API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 21st, 2019
147
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.38 KB | None | 0 0
raw download clone embed print report
  1. package eg.edu.alexu.csd.oop.CheckingQuery;
  2. import com.sun.org.apache.xpath.internal.operations.Bool;
  3.  
  4. import java.util.regex.Matcher;
  5. import java.util.regex.Pattern;
  6.  
  7.  
  8.  
  9. public class checkingInputs {
  10. Pattern pattern1;
  11. Matcher matcher1;
  12.  
  13. static String RI1 = "INSERT +INTO +([a-zA-Z_][a-zA-Z0-9_]*) *\\( *(([a-zA-Z_][a-zA-Z0-9_]*)( *, *([a-zA-Z_][a-zA-Z0-9_]*))*) *\\) *"
  14. + "VALUES *\\( *((('[^']+')|(\\d+)|(\"[^\"]+\"))( *, *(('[^']+')|(\\d+)|(\"[^\"]+\")))*) *\\) *;*";
  15. static String RI2 = "INSERT +INTO +([a-zA-Z_][a-zA-Z0-9_]*) *"
  16. + "VALUES *\\( *((('[^']+')|(\\d+)|(\"[^\"]+\"))( *, *(('[^']+')|(\\d+)|(\"[^\"]+\")))*) *\\) *;*";
  17. static String RCT = "CREATE+\\s+TABLE+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *\\( *([a-zA-Z_][a-zA-Z0-9_]* + *(int|varchar))( *, *([a-zA-Z_][a-zA-Z0-9_]* *+(int|varchar)))* *\\) *;";
  18. static String RDD = "DROP\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
  19. static String RDT = "DROP\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
  20. static String RC = "CREATE\\s*+DATABASE\\s*+([A-Za-z_][A-Za-z0-9_]*) *;";
  21. static String RD1 = "DELETE +FROM +([a-zA-Z_][a-zA-Z0-9_]*) +WHERE +(.+) *;";
  22. static String RD2 = "DELETE +FROM +([a-zA-Z_][a-zA-Z0-9_]*) *;";
  23. static String RS1 = "SELECT\\s*+(\\*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*) +WHERE +([^;]+)*+;";
  24. static String RS2 = "SELECT\\s*+(\\*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*)*+;";
  25. static String RS3 = "SELECT\\s*+(([A-Za-z_][A-Za-z0-9_]*)( *, *[A-Za-z_][A-Za-z0-9_]*)*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*)*+;";
  26. static String RS4 = "SELECT\\s*+(([A-Za-z_][A-Za-z0-9_]*)( *, *[A-Za-z_][A-Za-z0-9_]*)*) +FROM\\s*+([A-Za-z_][A-Za-z0-9_]*) +WHERE +([^;]+)*+;";
  27. static String RU1 = "UPDATE+\\s+([a-zA-Z_][a-zA-Z0-9_]*)+\\s+SET+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *= *(('[^']+')|(\\d+)|(\"[^\"]+\"))"
  28. + "( *, *([A-Za-z_][A-Za-z0-9_]*) *= *((\".+\")|('.+')|(\\d+)))* +WHERE +([^;]+) *;";
  29. static String RU2 = "UPDATE+\\s+([a-zA-Z_][a-zA-Z0-9_]*)+\\s+SET+\\s+([a-zA-Z_][a-zA-Z0-9_]*) *= *(('[^']+')|(\\d+)|(\"[^\"]+\"))"
  30. + "( *, *([A-Za-z_][A-Za-z0-9_]*) *= *((\".+\")|('.+')|(\\d+)))* *;";
  31.  
  32. static String[] Regex = new String[]{RI1,RI2,RCT,RDD,RDT,RC,RD1,RD2,RS1,RS2,RS3,RS4,RU1,RU2};
  33.  
  34. public static boolean sytnaxVlidator(String sqlQueries, String operation) {
  35. boolean check=false;
  36. String REGEX = "((CREATE +TABLE)|(CREATE +DATABASE)|(DROP +TABLE)|(DROP +DATABASE)|(UPDATE +FROM)|(SELECT +FROM)|(INSERT +INTO)|(DELETE +FROM)).*";
  37. Pattern pattern = Pattern.compile(REGEX, Pattern.CASE_INSENSITIVE);
  38. Matcher m = pattern.matcher(sqlQueries);
  39. if (m.matches()) {
  40. String keyWord = m.group(1);
  41. keyWord = keyWord.toUpperCase();
  42. keyWord = keyWord.replaceAll(" +", "");
  43. if (keyWord.equals(operation.toUpperCase())) {
  44. check=inputParser(sqlQueries);
  45. }
  46. } else {
  47. System.out.println("syntax error");
  48. }
  49. return check;
  50. }
  51.  
  52. public static boolean inputParser(String query){
  53. Pattern pattern1;
  54. Matcher matcher1;
  55. for(int i=0;i<Regex.length;i++){
  56. pattern1 = Pattern.compile(Regex[i], Pattern.CASE_INSENSITIVE);
  57. matcher1 = pattern1.matcher(query);
  58. if (matcher1.matches())
  59. return true;
  60. }
  61. return false;
  62. }
  63. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!