-
Notifications
You must be signed in to change notification settings - Fork 159
/
Copy pathRawQuerySniff.php
85 lines (82 loc) · 2.13 KB
/
RawQuerySniff.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento2\Sniffs\SQL;
use PHP_CodeSniffer\Sniffs\Sniff;
use PHP_CodeSniffer\Files\File;
use PHP_CodeSniffer\Util\Tokens;
/**
* Detects possible raw SQL queries.
*/
class RawQuerySniff implements Sniff
{
/**
* String representation of warning.
*
* @var string
*/
protected $warningMessage = 'Possible raw SQL statement %s detected.';
/**
* Warning violation code.
*
* @var string
*/
protected $warningCode = 'FoundRawSql';
/**
* List of SQL statements.
*
* @var array
*/
protected $statements = [
'SELECT',
'UPDATE',
'INSERT',
'CREATE',
'DELETE',
'ALTER',
'DROP',
'TRUNCATE'
];
/**
* List of query functions.
*
* @var array
*/
protected $queryFunctions = [
'query'
];
/**
* @inheritdoc
*/
public function register()
{
return array_merge(Tokens::$stringTokens, [T_HEREDOC, T_NOWDOC]);
}
/**
* @inheritdoc
*/
public function process(File $phpcsFile, $stackPtr)
{
$tokens = $phpcsFile->getTokens();
$ignoredTokens = array_merge([T_WHITESPACE, T_OPEN_PARENTHESIS], Tokens::$stringTokens);
$prev = $tokens[$phpcsFile->findPrevious($ignoredTokens, $stackPtr - 1, null, true)];
if ($prev['code'] === T_EQUAL
|| ($prev['code'] === T_STRING && in_array($prev['content'], $this->queryFunctions))
|| in_array($tokens[$stackPtr]['code'], [T_HEREDOC, T_NOWDOC])
) {
$trim = function ($str) {
return trim(str_replace(['\'', '"'], '', $str));
};
if (preg_match('/^(' . implode('|', $this->statements) . ')\s/i', $trim($tokens[$stackPtr]['content']))) {
$phpcsFile->addWarning(
$this->warningMessage,
$stackPtr,
$this->warningCode,
[trim($tokens[$stackPtr]['content'])]
);
}
}
}
}