ronin-sql 0.1.1 → 0.2.0

data/lib/ronin/code/sql/statement.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -22,10 +22,11 @@
 #
 
 require 'ronin/code/sql/expr'
+require 'ronin/code/sql/token'
 require 'ronin/code/sql/field'
 require 'ronin/code/sql/binary_expr'
 require 'ronin/code/sql/unary_expr'
-require 'ronin/code/sql/like_expr'
+require 'ronin/code/sql/like'
 require 'ronin/code/sql/in'
 require 'ronin/extensions/meta'
 
@@ -34,76 +35,145 @@ module Ronin
     module SQL
       class Statement < Expr
 
-        def initialize(style,&block)
-          super(style)
+        attr_reader :clauses
+
+        #
+        # Creates a new Statement object connected to the specified
+        # _dialect_. If a _block_ is given, it will be evaluated within
+        # the newly created Statement object.
+        #
+        def initialize(dialect,options={},&block)
+          super()
+
+          @dialect = dialect
+          @clauses = []
+
+          options.each do |name,args|
+            if self.class.has_clause?(name)
+              clause(name,*args)
+            end
+          end
 
           instance_eval(&block) if block
         end
 
-        protected
+        #
+        # Returns the Array denoting the precedence of clauses provided by
+        # the statement.
+        #
+        def self.clause_order
+          @@clause_order ||= []
+        end
 
-        def self.option(name,value=nil)
-          class_eval %{
-            def #{name}(&block)
-              instance_variable_set("@#{name}",true)
+        #
+        # Returns the Hash of the clause names and the Clause classes
+        # provided by the statement.
+        #
+        def self.clauses
+          @@clauses ||= {}
+        end
 
-              instance_eval(&block) if block
-              return self
-            end
-          }
+        #
+        # Returns +true+ if the statement provides a clause with the
+        # specified _name_, returns +false+ otherwise.
+        #
+        def self.has_clause?(name)
+          self.clauses.has_key?(name.to_sym)
+        end
+
+        #
+        # Returns +true+ if the statement has a clause with the specified
+        # _name_, returns +false+ otherwise.
+        #
+        def has_clause?(name)
+          index = self.class.clause_order.index(name.to_sym)
+
+          return !(@clauses[index].nil?)
+        end
 
-          class_def("#{name}?") do
-            if value
-              keyword(value.to_s) if instance_variable_get("@#{name}")
-            else
-              instance_variable_get("@#{name}")
+        #
+        # Returns the clause with the specified _name_.
+        #
+        def get_clause(name)
+          index = self.class.clause_order.index(name.to_sym)
+
+          return @clauses[index]
+        end
+
+        #
+        # Returns an Array of unformatted tokens that represent the
+        # statement.
+        #
+        def emit
+          tokens = []
+
+          @clauses.each do |clause|
+            if clause
+              tokens += clause.emit
             end
           end
+
+          return tokens
         end
 
-        def self.option_list(name,values=[])
-          values.each do |opt|
-            class_eval %{
-              def #{opt}_#{name}(&block)
-                instance_variable_set("@#{name}",'#{opt.to_s.upcase}')
+        protected
 
-                instance_eval(&block) if block
-                return self
-              end
-            }
+        #
+        # Adds a clause with the specified _name_, _clause_type_ and given
+        # _options_ to the statement.
+        #
+        # _options_ may contain the following:
+        # <tt>:before</tt>:: The name of the clause to take precedence
+        #                    over.
+        # <tt>:after</tt>:: The name of the clause which will take
+        #                   precedence over the newly added clause.
+        #
+        def self.clause(name,clause_type,options={})
+          name = name.to_sym
+          index = self.clause_order.length
+
+          if options[:before]
+            index = self.clause_order.index(options[:before])
+          elsif options[:after]
+            index = self.clause_order.index(options[:after]) + 1
           end
 
-          class_def("#{name}?") do
-            opt = instance_variable_get("@#{name}")
+          self.clause_order.insert(index,name)
+          self.clauses[name] = clause_type
 
-            return keyword(opt) if opt
-            return nil
+          if clause_type.kind_of?(Class)
+            class_def(name) { |*args| clause(name,*args) }
+          else
+            class_def(name) { clause(name) }
           end
-        end
 
-        def all
-          field_cache[:'*']
+          return clause_type
         end
 
-        def id
-          field_cache[:id]
-        end
+        def clause(name,*arguments)
+          clause_index = self.class.clause_order.index(name)
 
-        def method_missing(sym,*args,&block)
-          if @style.dialect.expresses?(sym)
-            return @style.dialect.express(sym,*args,&block)
-          end
+          unless (@clauses[clause_index] && arguments.empty?)
+            clause_type = self.class.clauses[name]
 
-          # return a field
-          return @style.dialect.field(sym) if args.empty?
+            @clauses[clause_index] = clause_type.new(*arguments)
+          end
 
-          return super(sym,*args,&block)
+          return @clauses[clause_index]
         end
 
-        private
+        def select(options={},&block)
+          @dialect.statement(:select,options,&block)
+        end
 
-        def field_cache
-          @field_cache ||= Hash.new { |hash,key| hash[key] = Field.new(@style,key) }
+        def method_missing(name,*arguments,&block)
+          if @dialect.has_statement?(name)
+            return @dialect.statement(name,*arguments,&block)
+          elsif @dialect.class.public_method_defined?(name)
+            return @dialect.send(name,*arguments,&block)
+          elsif (arguments.empty? && block.nil?)
+            return @dialect.field(name)
+          end
         end
 
       end

data/lib/ronin/code/sql/token.rb

@@ -0,0 +1,64 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/emittable'
+require 'ronin/code/token'
+
+module Ronin
+  module Code
+    module SQL
+      class Token < Code::Token
+
+        include Emittable
+
+        #
+        # Creates a new Token object with the specified _value_.
+        #
+        def initialize(value)
+          @value = value
+        end
+
+        def Token.quote
+          Token.new("'")
+        end
+
+        def Token.separator
+          Token.new(';')
+        end
+
+        def Token.open_paren
+          Token.new('(')
+        end
+
+        def Token.close_paren
+          Token.new(')')
+        end
+
+        def Token.comma
+          Token.new(',')
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/unary_expr.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -28,15 +28,19 @@ module Ronin
     module SQL
       class UnaryExpr < Expr
 
-        def initialize(style,op,expr)
-          super(style)
+        # Operator
+        attr_reader :op
 
+        # Expression
+        attr_reader :expr
+
+        def initialize(op,expr)
           @op = op
           @expr = expr
         end
 
-        def compile
-          compile_expr(compile_keyword(@op),@expr)
+        def emit
+          emit_token(@op) + emit_value(@expr)
         end
 
       end

data/lib/ronin/code/sql/union_all_clause.rb

@@ -0,0 +1,44 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class UnionAllClause < Clause
+
+        attr_accessor :select
+
+        def initialize(select)
+          @select = select
+        end
+
+        def emit
+          emit_token('UNION ALL') + emit_statement(@select)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/union_clause.rb

@@ -0,0 +1,44 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class UnionClause < Clause
+
+        attr_accessor :select
+
+        def initialize(select)
+          @select = select
+        end
+
+        def emit
+          emit_token('UNION') + emit_statement(@select)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/update.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -22,18 +22,21 @@
 #
 
 require 'ronin/code/sql/statement'
+require 'ronin/code/sql/set_clause'
+require 'ronin/code/sql/where_clause'
 
 module Ronin
   module Code
     module SQL
       class Update < Statement
 
-        def initialize(style,table=nil,set_data={},where_expr=nil,&block)
+        clause :set, SetClause
+        clause :where, WhereClause
+
+        def initialize(dialect,table=nil,options={},&block)
           @table = table
-          @set_data = set_data
-          @where_expr = where_expr
 
-          super(style,&block)
+          super(dialect,options,&block)
         end
 
         def table(value)
@@ -41,32 +44,8 @@ module Ronin
           return self
         end
 
-        def set(data)
-          @set_data = data
-          return self
-        end
-
-        def where(expr)
-          @where_expr = expr
-          return self
-        end
-
-        def compile
-          set_values = "#{keyword_set} "+@set_data.map { |name,value|
-      "#{name} = #{quote_string(value)}"
-          }.join(', ')
-
-          return compile_expr(keyword_update,@table,set_values,where?)
-        end
-
-        protected
-
-        keyword :update
-        keyword :where
-        keyword :set
-
-        def where?
-          compile_expr(keyword_where,@where_expr) if @where_expr
+        def emit
+          emit_token('UPDATE') + emit_value(@table) + super
         end
 
       end

data/lib/ronin/code/sql/values_clause.rb

@@ -0,0 +1,48 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class ValuesClause < Clause
+
+        # Values of the clause
+        attr_accessor :values
+
+        #
+        # Creates a new ValuesClause object with the specified _values_.
+        #
+        def initialize(*values)
+          @values = values
+        end
+
+        def emit
+          emit_token('VALUES') + emit_row(@values)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/where_clause.rb

@@ -0,0 +1,44 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class WhereClause < Clause
+
+        attr_accessor :expr
+
+        def initialize(expr)
+          @expr = expr
+        end
+
+        def emit
+          emit_token('WHERE') + emit_value(@expr)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by

data/lib/ronin/sql/error/error.rb

@@ -0,0 +1,64 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/sql/error/pattern'
+
+module Ronin
+  module SQL
+    module Error
+      #
+      # Returns all defined SQL Pattern objects.
+      #
+      def Error.patterns
+        @@ronin_sql_error_patterns ||= {}
+      end
+
+      #
+      # Defines a new SQL Pattern object with the given _options_.
+      #
+      def Error.pattern(name,&block)
+        pattern = (Error.patterns[name] ||= Pattern.new(name))
+
+        block.call(pattern) if block
+        return pattern
+      end
+
+      #
+      # Returns the SQL Pattern objects with the specified _names_.
+      #
+      def Error.patterns_for(*names)
+        names.map { |name| Error.patterns[name] }.compact
+      end
+
+      #
+      # Returns the SQL Pattern objects for the dialect with the
+      # specified _name_.
+      #
+      def Error.patterns_for_dialect(name)
+        Error.patterns.values.select do |pattern|
+          pattern.dialect == name
+        end
+      end
+    end
+  end
+end