|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* @author Jared King <[email protected]> |
|
5
|
|
|
* |
|
6
|
|
|
* @link http://jaredtking.com |
|
7
|
|
|
* |
|
8
|
|
|
* @copyright 2015 Jared King |
|
9
|
|
|
* @license MIT |
|
10
|
|
|
*/ |
|
11
|
|
|
namespace JAQB\Statement; |
|
12
|
|
|
|
|
13
|
|
|
abstract class Statement |
|
14
|
|
|
{ |
|
15
|
|
|
/** |
|
16
|
|
|
* @var array |
|
17
|
|
|
*/ |
|
18
|
|
|
protected $values = []; |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* Generates the raw SQL string for the statement. |
|
22
|
|
|
* |
|
23
|
|
|
* @return string |
|
24
|
|
|
*/ |
|
25
|
|
|
abstract public function build(); |
|
26
|
|
|
|
|
27
|
|
|
/** |
|
28
|
|
|
* Gets the values associated with this statement. |
|
29
|
|
|
* |
|
30
|
|
|
* @return array |
|
31
|
|
|
*/ |
|
32
|
|
|
public function getValues() |
|
33
|
|
|
{ |
|
34
|
|
|
return $this->values; |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
/** |
|
38
|
|
|
* Escapes potentially reserved keywords in identifiers by wrapping them |
|
39
|
|
|
* with the escape character as necessary. |
|
40
|
|
|
* |
|
41
|
|
|
* @param string $word |
|
42
|
|
|
* @param string $escapeChar |
|
43
|
|
|
* |
|
44
|
|
|
* @return string escaped identifier |
|
45
|
|
|
*/ |
|
46
|
|
|
protected function escapeIdentifier($word, $escapeChar = '`') |
|
47
|
|
|
{ |
|
48
|
|
|
if (is_array($word) || is_object($word) || is_numeric($word)) { |
|
49
|
|
|
return ''; |
|
50
|
|
|
} |
|
51
|
|
|
|
|
52
|
|
|
$spaces = explode(' ', $word); |
|
53
|
|
|
foreach ($spaces as &$space) { |
|
54
|
|
|
if (strtolower($space) == 'as') { |
|
55
|
|
|
$space = 'AS'; |
|
56
|
|
|
} else { |
|
57
|
|
|
$periods = explode('.', $space); |
|
58
|
|
|
foreach ($periods as &$period) { |
|
59
|
|
|
// escape identifiers that are: [0-9,a-z,A-Z$_] |
|
60
|
|
|
if (preg_match('/^[A-Za-z0-9_$]*$/', $period)) { |
|
61
|
|
|
$period = $escapeChar.$period.$escapeChar; |
|
62
|
|
|
// do not use an identifier that contains something other than: |
|
63
|
|
|
// alpha-numeric, _, $, *, /, +, -, (, ) |
|
|
|
|
|
|
64
|
|
|
} elseif (!preg_match('/^[A-Za-z0-9_$\*\/\+\-\(\)]*$/', $period)) { |
|
65
|
|
|
$period = ''; |
|
66
|
|
|
} |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
$space = implode('.', $periods); |
|
70
|
|
|
} |
|
71
|
|
|
} |
|
72
|
|
|
|
|
73
|
|
|
return implode(' ', $spaces); |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
/** |
|
77
|
|
|
* Parameterizes a function using indexed placeholders. |
|
78
|
|
|
* |
|
79
|
|
|
* @param string $value |
|
80
|
|
|
* |
|
81
|
|
|
* @return string |
|
82
|
|
|
*/ |
|
83
|
|
|
protected function parameterize($value) |
|
84
|
|
|
{ |
|
85
|
|
|
// numbered parameters |
|
86
|
|
|
$this->values[] = $value; |
|
87
|
|
|
|
|
88
|
|
|
return '?'; |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
/** |
|
92
|
|
|
* Parameterizes a list of values. |
|
93
|
|
|
* |
|
94
|
|
|
* @param array $values |
|
95
|
|
|
* |
|
96
|
|
|
* @return string |
|
97
|
|
|
*/ |
|
98
|
|
|
protected function parameterizeValues(array $values) |
|
99
|
|
|
{ |
|
100
|
|
|
foreach ($values as &$value) { |
|
101
|
|
|
$value = $this->parameterize($value); |
|
102
|
|
|
} |
|
103
|
|
|
|
|
104
|
|
|
return '('.implode(',', $values).')'; |
|
105
|
|
|
} |
|
106
|
|
|
} |
|
107
|
|
|
|
jaredtking /
jaqb
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.