function SQL语句解析函数($sql) { global $db,$MetaTables; //判断自定义表是否存在,如果不存在直接返回 //判断是否是联合全操作,是否有子查询,是否用left //如果有,则表示为手写SQL代码,不是系统生成,则直接返回,不进行过滤 $sql = trim($sql); $sqllower = strtolower($sqllower); if(substr($sqllower,0,strlen("create table"))=="create table") { return $sql; } if(substr($sqllower,0,strlen("drop table"))=="drop table") { return $sql; } if(substr($sqllower,0,strlen("check table"))=="check table") { return $sql; } if(substr($sqllower,0,strlen("optimize table"))=="optimize table") { return $sql; } if(substr($sqllower,0,strlen("repair table"))=="repair table") { return $sql; } if(substr($sqllower,0,strlen("analyze table"))=="analyze table") { return $sql; } //进行关键字过滤 $sql = eregi_replace(" From "," from ",$sql); $sql = eregi_replace(" FROM "," from ",$sql); $sql = eregi_replace(" Where "," where ",$sql); $sql = eregi_replace(" WHERE "," where ",$sql); $sql = eregi_replace(" Select "," select ",$sql); $sql = eregi_replace(" SELECT "," select ",$sql); $sql = eregi_replace(" Order By "," order by ",$sql); $sql = eregi_replace(" ORDER BY "," order by ",$sql); $sql = eregi_replace(" Update "," update ",$sql); $sql = eregi_replace(" UPDATE "," update ",$sql); $sql = eregi_replace(" Delete "," delete ",$sql); $sql = eregi_replace(" DELETE "," delete ",$sql); $sql = eregi_replace(" Limit "," limit ",$sql); $sql = eregi_replace(" LIMITE "," limit ",$sql); $sql = eregi_replace(" Left "," left ",$sql); $sql = eregi_replace(" LEFT "," left ",$sql); //处理SELECT if(substr($sql,0,strlen("select "))=="select ") { $FromArray = explode(" from ",$sql); //分析旧的SQL if($FromArray[1]!="") { $FromSelectArray = explode("select ",$FromArray[0]); $SQLArray['SelectText'] = $FromSelectArray[1]; $FromWhereArray = explode(" where ",$FromArray[1]); $SQLArray['FromText'] = $FromWhereArray[0]; //如果是两个表,直接返回,不做处理 $FromTablesArray = explode(",",$SQLArray['FromText']); if($FromTablesArray[1]!='') { print "两个表"; return $sql; } //拆分数据库和表 $FromDBArray = explode(".",$SQLArray['FromText']); if($FromDBArray[1]!="") { $SQLArray['FromText'] = $FromDBArray[1]; $SQLArray['DBText'] = $FromDBArray[0]; } $SQLArray['WhereText'] = $FromWhereArray[1]; $FromOrderByArray = explode(" order by ",$SQLArray['WhereText']); if($FromOrderByArray[1]!="") { $SQLArray['WhereText'] = $FromOrderByArray[0]; $SQLArray['OrderByText']= $FromOrderByArray[1]; } } //处理新的SQL,之前要进行判断表自定义表是否存在 $TABLENAME = $SQLArray['FromText']; $TABLENAME2 = "view_".$TABLENAME; if(in_array($TABLENAME2,$MetaTables)) { //自定义表存在 $MetaColumnNames = $db->MetaColumnNames($TABLENAME); $MetaColumnNames = array_keys($MetaColumnNames); $原表主键 = $MetaColumnNames[0]; $MetaColumnNames2 = $db->MetaColumnNames($TABLENAME2); $MetaColumnNames2 = array_keys($MetaColumnNames2); $新表主键 = $MetaColumnNames2[0]; array_shift($MetaColumnNames2); $自定义表字段列表 = join(',',$MetaColumnNames2); $SQLArray['SelectText'] .= ",".$自定义表字段列表; $SQLArray['FromText'] .= ",".$TABLENAME2; if($SQLArray['WhereText']!="") { $SQLArray['WhereText'] .= " and ".$TABLENAME.".".$原表主键."=".$TABLENAME2.".".$新表主键.""; } else { $SQLArray['WhereText'] = " ".$TABLENAME.".".$原表主键."=".$TABLENAME2.".".$新表主键.""; } } else { //不存在,直接返回 return $sql; } //形成新的SQL文件 $NEWTEXTSQL = "select ".$SQLArray['SelectText']." from ".$SQLArray['FromText'].""; if(TRIM($SQLArray['WhereText'])!="") { $NEWTEXTSQL .=" where ".$SQLArray['WhereText']; } if(TRIM($SQLArray['OrderByText'])!="") { $NEWTEXTSQL .=" order by ".$SQLArray['WhereText']; } //形成后返回 return $NEWTEXTSQL; //SELECT 部分结束 } //UPDATE //DELETE //INSERT INTO print_R($NEWTEXTSQL); print_R($SQLArray); }