ronin-sql 0.1.0

data/lib/ronin/code/sql/statement.rb

@@ -0,0 +1,112 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/expr'
+require 'ronin/code/sql/field'
+require 'ronin/code/sql/binary_expr'
+require 'ronin/code/sql/unary_expr'
+require 'ronin/code/sql/like_expr'
+require 'ronin/code/sql/in'
+require 'ronin/extensions/meta'
+
+module Ronin
+  module Code
+    module SQL
+      class Statement < Expr
+
+        def initialize(style,&block)
+          super(style)
+
+          instance_eval(&block) if block
+        end
+
+        protected
+
+        def self.option(name,value=nil)
+          class_eval %{
+            def #{name}(&block)
+              instance_variable_set("@#{name}",true)
+
+              instance_eval(&block) if block
+              return self
+            end
+          }
+
+          class_def("#{name}?") do
+            if value
+              keyword(value.to_s) if instance_variable_get("@#{name}")
+            else
+              instance_variable_get("@#{name}")
+            end
+          end
+        end
+
+        def self.option_list(name,values=[])
+          values.each do |opt|
+            class_eval %{
+              def #{opt}_#{name}(&block)
+                instance_variable_set("@#{name}",'#{opt.to_s.upcase}')
+
+                instance_eval(&block) if block
+                return self
+              end
+            }
+          end
+
+          class_def("#{name}?") do
+            opt = instance_variable_get("@#{name}")
+
+            return keyword(opt) if opt
+            return nil
+          end
+        end
+
+        def all
+          field_cache['*'.to_sym]
+        end
+
+        def id
+          field_cache[:id]
+        end
+
+        def method_missing(sym,*args,&block)
+          if @style.dialect.expresses?(sym)
+            return @style.dialect.express(sym,*args,&block)
+          end
+
+          # return a field
+          return @style.dialect.field(sym) if args.empty?
+
+          return super(sym,*args,&block)
+        end
+
+        private
+
+        def field_cache
+          @field_cache ||= Hash.new { |hash,key| hash[key] = Field.new(@style,key) }
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/style.rb

@@ -0,0 +1,170 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/dialect'
+require 'ronin/code/sql/common_dialect'
+
+module Ronin
+  module Code
+    module SQL
+      class Style
+
+        # The dialect of SQL
+        attr_reader :dialect
+
+        # Use single-line or multi-line style
+        attr_accessor :multiline
+
+        # Use lowercase style
+        attr_accessor :lowercase
+
+        # Compile with less parenthesis
+        attr_accessor :less_parenthesis
+
+        # Space string
+        attr_accessor :space
+
+        # New-line string
+        attr_accessor :newline
+
+        def initialize(options={})
+          @dialect = Dialect.get_dialect(options[:dialect] || :common).new(self)
+
+          if options[:multiline].nil?
+            @multiline = true
+          else
+            @multiline = options[:multiline]
+          end
+
+          if options[:lowercase].nil?
+            @lowercase = false
+          else
+            @lowercase = options[:lowercase]
+          end
+
+          if options[:less_parenthesis].nil?
+            @less_parenthesis = false
+          else
+            @less_parenthesis = options[:less_parenthesis]
+          end
+
+          @space = (options[:space] || ' ')
+          @newline = (options[:newline] || "\n")
+        end
+
+        def compile_space
+          if @space.kind_of?(Array)
+            return @space[rand(@space.length)].to_s
+          else
+            return @space.to_s
+          end
+        end
+
+        def preappend_space(str)
+          compile_space + str.to_s
+        end
+
+        def append_space(str)
+          str.to_s + compile_space
+        end
+
+        def compile_newline
+          return compile_space unless @multiline
+
+          if @newline.kind_of?(Array)
+            return @newline[@newline.length * rand].to_s
+          else
+            return @newline.to_s
+          end
+        end
+
+        def quote_string(data)
+         "'" + data.to_s.sub("'","''") + "'"
+        end
+
+        def compile_keyword(name)
+          name = name.to_s
+
+          if @lowercase
+            return name.downcase
+          else
+            return name.upcase
+          end
+        end
+
+        def compile_list(*exprs)
+          exprs = exprs.flatten
+
+          unless @less_parenthesis
+            return exprs.compact.join(append_space(','))
+          else
+            return exprs.compact.join(',')
+          end
+        end
+
+        def compile_datalist(*exprs)
+          compile_row( exprs.flatten.map { |expr| compile_data(value) } )
+        end
+
+        def compile_row(*exprs)
+          exprs = exprs.flatten
+
+          unless exprs.length==1
+            unless @less_parenthesis
+              return "(#{compile_list(exprs)})"
+            else
+              return compile_list(exprs)
+            end
+          else
+            return exprs[0].to_s
+          end
+        end
+
+        def compile_data(data)
+          if data.kind_of?(Statement)
+            return "(#{data})"
+          elsif data.kind_of?(Array)
+            return compile_datalist(data)
+          elsif data.kind_of?(String)
+            return quote_string(data)
+          else
+            return data.to_s
+          end
+        end
+
+        def compile_expr(*expr)
+          expr.compact.join(compile_space).strip
+        end
+
+        def compile_statements(statements,separator=compile_newline)
+          if @multiline
+            return statements.join(compile_newline)
+          else
+            return statements.join(append_space(';'))
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/unary_expr.rb

@@ -0,0 +1,45 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/expr'
+
+module Ronin
+  module Code
+    module SQL
+      class UnaryExpr < Expr
+
+        def initialize(style,op,expr)
+          super(style)
+
+          @op = op
+          @expr = expr
+        end
+
+        def compile
+          compile_expr(compile_keyword(@op),@expr)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/update.rb

@@ -0,0 +1,75 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/statement'
+
+module Ronin
+  module Code
+    module SQL
+      class Update < Statement
+
+        def initialize(style,table=nil,set_data={},where_expr=nil,&block)
+          @table = table
+          @set_data = set_data
+          @where_expr = where_expr
+
+          super(style,&block)
+        end
+
+        def table(value)
+          @table = value
+          return self
+        end
+
+        def set(data)
+          @set_data = data
+          return self
+        end
+
+        def where(expr)
+          @where_expr = expr
+          return self
+        end
+
+        def compile
+          set_values = "#{keyword_set} "+@set_data.map { |name,value|
+      "#{name} = #{quote_string(value)}"
+          }.join(', ')
+
+          return compile_expr(keyword_update,@table,set_values,where?)
+        end
+
+        protected
+
+        keyword :update
+        keyword :where
+        keyword :set
+
+        def where?
+          compile_expr(keyword_where,@where_expr) if @where_expr
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/sql.rb

@@ -0,0 +1,28 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql'
+require 'ronin/sql/extensions'
+require 'ronin/sql/error'
+require 'ronin/sql/sql'
+require 'ronin/sql/version'

data/lib/ronin/sql/error.rb

@@ -0,0 +1,52 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+module Ronin
+  module SQL
+    class Error
+
+      # SQL error type
+      attr_reader :type
+
+      # SQL error message
+      attr_reader :message
+
+      #
+      # Creates a new SQL Error object with the specified _type_ and
+      # _message_.
+      #
+      def initialize(type,message)
+        @type = type
+        @message = message
+      end
+
+      #
+      # Returns the message in String form.
+      #
+      def to_s
+        @message.to_s
+      end
+
+    end
+  end
+end