SqlSrv::isValidDatabaseName() - Code Metrics - Inspection of "[TASK] Check valid database name specific for DBMS" - TYPO3/TYPO3.CMS - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 172cf1...660559 )

unknown

created 2020-03-01 19:09 UTC

SqlSrv::isValidDatabaseName() A

↳ Parent: SqlSrv

Complexity

Conditions	2
Paths	2

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	2
eloc	1
nc	2
nop	1
dl	0
loc	3
rs	10
c	0
b	0
f	0

<?php
declare(strict_types = 1);

namespace TYPO3\CMS\Install\SystemEnvironment\DatabaseCheck\Platform;

/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */

use TYPO3\CMS\Core\Database\Connection;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
use TYPO3\CMS\Core\Utility\GeneralUtility;

/**
 * @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API.
 */
class SqlSrv extends AbstractPlatform
{
    /**
     * https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
     *
     * @var int The maximum length of the schema name
     */
    protected const SCHEMA_NAME_MAX_LENGTH = 128;

    /**
     * SQL Server has a more complex naming schema for the collation.
     * For more information visit:
     * https://docs.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support
     *
     * Thus we need to check, whether the charset set here is part of the collation.
     *
     * @var array
     */
    protected $databaseCharsetToCheck = [
        '_UTF8',
    ];

    /**
     * SQL Server has a more complex naming schema for the collation.
     * For more information visit:
     * https://docs.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support
     *
     * Thus we need to check, whether the charset set here is part of the collation.
     *
     * @var array
     */
    protected $databaseServerCharsetToCheck = [
        '_UTF8'
    ];

    /**
     * Get all status information as array with status objects
     *
     * @return FlashMessageQueue
     * @throws \InvalidArgumentException
     * @throws \Doctrine\DBAL\DBALException
     */
    public function getStatus(): FlashMessageQueue
    {
        $defaultConnection = GeneralUtility::makeInstance(ConnectionPool::class)
            ->getConnectionByName(ConnectionPool::DEFAULT_CONNECTION_NAME);
        if (strpos($defaultConnection->getServerVersion(), 'mssql') !== 0) {
            return $this->messageQueue;
        }

        $this->checkDefaultDatabaseCharset($defaultConnection);
        $this->checkDefaultDatabaseServerCharset($defaultConnection);
        $this->checkDatabaseName($defaultConnection);

        return $this->messageQueue;
    }

    /**
     * Checks the character set of the database and reports an error if it is not utf-8.
     *
     * @param Connection $connection to the database to be checked
     */
    public function checkDefaultDatabaseCharset(Connection $connection): void
    {
        $defaultDatabaseCharset = $connection->executeQuery(
            'SELECT DATABASEPROPERTYEX(?,\'collation\')',
            [$connection->getDatabase()],
            [\PDO::PARAM_STR]
        )
            ->fetch(\PDO::FETCH_NUM);

        foreach ($this->databaseCharsetToCheck as $databaseCharsetToCheck) {
            if (!stripos($defaultDatabaseCharset[0], $databaseCharsetToCheck)) {
                $this->messageQueue->enqueue(new FlashMessage(
                    sprintf(
                        'Checking database character set failed, got key "%s" where "%s" is not part of the collation',
                        $defaultDatabaseCharset[0],
                        $databaseCharsetToCheck
                    ),
                    'SQL Server database character set check failed',
                    FlashMessage::ERROR
                ));
            } else {
                $this->messageQueue->enqueue(new FlashMessage(
                    '',
                    sprintf('SQL Server database uses %s. All good.', implode(' or ', $this->databaseCharsetToCheck))
                ));
            }
        }
    }

    /**
     * Checks the character set of the database server and reports an info if it is not utf-8.
     *
     * @param Connection $connection to the database to be checked
     */
    public function checkDefaultDatabaseServerCharset(Connection $connection): void
    {
        $defaultServerCharset = $connection->executeQuery('SELECT SERVERPROPERTY(\'Collation\')')
            ->fetch(\PDO::FETCH_NUM);

        foreach ($this->databaseServerCharsetToCheck as $databaseServerCharsetToCheck) {
            // is charset part of collation
            if (!stripos($defaultServerCharset[0], $databaseServerCharsetToCheck)) {
                $this->messageQueue->enqueue(new FlashMessage(
                    sprintf(
                        'Checking server character set failed, got key "%s" where "%s" is not part of the collation',
                        $defaultServerCharset[0],
                        $databaseServerCharsetToCheck
                    ),
                    'SQL Server database character set check failed',
                    FlashMessage::INFO
                ));
            } else {
                $this->messageQueue->enqueue(new FlashMessage(
                    '',
                    sprintf('SQL Server server default uses %s. All good.', implode(' or ', $this->databaseCharsetToCheck))
                ));
            }
        }
    }

    /**
     * Validate the database name
     * https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
     *
     * Examples:
     *
     * valid:
     *      _foo
     *      @foo
     *      #foo
     *      _floo1äea
     *      @foo111111111kemcie_l#@
     *
     * not valid:
     *      @@thisShouldNotBeValid
     *
     *
     * @param string $databaseName
     * @return bool
     */
    public static function isValidDatabaseName(string $databaseName): bool
    {
        return strlen($databaseName) <= static::SCHEMA_NAME_MAX_LENGTH && preg_match('/^(?!@@)[a-zA-Z0-9\$_@#\p{L}]*$/u', $databaseName);
    }

    protected function checkDatabaseName(Connection $connection): void
    {
        if (static::isValidDatabaseName($connection->getDatabase())) {
            return;
        }

        $this->messageQueue->enqueue(
            new FlashMessage(
                'The given database name must not be longer than ' . static::SCHEMA_NAME_MAX_LENGTH . ' characters'
                . ' and consist solely of basic latin letters (a-z), unicode characters, digits (0-9), dollar signs ($),'
                . ' symbol @, underscores (_) and does not start with "@@".',
                'Database name not valid',
                FlashMessage::ERROR
            )
        );
    }
}


1			<?php
2			declare(strict_types = 1);
3
4			namespace TYPO3\CMS\Install\SystemEnvironment\DatabaseCheck\Platform;
5
6			/*
7			* This file is part of the TYPO3 CMS project.
8			*
9			* It is free software; you can redistribute it and/or modify it under
10			* the terms of the GNU General Public License, either version 2
11			* of the License, or any later version.
12			*
13			* For the full copyright and license information, please read the
14			* LICENSE.txt file that was distributed with this source code.
15			*
16			* The TYPO3 project - inspiring people to share!
17			*/
18
19			use TYPO3\CMS\Core\Database\Connection;
20			use TYPO3\CMS\Core\Database\ConnectionPool;
21			use TYPO3\CMS\Core\Messaging\FlashMessage;
22			use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
23			use TYPO3\CMS\Core\Utility\GeneralUtility;
24
25			/**
26			* @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API.
27			*/
28			class SqlSrv extends AbstractPlatform
29			{
30			/**
31			* https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
32			*
33			* @var int The maximum length of the schema name
34			*/
35			protected const SCHEMA_NAME_MAX_LENGTH = 128;
36
37			/**
38			* SQL Server has a more complex naming schema for the collation.
39			* For more information visit:
40			* https://docs.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support
41			*
42			* Thus we need to check, whether the charset set here is part of the collation.
43			*
44			* @var array
45			*/
46			protected $databaseCharsetToCheck = [
47			'_UTF8',
48			];
49
50			/**
51			* SQL Server has a more complex naming schema for the collation.
52			* For more information visit:
53			* https://docs.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support
54			*
55			* Thus we need to check, whether the charset set here is part of the collation.
56			*
57			* @var array
58			*/
59			protected $databaseServerCharsetToCheck = [
60			'_UTF8'
61			];
62
63			/**
64			* Get all status information as array with status objects
65			*
66			* @return FlashMessageQueue
67			* @throws \InvalidArgumentException
68			* @throws \Doctrine\DBAL\DBALException
69			*/
70			public function getStatus(): FlashMessageQueue
71			{
72			$defaultConnection = GeneralUtility::makeInstance(ConnectionPool::class)
73			->getConnectionByName(ConnectionPool::DEFAULT_CONNECTION_NAME);
74			if (strpos($defaultConnection->getServerVersion(), 'mssql') !== 0) {
75			return $this->messageQueue;
76			}
77
78			$this->checkDefaultDatabaseCharset($defaultConnection);
79			$this->checkDefaultDatabaseServerCharset($defaultConnection);
80			$this->checkDatabaseName($defaultConnection);
81
82			return $this->messageQueue;
83			}
84
85			/**
86			* Checks the character set of the database and reports an error if it is not utf-8.
87			*
88			* @param Connection $connection to the database to be checked
89			*/
90			public function checkDefaultDatabaseCharset(Connection $connection): void
91			{
92			$defaultDatabaseCharset = $connection->executeQuery(
93			'SELECT DATABASEPROPERTYEX(?,\'collation\')',
94			[$connection->getDatabase()],
95			[\PDO::PARAM_STR]
96			)
97			->fetch(\PDO::FETCH_NUM);
98
99			foreach ($this->databaseCharsetToCheck as $databaseCharsetToCheck) {
100			if (!stripos($defaultDatabaseCharset[0], $databaseCharsetToCheck)) {
101			$this->messageQueue->enqueue(new FlashMessage(
102			sprintf(
103			'Checking database character set failed, got key "%s" where "%s" is not part of the collation',
104			$defaultDatabaseCharset[0],
105			$databaseCharsetToCheck
106			),
107			'SQL Server database character set check failed',
108			FlashMessage::ERROR
109			));
110			} else {
111			$this->messageQueue->enqueue(new FlashMessage(
112			'',
113			sprintf('SQL Server database uses %s. All good.', implode(' or ', $this->databaseCharsetToCheck))
114			));
115			}
116			}
117			}
118
119			/**
120			* Checks the character set of the database server and reports an info if it is not utf-8.
121			*
122			* @param Connection $connection to the database to be checked
123			*/
124			public function checkDefaultDatabaseServerCharset(Connection $connection): void
125			{
126			$defaultServerCharset = $connection->executeQuery('SELECT SERVERPROPERTY(\'Collation\')')
127			->fetch(\PDO::FETCH_NUM);
128
129			foreach ($this->databaseServerCharsetToCheck as $databaseServerCharsetToCheck) {
130			// is charset part of collation
131			if (!stripos($defaultServerCharset[0], $databaseServerCharsetToCheck)) {
132			$this->messageQueue->enqueue(new FlashMessage(
133			sprintf(
134			'Checking server character set failed, got key "%s" where "%s" is not part of the collation',
135			$defaultServerCharset[0],
136			$databaseServerCharsetToCheck
137			),
138			'SQL Server database character set check failed',
139			FlashMessage::INFO
140			));
141			} else {
142			$this->messageQueue->enqueue(new FlashMessage(
143			'',
144			sprintf('SQL Server server default uses %s. All good.', implode(' or ', $this->databaseCharsetToCheck))
145			));
146			}
147			}
148			}
149
150			/**
151			* Validate the database name
152			* https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
153			*
154			* Examples:
155			*
156			* valid:
157			* _foo
158			* @foo
159			* #foo
160			* _floo1äea
161			* @foo111111111kemcie_l#@
162			*
163			* not valid:
164			* @@thisShouldNotBeValid
165			*
166			*
167			* @param string $databaseName
168			* @return bool
169			*/
170			public static function isValidDatabaseName(string $databaseName): bool
171			{
172			return strlen($databaseName) <= static::SCHEMA_NAME_MAX_LENGTH && preg_match('/^(?!@@)[a-zA-Z0-9\$_@#\p{L}]*$/u', $databaseName);
173			}
174
175			protected function checkDatabaseName(Connection $connection): void
176			{
177			if (static::isValidDatabaseName($connection->getDatabase())) {
178			return;
179			}
180
181			$this->messageQueue->enqueue(
182			new FlashMessage(
183			'The given database name must not be longer than ' . static::SCHEMA_NAME_MAX_LENGTH . ' characters'
184			. ' and consist solely of basic latin letters (a-z), unicode characters, digits (0-9), dollar signs ($),'
185			. ' symbol @, underscores (_) and does not start with "@@".',
186			'Database name not valid',
187			FlashMessage::ERROR
188			)
189			);
190			}
191			}
192

TYPO3 / TYPO3.CMS

Push — master ( 172cf1...660559 )

SqlSrv::isValidDatabaseName() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like