lint.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Represents the interface between the linter and  the query editor.
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 use PMA\libraries\Linter;
   9 use PMA\libraries\Response;
  10
  11 $_GET['ajax_request'] = 'true';
  12
  13 /**
  14  * Loading common files. Used to check for authorization, localization and to
  15  * load the parsing library.
  16  */
  17 require_once 'libraries/common.inc.php';
  18
  19 /**
  20  * The SQL query to be analyzed.
  21  *
  22  * This does not need to be checked again XSS or MySQL injections because it is
  23  * never executed, just parsed.
  24  *
  25  * The client, which will recieve the JSON response will decode the message and
  26  * and any HTML fragments that are displayed to the user will be encoded anyway.
  27  *
  28  * @var string
  29  */
  30 $sql_query = !empty($_POST['sql_query']) ? $_POST['sql_query'] : '';
  31
  32 // Disabling standard response.
  33 Response::getInstance()->disable();
  34
  35 PMA_headerJSON();
  36
  37 if (! empty($_POST['options'])) {
  38     $options = $_POST['options'];
  39
  40     if (! empty($options['routine_editor'])) {
  41         $sql_query = 'CREATE PROCEDURE `a`() ' . $sql_query;
  42     } elseif (! empty($options['trigger_editor'])) {
  43         $sql_query = 'CREATE TRIGGER `a` AFTER INSERT ON `b` FOR EACH ROW '
  44             . $sql_query;
  45     } elseif (! empty($options['event_editor'])) {
  46         $sql_query = 'CREATE EVENT `a` ON SCHEDULE EVERY MINUTE DO ' . $sql_query;
  47     }
  48 }
  49
  50 echo json_encode(Linter::lint($sql_query));