2 /* vim: set expandtab sw=4 ts=4 sts=4: */
4 * Represents the interface between the linter and the query editor.
8 declare(strict_types
=1);
11 use PhpMyAdmin\Linter
;
12 use PhpMyAdmin\Response
;
14 $_GET['ajax_request'] = 'true';
17 * Loading common files. Used to check for authorization, localization and to
18 * load the parsing library.
20 require_once 'libraries/common.inc.php';
23 * The SQL query to be analyzed.
25 * This does not need to be checked again XSS or MySQL injections because it is
26 * never executed, just parsed.
28 * The client, which will recieve the JSON response will decode the message and
29 * and any HTML fragments that are displayed to the user will be encoded anyway.
33 $sql_query = !empty($_POST['sql_query']) ?
$_POST['sql_query'] : '';
35 // Disabling standard response.
36 Response
::getInstance()->disable();
40 if (! empty($_POST['options'])) {
41 $options = $_POST['options'];
43 if (! empty($options['routine_editor'])) {
44 $sql_query = 'CREATE PROCEDURE `a`() ' . $sql_query;
45 } elseif (! empty($options['trigger_editor'])) {
46 $sql_query = 'CREATE TRIGGER `a` AFTER INSERT ON `b` FOR EACH ROW '
48 } elseif (! empty($options['event_editor'])) {
49 $sql_query = 'CREATE EVENT `a` ON SCHEDULE EVERY MINUTE DO ' . $sql_query;
53 echo json_encode(Linter
::lint($sql_query));