lint.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Represents the interface between the linter and  the query editor.
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 use PMA\libraries\Linter;
   9
  10 $_GET['ajax_request'] = 'true';
  11
  12 /**
  13  * Loading common files. Used to check for authorization, localization and to
  14  * load the parsing library.
  15  */
  16 require_once 'libraries/common.inc.php';
  17
  18 /**
  19  * The SQL query to be analyzed.
  20  *
  21  * This does not need to be checked again XSS or MySQL injections because it is
  22  * never executed, just parsed.
  23  *
  24  * The client, which will recieve the JSON response will decode the message and
  25  * and any HTML fragments that are displayed to the user will be encoded anyway.
  26  *
  27  * @var string
  28  */
  29 $sql_query = !empty($_POST['sql_query']) ? $_POST['sql_query'] : '';
  30
  31 // Disabling standard response.
  32 PMA\libraries\Response::getInstance()->disable();
  33
  34 PMA_headerJSON();
  35
  36 if (! empty($_POST['options'])) {
  37     $options = $_POST['options'];
  38
  39     if (! empty($options['routine_editor'])) {
  40         $sql_query = 'CREATE PROCEDURE `a`() ' . $sql_query;
  41     } elseif (! empty($options['trigger_editor'])) {
  42         $sql_query = 'CREATE TRIGGER `a` AFTER INSERT ON `b` FOR EACH ROW ' . $sql_query;
  43     } elseif (! empty($options['event_editor'])) {
  44         $sql_query = 'CREATE EVENT `a` ON SCHEDULE EVERY MINUTE DO ' . $sql_query;
  45     }
  46 }
  47
  48 echo json_encode(Linter::lint($sql_query));