Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package eg.edu.alexu.csd.oop.CheckingQuery;
- import com.sun.org.apache.xpath.internal.operations.Bool;
- import java.util.regex.Matcher;
- import java.util.regex.Pattern;
- public class checkingInputs {
- Pattern pattern1;
- Matcher matcher1;
- static String RI1 = "INSERT +INTO +([a-zA-Z_][a-zA-Z0-9_]*) *\\( *(([a-zA-Z_][a-zA-Z0-9_]*)( *, *([a-zA-Z_][a-zA-Z0-9_]*))*) *\\) *"
- + "VALUES *\\( *((('[^']+')|(\\d+)|(\"[^\"]+\"))( *, *(('[^']+')|(\\d+)|(\"[^\"]+\")))*) *\\) *;*";
- static String RI2 = "INSERT +INTO +([a-zA-Z_][a-zA-Z0-9_]*) *"
- + "VALUES *\\( *((('[^']+')|(\\d+)|(\"[^\"]+\"))( *, *(('[^']+')|(\\d+)|(\"[^\"]+\")))*) *\\) *;*";
- static String RCT = "CREATE+\\s+TABLE+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *\\( *([a-zA-Z_][a-zA-Z0-9_]* + *(int|varchar))( *, *([a-zA-Z_][a-zA-Z0-9_]* *+(int|varchar)))* *\\) *;";
- static String RDD = "DROP\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
- static String RDT = "DROP\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
- static String RC = "CREATE\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
- static String RD1 = "DELETE +FROM +([a-zA-Z_][a-zA-Z0-9_]*) +WHERE +(.+) *;";
- static String RD2 = "DELETE +FROM +([a-zA-Z_][a-zA-Z0-9_]*) *;";
- static String RS1 = "SELECT\\s*+(\\*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*) +WHERE +([^;]+)*+;";
- static String RS2 = "SELECT\\s*+(\\*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*)*+;";
- static String RS3 = "SELECT\\s*+(([A-Za-z_][A-Za-z0-9_]*)( *, *[A-Za-z_][A-Za-z0-9_]*)*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*)*+;";
- static String RS4 = "SELECT\\s*+(([A-Za-z_][A-Za-z0-9_]*)( *, *[A-Za-z_][A-Za-z0-9_]*)*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*) +WHERE +([^;]+)*+;";
- static String RU1 = "UPDATE+\\s+([a-zA-Z_][a-zA-Z0-9_]*)+\\s+SET+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *= *(('[^']+')|(\\d+)|(\"[^\"]+\"))"
- + "( *, *([A-Za-z_][A-Za-z0-9_]*) *= *((\".+\")|('.+')|(\\d+)))* +WHERE +([^;]+) *;";
- static String RU2 = "UPDATE+\\s+([a-zA-Z_][a-zA-Z0-9_]*)+\\s+SET+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *= *(('[^']+')|(\\d+)|(\"[^\"]+\"))"
- + "( *, *([A-Za-z_][A-Za-z0-9_]*) *= *((\".+\")|('.+')|(\\d+)))* *;";
- static String[] Regex = new String[]{RI1,RI2,RCT,RDD,RDT,RC,RD1,RD2,RS1,RS2,RS3,RS4,RU1,RU2};
- public static boolean sytnaxVlidator(String sqlQueries, String operation) {
- boolean check=false;
- String REGEX = "((CREATE +TABLE)|(CREATE +DATABASE)|(DROP +TABLE)|(DROP +DATABASE)|(UPDATE +FROM)|(SELECT +FROM)|(INSERT +INTO)|(DELETE +FROM)).*";
- Pattern pattern = Pattern.compile(REGEX, Pattern.CASE_INSENSITIVE);
- Matcher m = pattern.matcher(sqlQueries);
- if (m.matches()) {
- String keyWord = m.group(1);
- keyWord = keyWord.toUpperCase();
- keyWord = keyWord.replaceAll(" +", "");
- if (keyWord.equals(operation.toUpperCase())) {
- check=inputParser(sqlQueries);
- }
- } else {
- System.out.println("syntax error");
- }
- return check;
- }
- public static boolean inputParser(String query){
- Pattern pattern1;
- Matcher matcher1;
- for(int i=0;i<Regex.length;i++){
- pattern1 = Pattern.compile(Regex[i], Pattern.CASE_INSENSITIVE);
- matcher1 = pattern1.matcher(query);
- if (matcher1.matches())
- return true;
- }
- return false;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement