Java Code Examples for com.mysql.cj.util.StringUtils#stripComments()
The following examples show how to use
com.mysql.cj.util.StringUtils#stripComments() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: StatementImpl.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Checks if the given SQL query with the given first non-ws char is a DML
* statement. Throws an exception if it is.
*
* @param sql
* the SQL to check
* @param firstStatementChar
* the UC first non-ws char of the statement
*
* @throws SQLException
* if the statement contains DML
*/
protected void checkForDml(String sql, char firstStatementChar) throws SQLException {
if ((firstStatementChar == 'I') || (firstStatementChar == 'U') || (firstStatementChar == 'D') || (firstStatementChar == 'A')
|| (firstStatementChar == 'C') || (firstStatementChar == 'T') || (firstStatementChar == 'R')) {
String noCommentSql = StringUtils.stripComments(sql, "'\"", "'\"", true, false, true, true);
if (StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "INSERT") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "UPDATE")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "DELETE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "DROP")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "CREATE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "ALTER")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "TRUNCATE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "RENAME")) {
throw SQLError.createSQLException(Messages.getString("Statement.57"), MysqlErrorNumbers.SQL_STATE_ILLEGAL_ARGUMENT, getExceptionInterceptor());
}
}
}
Example 2
| Source File: CallableStatement.java From lams with GNU General Public License v2.0 | 5 votes |
|
private String extractProcedureName() throws SQLException {
String sanitizedSql = StringUtils.stripComments(((PreparedQuery<?>) this.query).getOriginalSql(), "`\"'", "`\"'", true, false, true, true);
// TODO: Do this with less memory allocation
int endCallIndex = StringUtils.indexOfIgnoreCase(sanitizedSql, "CALL ");
int offset = 5;
if (endCallIndex == -1) {
endCallIndex = StringUtils.indexOfIgnoreCase(sanitizedSql, "SELECT ");
offset = 7;
}
if (endCallIndex != -1) {
StringBuilder nameBuf = new StringBuilder();
String trimmedStatement = sanitizedSql.substring(endCallIndex + offset).trim();
int statementLength = trimmedStatement.length();
for (int i = 0; i < statementLength; i++) {
char c = trimmedStatement.charAt(i);
if (Character.isWhitespace(c) || (c == '(') || (c == '?')) {
break;
}
nameBuf.append(c);
}
return nameBuf.toString();
}
throw SQLError.createSQLException(Messages.getString("CallableStatement.1"), MysqlErrorNumbers.SQL_STATE_GENERAL_ERROR, getExceptionInterceptor());
}
Example 3
| Source File: StatementImpl.java From FoxTelem with GNU General Public License v3.0 | 5 votes |
|
/**
* Checks if the given SQL query with the given first non-ws char is a DML
* statement. Throws an exception if it is.
*
* @param sql
* the SQL to check
* @param firstStatementChar
* the UC first non-ws char of the statement
*
* @throws SQLException
* if the statement contains DML
*/
protected void checkForDml(String sql, char firstStatementChar) throws SQLException {
if ((firstStatementChar == 'I') || (firstStatementChar == 'U') || (firstStatementChar == 'D') || (firstStatementChar == 'A')
|| (firstStatementChar == 'C') || (firstStatementChar == 'T') || (firstStatementChar == 'R')) {
String noCommentSql = StringUtils.stripComments(sql, "'\"", "'\"", true, false, true, true);
if (StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "INSERT") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "UPDATE")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "DELETE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "DROP")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "CREATE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "ALTER")
|| StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "TRUNCATE") || StringUtils.startsWithIgnoreCaseAndWs(noCommentSql, "RENAME")) {
throw SQLError.createSQLException(Messages.getString("Statement.57"), MysqlErrorNumbers.SQL_STATE_ILLEGAL_ARGUMENT, getExceptionInterceptor());
}
}
}
Example 4
| Source File: CallableStatement.java From FoxTelem with GNU General Public License v3.0 | 5 votes |
|
private String extractProcedureName() throws SQLException {
String sanitizedSql = StringUtils.stripComments(((PreparedQuery<?>) this.query).getOriginalSql(), "`\"'", "`\"'", true, false, true, true);
// TODO: Do this with less memory allocation
int endCallIndex = StringUtils.indexOfIgnoreCase(sanitizedSql, "CALL ");
int offset = 5;
if (endCallIndex == -1) {
endCallIndex = StringUtils.indexOfIgnoreCase(sanitizedSql, "SELECT ");
offset = 7;
}
if (endCallIndex != -1) {
StringBuilder nameBuf = new StringBuilder();
String trimmedStatement = sanitizedSql.substring(endCallIndex + offset).trim();
int statementLength = trimmedStatement.length();
for (int i = 0; i < statementLength; i++) {
char c = trimmedStatement.charAt(i);
if (Character.isWhitespace(c) || (c == '(') || (c == '?')) {
break;
}
nameBuf.append(c);
}
return nameBuf.toString();
}
throw SQLError.createSQLException(Messages.getString("CallableStatement.1"), MysqlErrorNumbers.SQL_STATE_GENERAL_ERROR, getExceptionInterceptor());
}
