libraries/sqlvalidator.lib.php

   1 <?php
   2 /* $Id$ */
   3 // vim: expandtab sw=4 ts=4 sts=4:
   4
   5
   6 /**
   7  * SQL Validator interface for phpMyAdmin
   8  *
   9  * Copyright 2002 Robin Johnson <robbat2@users.sourceforge.net>
  10  * http://www.orbis-terrarum.net/?l=people.robbat2
  11  *
  12  * This function uses the Mimer SQL Validator service
  13  * <http://developer.mimer.com/validator/index.htm> from phpMyAdmin
  14  *
  15  * Copyright for Server side validator systems:
  16  * "All SQL statements are stored anonymously for statistical purposes.
  17  * Mimer SQL Validator, Copyright 2002 Upright Database Technology.
  18  * All rights reserved."
  19  *
  20  * All data is transported over HTTP-SOAP
  21  * And uses the PEAR SOAP Module
  22  *
  23  * Install instructions for PEAR SOAP
  24  * Make sure you have a really recent PHP with PEAR support
  25  * run this: "pear install Mail_Mime Net_DIME SOAP"
  26  *
  27  * Enable the SQL Validator options in the configuration file
  28  * $cfg['SQLQuery']['Validate'] = TRUE;
  29  * $cfg['SQLValidator']['use']  = FALSE;
  30  *
  31  * Also set a username and password if you have a private one
  32  */
  33
  34
  35 // We need the PEAR libraries, so do a minimum version check first
  36 // I'm not sure if PEAR was available before this point
  37 // For now we actually use a configuration flag
  38 if ($cfg['SQLValidator']['use'] == TRUE)  {
  39     require_once('./libraries/sqlvalidator.class.php');
  40 } // if ($cfg['SQLValidator']['use'] == TRUE)
  41
  42
  43 /**
  44  * This function utilizes the Mimer SQL Validator service
  45  * to validate an SQL query
  46  *
  47  * <http://developer.mimer.com/validator/index.htm>
  48  *
  49  * @param   string   SQL query to validate
  50  *
  51  * @return  string   Validator result string
  52  *
  53  * @global  array    The PMA configuration array
  54  */
  55 function PMA_validateSQL($sql)
  56 {
  57     global $cfg;
  58
  59     $str = '';
  60
  61     if ($cfg['SQLValidator']['use']) {
  62         if (isset($GLOBALS['sqlvalidator_error'])
  63             && $GLOBALS['sqlvalidator_error']) {
  64             $str = sprintf($GLOBALS['strValidatorError'], '<a href="./Documentation.html#faqsqlvalidator" target="documentation">', '</a>');
  65         } else {
  66             // create new class instance
  67             $srv = new PMA_SQLValidator();
  68
  69             // Checks for username settings
  70             // The class defaults to anonymous with an empty password
  71             // automatically
  72             if ($cfg['SQLValidator']['username'] != '') {
  73                 $srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']);
  74             }
  75
  76             // Identify ourselves to the server properly...
  77             $srv->appendCallingProgram('phpMyAdmin', PMA_VERSION);
  78
  79             // ... and specify what database system we are using
  80             $srv->setTargetDbms('MySQL', PMA_MYSQL_STR_VERSION);
  81
  82             // Log on to service
  83             $srv->start();
  84
  85             // Do service validation
  86             $str = $srv->validationString($sql);
  87         }
  88
  89     } // end if
  90
  91     /*
  92     else {
  93         // The service is not available so note that properly
  94         $str = $GLOBALS['strValidatorDisabled'];
  95     } // end if... else...
  96     */
  97
  98     // Gives string back to caller
  99     return $str;
 100 } // end of the "PMA_validateSQL()" function
 101
 102 ?>