Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.35
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
var /
www /
html_old /
iscreen.apps-dev.fr /
classes /
Delete
Unzip
Name
Size
Permission
Date
Action
cache
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
controller
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
db
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
exception
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
helper
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
log
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
module
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
order
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
pdf
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
range
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
shop
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
stock
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
tax
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
tree
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
webservice
[ DIR ]
drwxrwxrwx
2020-12-09 15:21
.htaccess
510
B
-rwxrwxrwx
2023-01-18 07:38
Address.php
16.32
KB
-rwxrwxrwx
2019-04-30 18:42
AddressFormat.php
22.17
KB
-rwxrwxrwx
2019-04-30 18:42
AdminTab.php
115.85
KB
-rwxrwxrwx
2019-04-30 18:42
Alias.php
4.41
KB
-rwxrwxrwx
2019-04-30 18:42
Attachment.php
6.57
KB
-rwxrwxrwx
2019-04-30 18:42
Attribute.php
12.62
KB
-rwxrwxrwx
2019-04-30 18:42
AttributeGroup.php
11.49
KB
-rwxrwxrwx
2019-04-30 18:42
Blowfish.php
21.79
KB
-rwxrwxrwx
2019-04-30 18:42
CMS.php
8.98
KB
-rwxrwxrwx
2019-04-30 18:42
CMSCategory.php
23.42
KB
-rwxrwxrwx
2019-04-30 18:42
CMSRole.php
1.61
KB
-rwxrwxrwx
2019-04-30 18:42
CSV.php
2.89
KB
-rwxrwxrwx
2019-04-30 18:42
Carrier.php
55.24
KB
-rwxrwxrwx
2019-04-30 18:42
Cart.php
167.24
KB
-rwxrwxrwx
2019-04-30 18:42
CartRule.php
70
KB
-rwxrwxrwx
2019-04-30 18:42
Category.php
68.83
KB
-rwxrwxrwx
2019-04-30 18:42
Chart.php
5.36
KB
-rwxrwxrwx
2019-04-30 18:42
Combination.php
11.54
KB
-rwxrwxrwx
2019-04-30 18:42
CompareProduct.php
5.06
KB
-rwxrwxrwx
2019-04-30 18:42
Configuration.php
22.73
KB
-rwxrwxrwx
2019-04-30 18:42
ConfigurationKPI.php
5.49
KB
-rwxrwxrwx
2019-04-30 18:42
ConfigurationTest.php
10.66
KB
-rwxrwxrwx
2019-04-30 18:42
Connection.php
9.69
KB
-rwxrwxrwx
2019-04-30 18:42
ConnectionsSource.php
5.02
KB
-rwxrwxrwx
2019-04-30 18:42
Contact.php
3.26
KB
-rwxrwxrwx
2019-04-30 18:42
Context.php
7.29
KB
-rwxrwxrwx
2019-04-30 18:42
ControllerFactory.php
2.16
KB
-rwxrwxrwx
2019-04-30 18:42
Cookie.php
13.04
KB
-rwxrwxrwx
2019-04-30 18:42
Country.php
14.07
KB
-rwxrwxrwx
2019-04-30 18:42
County.php
3.65
KB
-rwxrwxrwx
2019-04-30 18:42
Currency.php
15.33
KB
-rwxrwxrwx
2019-04-30 18:42
Customer.php
32.46
KB
-rwxrwxrwx
2019-04-30 18:42
CustomerMessage.php
4.33
KB
-rwxrwxrwx
2019-04-30 18:42
CustomerThread.php
8.04
KB
-rwxrwxrwx
2019-04-30 18:42
Customization.php
9.72
KB
-rwxrwxrwx
2019-04-30 18:42
CustomizationField.php
2.33
KB
-rwxrwxrwx
2019-04-30 18:42
DateRange.php
2.23
KB
-rwxrwxrwx
2019-04-30 18:42
Delivery.php
3.12
KB
-rwxrwxrwx
2019-04-30 18:42
Discount.php
8.97
KB
-rwxrwxrwx
2019-04-30 18:42
Dispatcher.php
36.2
KB
-rwxrwxrwx
2019-04-30 18:42
Employee.php
16.38
KB
-rwxrwxrwx
2019-04-30 18:42
Feature.php
10.6
KB
-rwxrwxrwx
2019-04-30 18:42
FeatureValue.php
6.66
KB
-rwxrwxrwx
2019-04-30 18:42
FileUploader.php
11.06
KB
-rwxrwxrwx
2019-04-30 18:42
Gender.php
2.25
KB
-rwxrwxrwx
2019-04-30 18:42
Group.php
12.98
KB
-rwxrwxrwx
2019-04-30 18:42
GroupReduction.php
9.33
KB
-rwxrwxrwx
2019-04-30 18:42
Guest.php
7.27
KB
-rwxrwxrwx
2019-04-30 18:42
Hook.php
30.84
KB
-rwxrwxrwx
2019-04-30 18:42
Image.php
27.35
KB
-rwxrwxrwx
2019-04-30 18:42
ImageManager.php
21.9
KB
-rwxrwxrwx
2019-04-30 18:42
ImageType.php
6.14
KB
-rwxrwxrwx
2019-04-30 18:42
Language.php
39.76
KB
-rwxrwxrwx
2019-04-30 18:42
Link.php
29.46
KB
-rwxrwxrwx
2019-04-30 18:42
LocalizationPack.php
19.08
KB
-rwxrwxrwx
2019-04-30 18:42
Mail.php
24.81
KB
-rwxrwxrwx
2019-04-30 18:42
Manufacturer.php
17.13
KB
-rwxrwxrwx
2019-04-30 18:42
Media.php
39.73
KB
-rwxrwxrwx
2019-04-30 18:42
Message.php
5.65
KB
-rwxrwxrwx
2019-04-30 18:42
Meta.php
17.5
KB
-rwxrwxrwx
2019-04-30 18:42
Notification.php
6.08
KB
-rwxrwxrwx
2019-04-30 18:42
ObjectModel.php
69.64
KB
-rwxrwxrwx
2019-04-30 18:42
Pack.php
17.82
KB
-rwxrwxrwx
2019-04-30 18:42
Page.php
4.2
KB
-rwxrwxrwx
2019-04-30 18:42
PaymentCC.php
2.49
KB
-rwxrwxrwx
2019-04-30 18:42
PaymentModule.php
53.64
KB
-rwxrwxrwx
2019-04-30 18:42
PrestaShopAutoload.php
8.31
KB
-rwxrwxrwx
2019-04-30 18:42
PrestaShopBackup.php
10.53
KB
-rwxrwxrwx
2019-04-30 18:42
PrestaShopCollection.php
20.43
KB
-rwxrwxrwx
2019-04-30 18:42
PrestaShopLogger.php
6.07
KB
-rwxrwxrwx
2019-04-30 18:42
Product.php
232.97
KB
-rwxrwxrwx
2019-04-30 18:42
ProductDownload.php
9.86
KB
-rwxrwxrwx
2019-04-30 18:42
ProductSale.php
11.37
KB
-rwxrwxrwx
2019-04-30 18:42
ProductSupplier.php
7.63
KB
-rwxrwxrwx
2019-04-30 18:42
Profile.php
5.19
KB
-rwxrwxrwx
2019-04-30 18:42
QuickAccess.php
2.58
KB
-rwxrwxrwx
2019-04-30 18:42
Referrer.php
16.19
KB
-rwxrwxrwx
2019-04-30 18:42
RequestSql.php
19.64
KB
-rwxrwxrwx
2019-04-30 18:42
Rijndael.php
4.88
KB
-rwxrwxrwx
2019-04-30 18:42
Risk.php
2.35
KB
-rwxrwxrwx
2019-04-30 18:42
Scene.php
9.85
KB
-rwxrwxrwx
2019-04-30 18:42
Search.php
38.85
KB
-rwxrwxrwx
2019-04-30 18:42
SearchEngine.php
2.57
KB
-rwxrwxrwx
2019-04-30 18:42
SmartyCacheResourceMysql.php
4.76
KB
-rwxrwxrwx
2019-04-30 18:42
SmartyCustom.php
12.28
KB
-rwxrwxrwx
2019-04-30 18:42
SpecificPrice.php
22.79
KB
-rwxrwxrwx
2019-04-30 18:42
SpecificPriceRule.php
13.64
KB
-rwxrwxrwx
2019-04-30 18:42
State.php
6.65
KB
-rwxrwxrwx
2019-04-30 18:42
Store.php
4.82
KB
-rwxrwxrwx
2019-04-30 18:42
Supplier.php
15.21
KB
-rwxrwxrwx
2019-04-30 18:42
Tab.php
19.1
KB
-rwxrwxrwx
2019-04-30 18:42
Tag.php
10.19
KB
-rwxrwxrwx
2019-04-30 18:42
Theme.php
12.58
KB
-rwxrwxrwx
2019-04-30 18:42
Tools.php
130.71
KB
-rwxrwxrwx
2019-04-30 18:42
Translate.php
11.48
KB
-rwxrwxrwx
2019-04-30 18:42
TranslatedConfiguration.php
3.99
KB
-rwxrwxrwx
2019-04-30 18:42
Upgrader.php
11.02
KB
-rwxrwxrwx
2019-04-30 18:42
Uploader.php
8.47
KB
-rwxrwxrwx
2019-04-30 18:42
Validate.php
31.72
KB
-rwxrwxrwx
2019-04-30 18:42
Zone.php
3.17
KB
-rwxrwxrwx
2019-04-30 18:42
index.php
29.14
KB
-rwxrwxrwx
2023-01-18 07:38
Save
Rename
<?php /* * 2007-2017 PrestaShop * * NOTICE OF LICENSE * * This source file is subject to the Open Software License (OSL 3.0) * that is bundled with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/osl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to license@prestashop.com so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade PrestaShop to newer * versions in the future. If you wish to customize PrestaShop for your * needs please refer to http://www.prestashop.com for more information. * * @author PrestaShop SA <contact@prestashop.com> * @copyright 2007-2017 PrestaShop SA * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ class RequestSqlCore extends ObjectModel { public $name; public $sql; /** * @see ObjectModel::$definition */ public static $definition = array( 'table' => 'request_sql', 'primary' => 'id_request_sql', 'fields' => array( 'name' => array('type' => self::TYPE_STRING, 'validate' => 'isString', 'required' => true, 'size' => 200), 'sql' => array('type' => self::TYPE_SQL, 'validate' => 'isString', 'required' => true), ), ); /** @var array : List of params to tested */ public $tested = array( 'required' => array('SELECT', 'FROM'), 'option' => array('WHERE', 'ORDER', 'LIMIT', 'HAVING', 'GROUP', 'UNION'), 'operator' => array( 'AND', '&&', 'BETWEEN', 'AND', 'BINARY', '&', '~', '|', '^', 'CASE', 'WHEN', 'END', 'DIV', '/', '<=>', '=', '>=', '>', 'IS', 'NOT', 'NULL', '<<', '<=', '<', 'LIKE', '-', '%', '!=', '<>', 'REGEXP', '!', '||', 'OR', '+', '>>', 'RLIKE', 'SOUNDS', '*', '-', 'XOR', 'IN' ), 'function' => array( 'AVG', 'SUM', 'COUNT', 'MIN', 'MAX', 'STDDEV', 'STDDEV_SAMP', 'STDDEV_POP', 'VARIANCE', 'VAR_SAMP', 'VAR_POP', 'GROUP_CONCAT', 'BIT_AND', 'BIT_OR', 'BIT_XOR' ), 'unauthorized' => array( 'DELETE', 'ALTER', 'INSERT', 'REPLACE', 'CREATE', 'TRUNCATE', 'OPTIMIZE', 'GRANT', 'REVOKE', 'SHOW', 'HANDLER', 'LOAD', 'ROLLBACK', 'SAVEPOINT', 'UNLOCK', 'INSTALL', 'UNINSTALL', 'ANALZYE', 'BACKUP', 'CHECK', 'CHECKSUM', 'REPAIR', 'RESTORE', 'CACHE', 'DESCRIBE', 'EXPLAIN', 'USE', 'HELP', 'SET', 'DUPLICATE', 'VALUES', 'INTO', 'RENAME', 'CALL', 'PROCEDURE', 'FUNCTION', 'DATABASE', 'SERVER', 'LOGFILE', 'DEFINER', 'RETURNS', 'EVENT', 'TABLESPACE', 'VIEW', 'TRIGGER', 'DATA', 'DO', 'PASSWORD', 'USER', 'PLUGIN', 'FLUSH', 'KILL', 'RESET', 'START', 'STOP', 'PURGE', 'EXECUTE', 'PREPARE', 'DEALLOCATE', 'LOCK', 'USING', 'DROP', 'FOR', 'UPDATE', 'BEGIN', 'BY', 'ALL', 'SHARE', 'MODE', 'TO','KEY', 'DISTINCTROW', 'DISTINCT', 'HIGH_PRIORITY', 'LOW_PRIORITY', 'DELAYED', 'IGNORE', 'FORCE', 'STRAIGHT_JOIN', 'SQL_SMALL_RESULT', 'SQL_BIG_RESULT', 'QUICK', 'SQL_BUFFER_RESULT', 'SQL_CACHE', 'SQL_NO_CACHE', 'SQL_CALC_FOUND_ROWS', 'WITH' ) ); public $attributes = array( 'passwd' => '*******************', 'secure_key' => '*******************' ); /** @var array : list of errors */ public $error_sql = array(); /** * Get list of request SQL * * @return array|bool */ public static function getRequestSql() { if (!$result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS('SELECT * FROM `'._DB_PREFIX_.'request_sql` ORDER BY `id_request_sql`')) { return false; } $request_sql = array(); foreach ($result as $row) { $request_sql[] = $row['sql']; } return $request_sql; } /** * Get list of request SQL by id request * * @param $id * @return array */ public static function getRequestSqlById($id) { return Db::getInstance()->executeS('SELECT `sql` FROM `'._DB_PREFIX_.'request_sql` WHERE `id_request_sql` = '.(int)$id); } /** * Call the parserSQL() method in Tools class * Cut the request in table for check it * * @param $sql * @return bool */ public function parsingSql($sql) { return Tools::parserSQL($sql); } /** * Check if the parsing of the SQL request is good or not * * @param $tab * @param bool $in * @param $sql * @return bool */ public function validateParser($tab, $in = false, $sql) { if (!$tab) { return false; } elseif (isset($tab['UNION'])) { $union = $tab['UNION']; foreach ($union as $tab) { if (!$this->validateSql($tab, $in, $sql)) { return false; } } return true; } else { return $this->validateSql($tab, $in, $sql); } } /** * Cut the request for check each cutting * * @param $tab * @param $in * @param $sql * @return bool */ public function validateSql($tab, $in, $sql) { if (!$this->testedRequired($tab)) { return false; } elseif (!$this->testedUnauthorized($tab)) { return false; } elseif (!$this->checkedFrom($tab['FROM'])) { return false; } elseif (!$this->checkedSelect($tab['SELECT'], $tab['FROM'], $in)) { return false; } elseif (isset($tab['WHERE'])) { if (!$this->checkedWhere($tab['WHERE'], $tab['FROM'], $sql)) { return false; } } elseif (isset($tab['HAVING'])) { if (!$this->checkedHaving($tab['HAVING'], $tab['FROM'])) { return false; } } elseif (isset($tab['ORDER'])) { if (!$this->checkedOrder($tab['ORDER'], $tab['FROM'])) { return false; } } elseif (isset($tab['GROUP'])) { if (!$this->checkedGroupBy($tab['GROUP'], $tab['FROM'])) { return false; } } elseif (isset($tab['LIMIT'])) { if (!$this->checkedLimit($tab['LIMIT'])) { return false; } } if (empty($this->_errors) && !Db::getInstance()->executeS($sql)) { return false; } return true; } /** * Get list of all tables * * @return array */ public function getTables() { $results = Db::getInstance()->executeS('SHOW TABLES'); foreach ($results as $result) { $key = array_keys($result); $tables[] = $result[$key[0]]; } return $tables; } /** * Get list of all attributes by an table * * @param $table * @return array */ public function getAttributesByTable($table) { return Db::getInstance()->executeS('DESCRIBE '.pSQL($table)); } /** * Cut an join sentence * * @param $attrs * @param $from * @return array|bool */ public function cutJoin($attrs, $from) { $tab = array(); foreach ($attrs as $attr) { if (in_array($attr['expr_type'], array('operator', 'const'))) { continue; } if ($attribut = $this->cutAttribute($attr['base_expr'], $from)) { $tab[] = $attribut; } } return $tab; } /** * Cut an attribute with or without the alias * * @param $attr * @param $from * @return array|bool */ public function cutAttribute($attr, $from) { $matches = array(); if (preg_match('/((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))\.((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))$/i', $attr, $matches, PREG_OFFSET_CAPTURE)) { $tab = explode('.', str_replace(array('`', '(', ')'), '', $matches[0][0])); if ($table = $this->returnNameTable($tab[0], $from)) { return array( 'table' => $table, 'alias' => $tab[0], 'attribut' => $tab[1], 'string' => $attr ); } } elseif (preg_match('/((`(\()?([a-z0-9_])+`(\))?)|((\()?([a-z0-9_])+(\))?))$/i', $attr, $matches, PREG_OFFSET_CAPTURE)) { $attribut = str_replace(array('`', '(', ')'), '', $matches[0][0]); if ($table = $this->returnNameTable(false, $from, $attr)) { return array( 'table' => $table, 'attribut' => $attribut, 'string' => $attr ); } } return false; } /** * Get name of table by alias * * @param bool $alias * @param $tables * @return array|bool */ public function returnNameTable($alias = false, $tables, $attr = null) { if ($alias) { foreach ($tables as $table) { if (isset($table['alias']) && isset($table['table']) && $table['alias']['no_quotes'] == $alias) { return array($table['table']); } } } elseif (count($tables) > 1) { if ($attr !== null) { $tab = array(); foreach ($tables as $table) { if ($this->attributExistInTable($attr, $table['table'])) { $tab = $table['table']; } } if (count($tab) == 1) { return $tab; } } $this->error_sql['returnNameTable'] = false; return false; } else { $tab = array(); foreach ($tables as $table) { $tab[] = $table['table']; } return $tab; } } /** * Check if an attributes existe in an table * * @param $attr * @param $table * @return bool */ public function attributExistInTable($attr, $table) { if (!$attr) { return true; } if (is_array($table) && (count($table) == 1)) { $table = $table[0]; } $attributs = $this->getAttributesByTable($table); foreach ($attributs as $attribut) { if ($attribut['Field'] == trim($attr, ' `')) { return true; } } return false; } /** * Check if all required sentence existing * * @param $tab * @return bool */ public function testedRequired($tab) { foreach ($this->tested['required'] as $key) { if (!array_key_exists($key, $tab)) { $this->error_sql['testedRequired'] = $key; return false; } } return true; } /** * Check if an unauthorized existing in an array * * @param $tab * @return bool */ public function testedUnauthorized($tab) { foreach ($this->tested['unauthorized'] as $key) { if (array_key_exists($key, $tab)) { $this->error_sql['testedUnauthorized'] = $key; return false; } } return true; } /** * Check a "FROM" sentence * * @param $from * @return bool */ public function checkedFrom($from) { $nb = count($from); for ($i = 0; $i < $nb; $i++) { $table = $from[$i]; if (isset($table['table']) && !in_array(str_replace('`', '', $table['table']), $this->getTables())) { $this->error_sql['checkedFrom']['table'] = $table['table']; return false; } if ($table['ref_type'] == 'ON' && (trim($table['join_type']) == 'LEFT' || trim($table['join_type']) == 'JOIN')) { if ($attrs = $this->cutJoin($table['ref_clause'], $from)) { foreach ($attrs as $attr) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedFrom']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedFrom'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedFrom'] = false; return false; } } } } return true; } /** * Check a "SELECT" sentence * * @param $select * @param $from * @param bool $in * @return bool */ public function checkedSelect($select, $from, $in = false) { $nb = count($select); for ($i = 0; $i < $nb; $i++) { $attribut = $select[$i]; if ($attribut['base_expr'] != '*' && !preg_match('/\.$/', $attribut['base_expr'])) { if ($attribut['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedSelect']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedSelect'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedSelect'] = false; return false; } } } } elseif ($in) { $this->error_sql['checkedSelect']['*'] = false; return false; } } return true; } /** * Check a "WHERE" sentence * * @param $where * @param $from * @param $sql * @return bool */ public function checkedWhere($where, $from, $sql) { $nb = count($where); for ($i = 0; $i < $nb; $i++) { $attribut = $where[$i]; if ($attribut['expr_type'] == 'colref' || $attribut['expr_type'] == 'reserved') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedWhere']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedWhere'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedWhere'] = false; return false; } } } elseif ($attribut['expr_type'] == 'operator') { if (!in_array(strtoupper($attribut['base_expr']), $this->tested['operator'])) { $this->error_sql['checkedWhere']['operator'] = array($attribut['base_expr']); return false; } } elseif ($attribut['expr_type'] == 'subquery') { $tab = $attribut['sub_tree']; return $this->validateParser($tab, true, $sql); } } return true; } /** * Check a "HAVING" sentence * * @param $having * @param $from * @return bool */ public function checkedHaving($having, $from) { $nb = count($having); for ($i = 0; $i < $nb; $i++) { $attribut = $having[$i]; if ($attribut['expr_type'] == 'colref') { if ($attr = $this->cutAttribute(trim($attribut['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedHaving']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedHaving'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedHaving'] = false; return false; } } } if ($attribut['expr_type'] == 'operator') { if (!in_array(strtoupper($attribut['base_expr']), $this->tested['operator'])) { $this->error_sql['checkedHaving']['operator'] = array($attribut['base_expr']); return false; } } } return true; } /** * Check a "ORDER" sentence * * @param $order * @param $from * @return bool */ public function checkedOrder($order, $from) { $order = $order[0]; if ($order['type'] == 'expression') { if ($attr = $this->cutAttribute(trim($order['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedOrder']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedOrder'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedOrder'] = false; return false; } } } return true; } /** * Check a "GROUP BY" sentence * * @param $group * @param $from * @return bool */ public function checkedGroupBy($group, $from) { $group = $group[0]; if ($group['type'] == 'expression') { if ($attr = $this->cutAttribute(trim($group['base_expr']), $from)) { if (!$this->attributExistInTable($attr['attribut'], $attr['table'])) { $this->error_sql['checkedGroupBy']['attribut'] = array($attr['attribut'], implode(', ', $attr['table'])); return false; } } else { if (isset($this->error_sql['returnNameTable'])) { $this->error_sql['checkedGroupBy'] = $this->error_sql['returnNameTable']; return false; } else { $this->error_sql['checkedGroupBy'] = false; return false; } } } return true; } /** * Check a "LIMIT" sentence * * @param $limit * @return bool */ public function checkedLimit($limit) { if (!preg_match('#^[0-9]+$#', trim($limit['start'])) || !preg_match('#^[0-9]+$#', trim($limit['end']))) { $this->error_sql['checkedLimit'] = false; return false; } return true; } }