libraries/sqlvalidator.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * SQL Validator interface for phpMyAdmin
   5  *
   6  * Copyright 2002 Robin Johnson <robbat2@users.sourceforge.net>
   7  * http://www.orbis-terrarum.net/?l=people.robbat2
   8  *
   9  * This function uses the Mimer SQL Validator service
  10  * <http://developer.mimer.com/validator/index.htm> from phpMyAdmin
  11  *
  12  * Copyright for Server side validator systems:
  13  * "All SQL statements are stored anonymously for statistical purposes.
  14  * Mimer SQL Validator, Copyright 2002 Upright Database Technology.
  15  * All rights reserved."
  16  *
  17  * All data is transported over HTTP-SOAP
  18  * And uses the PEAR SOAP Module
  19  *
  20  * Install instructions for PEAR SOAP
  21  * Make sure you have a really recent PHP with PEAR support
  22  * run this: "pear install Mail_Mime Net_DIME SOAP"
  23  *
  24  * Enable the SQL Validator options in the configuration file
  25  * $cfg['SQLQuery']['Validate'] = TRUE;
  26  * $cfg['SQLValidator']['use']  = FALSE;
  27  *
  28  * Also set a username and password if you have a private one
  29  *
  30  * @version $Id$
  31  * @package phpMyAdmin
  32  */
  33 if (! defined('PHPMYADMIN')) {
  34     exit;
  35 }
  36
  37 /**
  38  * We need the PEAR libraries, so do a minimum version check first
  39  * I'm not sure if PEAR was available before this point
  40  * For now we actually use a configuration flag
  41  */
  42 if ($cfg['SQLValidator']['use'] == TRUE)  {
  43     require_once './libraries/sqlvalidator.class.php';
  44 } // if ($cfg['SQLValidator']['use'] == TRUE)
  45
  46
  47 /**
  48  * This function utilizes the Mimer SQL Validator service
  49  * to validate an SQL query
  50  *
  51  * <http://developer.mimer.com/validator/index.htm>
  52  *
  53  * @param   string   SQL query to validate
  54  *
  55  * @return  string   Validator result string
  56  *
  57  * @global  array    The PMA configuration array
  58  */
  59 function PMA_validateSQL($sql)
  60 {
  61     global $cfg;
  62
  63     $str = '';
  64
  65     if ($cfg['SQLValidator']['use']) {
  66         if (isset($GLOBALS['sqlvalidator_error'])
  67             && $GLOBALS['sqlvalidator_error']) {
  68             $str = sprintf($GLOBALS['strValidatorError'], '<a href="./Documentation.html#faqsqlvalidator" target="documentation">', '</a>');
  69         } else {
  70             // create new class instance
  71             $srv = new PMA_SQLValidator();
  72
  73             // Checks for username settings
  74             // The class defaults to anonymous with an empty password
  75             // automatically
  76             if ($cfg['SQLValidator']['username'] != '') {
  77                 $srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']);
  78             }
  79
  80             // Identify ourselves to the server properly...
  81             $srv->appendCallingProgram('phpMyAdmin', PMA_VERSION);
  82
  83             // ... and specify what database system we are using
  84             $srv->setTargetDbms('MySQL', PMA_MYSQL_STR_VERSION);
  85
  86             // Log on to service
  87             $srv->start();
  88
  89             // Do service validation
  90             $str = $srv->validationString($sql);
  91         }
  92
  93     } // end if
  94
  95     // Gives string back to caller
  96     return $str;
  97 } // end of the "PMA_validateSQL()" function
  98
  99 ?>