Comments (5)
craigfrancis
commented on June 12, 2024
1
I don't have any real examples, but how about?
SELECT * FROM cmsdomain WHERE url LIKE "%?%";SELECT * FROM cmsdomain WHERE url LIKE "%:tag_name%";SELECT * FROM cmsdomain WHERE cmsdomainid IN (1,2) /* What about 3? */SELECT * FROM cmsdomain WHERE 1=2; -- :TODO?
from phpstan-dba.
craigfrancis
commented on June 12, 2024
Might be worth looking at the PDO function that parses parameters, to see how it works.
It seems to use pdo_parse_params(), which is a bit more complicated than using the BINDCHR regex by itself (used later as PDO_PARSER_BIND).
It supports escaped question marks (??), comments (/* What about X? */ or -- To fix?), and quoted string values (see ANYNOEOF?).
from phpstan-dba.
staabm
commented on June 12, 2024
Would be great if you could provide failling testcases if you have special cases in mind
from phpstan-dba.
staabm
commented on June 12, 2024
I don't have any real examples, but how about?
* `SELECT * FROM cmsdomain WHERE url LIKE "%?%";` * `SELECT * FROM cmsdomain WHERE url LIKE "%:tag_name%";` * `SELECT * FROM cmsdomain WHERE cmsdomainid IN (1,2) /* What about 3? */` * `SELECT * FROM cmsdomain WHERE 1=2; -- :TODO?`
these basic examples are now covered by #145
still on the long run we might better use a sql parser. lets see whether people report problems with their queries when running phpstan-dba on real projects
from phpstan-dba.
staabm
commented on June 12, 2024
on twitter the SQLFTW/sqlftw project was suggested as a proper parser
from phpstan-dba.
Related Issues (20)
- Unexpected query error
- Unexpected query error
- Inconsistency for string in query check between Record and Replay HOT 4
- `PDO::FETCH_KEY_PAIR` errors when selecting not exactly 2 columns
- SqlAst: throw when used with pgsql
- Argument expects a literal string, got literal-string HOT 5
- Connection::insert data inference does not use indicated Types HOT 4
- mysqli: error on invalid escaping HOT 5
- Query AST analysis? HOT 2
- Get AST data from `$queryReflection->getResultType` HOT 15
- AST doubts regarding null/not-null HOT 4
- AST: inconsistent behavior with functions and aliases HOT 4
- Analyzing multiple connections HOT 6
- Right vs left join HOT 2
- AST: generic operator support HOT 2
- pgsql support for AST HOT 2
- give up sql based narrowing in case sqlftw cannot parse the query
- pgsql support for uuid type
- Support for (PDO->prepare())->execute() HOT 6
- generic type mysqli_result error with phpstan v1.10.36 and v1.10.37 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpstan-dba.