RubyGems - MYSQLSafe - Versions diffs - 0.0.0 - Mend

MYSQLSafe 0.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    YTZiNmU3NjU1MTM2ODAxMThjYWM1NjljNTcxZjQzZTUyNzgxMmMyNA==
+  data.tar.gz: !binary |-
+    YTJhYmNjZTE5NTQ2OGMxZWUxMjZmNzFmYzExYzg5OTAyYzNmNDg0YQ==
+!binary "U0hBNTEy":
+  metadata.gz: !binary |-
+    NDQ0Y2IyYmJjODdmYzRkM2FhMDNkODhiMDFkNzE2NWQxMmM2MjJhMDJhNThi
+    MDVmMTcyZDBmOGEwZmQ5N2U1M2UzOGI0NTVhNDNhM2Q0ZTBhYTNiMmJlNjRh
+    NWRlMzY2MjE3YzExYTg4ZmVmZWY0NDBjODk1MDAwMjMyYWJlOWM=
+  data.tar.gz: !binary |-
+    Mjk2NzA1ZmIzMzdhMGQ3MGRmMTk1MWYyZDc0ZmQwZGI4OGJiMjVlMjczOTE2
+    OTdjNWU3NjljOWM3NTk4Yzg1YzM4YzM0YmZjZGVkNTJlYjcwMDU2MGNlMzYz
+    ODljNmVkMDRhMDRhNTAzMWI0Y2Y5NjRhZDA1YmI2NmUwN2NjN2Q=

data/lib/mysqlsafe.rb ADDED Viewed

@@ -0,0 +1,120 @@
+require 'mysql'
+class MYSQLSafe
+	attr_accessor :encoding
+	attr_reader :host, :database, :user, :password
+	def host=(host_string)
+		@host = esc_enc_string(host_string)
+	end
+	def database=(database_string)
+		@database = esc_enc_string(database_string)
+	end
+	def user=(user_string)
+		@user = esc_enc_string(user_string)
+	end
+	def password=(password_string)
+		@password = esc_enc_string(password_string)
+	end
+	def connect_safe(raw_sql)
+		sql = esc_enc_string(raw_sql)
+		if @host && @database && @user && password
+			begin
+				@cxtn = Mysql.new(@host, @db, @user, @password)
+				table_names = get_table_names
+				table_match = match_name(table_names, sql)
+				if table_match
+					column_names = get_column_names(match)
+					column_match = match_name(column_names, sql)
+				else
+					raise 'MYSQLSafe error: no valid table name could be found in your SQL statement'
+				end
+				if column_match
+					ticked_sql = tick_sql(sql, table_match, column_match)
+				else
+					raise 'MYSQLSafe error: no valid column name(s) could be found in your SQL statement'
+				end
+				mysql_object = cxtn.query(ticked_sql)
+				mysql_array = []
+				mysql_object.each { |row| mysql_array.push(row) }
+				return mysql_array
+			ensure
+				@cxtn.close
+			end
+		else
+			raise 'MYSQLSafe error: Host, Database, User and Password must be set to run a query'
+		end
+	end
+	private
+	def tick_sql(sql, table_array, column_array)
+		ticked_sql = sql.delete("`")
+		table_array.each do |name|
+			ticked_sql = ticked_sql.gsub(name, "`#{name}`")
+		end
+		column_array.each do |col|
+			ticked_sql = ticked_sql.gsub(col, "`#{col}`")
+		end
+		return ticked_sql
+	end
+	def get_column_names(table_name)
+		column_names_sql = "SELECT `COLUMN_NAME` FROM `INFORMATION_SCHEMA`.`COLUMNS` WHERE `TABLE_SCHEMA`='#{@database}' AND `TABLE_NAME`='#{table_name}';"
+		column_names_results_sql = query_safe(column_names_sql)
+		column_names = []
+		column_names_results_sql.each do |name|
+			column_names.push(name)
+		end
+		return column_names
+	end
+	def match_name(name_array, sql)
+		match = []
+		name_array.each do |name|
+			match.push(name) if sql.to_s.include?("#{name}=") || sql.to_s.match?(/#{name}\s+=/) || sql.to_s.match?(/#{name}`\s+=/)
+		end
+		if match.size > 0
+			return match
+		else
+			return false
+		end
+	end
+	def query_safe(dangerous_sql)
+		@cxtn.query(Mysql.escape_string(dangerous_sql))
+	end
+	def get_table_names
+		table_names_sql = "SHOW TABLES FROM `#{@database}`;"
+		table_names_results_sql = query_safe(table_names_sql)
+		table_names = []
+		table_names_results_sql.each do |name|
+			table_names.push(name)
+		end
+		return table_names
+	end
+	def esc_enc_string(string)
+		return esc_string(enc_string(string))
+	end
+	def enc_string(string)
+		return string.encode!("#{@encoding}", "#{@encoding}", :invalid => :replace)
+	end
+	def esc_string(string)
+		return Mysql.escape_string(string)
+	end
+end

metadata ADDED Viewed

@@ -0,0 +1,44 @@
+--- !ruby/object:Gem::Specification
+name: MYSQLSafe
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+platform: ruby
+authors:
+- Sam Nissen
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2013-08-29 00:00:00.000000000 Z
+dependencies: []
+description: Abstract common MYSQL functions to safely get and store data.
+email: scnissen@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/mysqlsafe.rb
+homepage:
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.0.3
+signing_key:
+specification_version: 4
+summary: Safe MYSQL Connections
+test_files: []