
new file mode 100644
index 000000000..337861793
--- /dev/null
+++ b/libraries/sqlvalidator.php3
@@ -0,0 +1,60 @@
+
+ * http://www.orbis-terrarum.net/?l=people.robbat2
+ *
+ * This function uses the Mimer SQL Validator service
+ * from phpMyAdmin
+ *
+ * All data is transported over HTTP-SOAP
+ * And uses the PEAR SOAP Module
+ *
+ * Install instructions for PEAR SOAP
+ * Make sure you have a really recent PHP with PEAR support
+ * run this: "pear install Mail_Mime Net_DIME SOAP"
+ *
+ * Enable the SQL Validator options in the configuration file
+ * $cfg['SQLQuery']['Validate'] = TRUE;
+ * $cfg['SQLValidator']['use'] = FALSE;
+ *
+ * Also set a username and password if you have a private one
+ */
+
+if (!defined('PMA_SQL_VALIDATOR_INCLUDED')) {
+ define('PMA_SQL_VALIDATOR_INCLUDED', 1);
+
+ // We need the PEAR libraries, so do a minimum version check first
+ // I'm not sure if PEAR was available before this point
+ // For now we actually use a configuration flag
+ if ($cfg['SQLValidator']['use'] == TRUE) {
+ include_once('sqlvalidator.class.php3');
+
+ function validateSQL($sql)
+ {
+ global $cfg;
+ $srv = new SQLValidator();
+ if($cfg['SQLValidator']['username'] != '') {
+ $srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']);
+ }
+ $srv->appendCallingProgram('phpMyAdmin',PMA_VERSION);
+ $srv->setTargetDbms('MySQL',PMA_MYSQL_STR_VERSION);
+ $srv->start();
+ $str = $srv->ValidationString($sql);
+ if($cfg['SQLValidator']['DisplayCopyright'] != TRUE) {
+ $match = "reserved.
\n
";
+ $pos = strpos($str,$match);
+ $pos += strlen($match);
+ $str = substr($str,$pos);
+ }
+ return $str;
+
+ } // function validateSQL($sql)
+
+ } // if ($cfg['SQLValidator']['use'] == TRUE)
+
+} //$__PMA_SQL_VALIDATOR__
+
+?>