Merge pull request #214 from devenbansod/fix/160

devenbansod · web-flow · commit af9b143518a8 · 2018-12-22T16:55:11.000+05:30
Throw a parser error on extraneous comma in UPDATE statement
diff --git a/src/Components/SetOperation.php b/src/Components/SetOperation.php
@@ -64,15 +64,22 @@ public static function parse(Parser $parser, TokensList $list, array $options =
          *
          * Below are the states of the parser.
          *
-         *      0 -------------------[ column name ]-------------------> 1
-         *
+         *      0 ---------------------[ col_name ]--------------------> 0
+         *      0 ------------------------[ = ]------------------------> 1
+         *      1 -----------------------[ value ]---------------------> 1
          *      1 ------------------------[ , ]------------------------> 0
-         *      1 ----------------------[ value ]----------------------> 1
          *
          * @var int
          */
         $state = 0;
 
+        /**
+         * Token when the parser has seen the latest comma
+         *
+         * @var Token
+         */
+        $commaLastSeenAt = null;
+
         for (; $list->idx < $list->count; ++$list->idx) {
             /**
              * Token parsed at this moment.
@@ -104,6 +111,8 @@ public static function parse(Parser $parser, TokensList $list, array $options =
                     $state = 1;
                 } elseif ($token->value !== ',') {
                     $expr->column .= $token->token;
+                } elseif ($token->value === ',') {
+                    $commaLastSeenAt = $token;
                 }
             } elseif ($state === 1) {
                 $tmp = Expression::parse(
@@ -122,11 +131,16 @@ public static function parse(Parser $parser, TokensList $list, array $options =
                 $ret[] = $expr;
                 $expr = new self();
                 $state = 0;
+                $commaLastSeenAt = null;
             }
         }
-
         --$list->idx;
 
+        // We saw a comma, but didn't see a column-value pair after it
+        if ($commaLastSeenAt !== null) {
+            $parser->error('Unexpected token.', $commaLastSeenAt);
+        }
+
         return $ret;
     }
 
diff --git a/tests/Parser/UpdateStatementTest.php b/tests/Parser/UpdateStatementTest.php
@@ -22,6 +22,7 @@ public function testUpdateProvider()
             array('parser/parseUpdate'),
             array('parser/parseUpdate2'),
             array('parser/parseUpdate3'),
+            array('parser/parseUpdateErr'),
         );
     }
 }
diff --git a/tests/data/parser/parseUpdateErr.in b/tests/data/parser/parseUpdateErr.in
@@ -0,0 +1,7 @@
+-- extraneous comma
+UPDATE
+    users
+SET
+    username = "Dan",
+    id=155,
+WHERE 1 = 1;
diff --git a/tests/data/parser/parseUpdateErr.out b/tests/data/parser/parseUpdateErr.out
@@ -0,0 +1,19 @@
+a:4:{s:5:"query";s:87:"-- extraneous comma
+UPDATE
+    users
+SET
+    username = "Dan",
+    id=155,
+WHERE 1 = 1;";s:5:"lexer";O:26:"PhpMyAdmin\SqlParser\Lexer":8:{s:3:"str";s:87:"-- extraneous comma
+UPDATE
+    users
+SET
+    username = "Dan",
+    id=155,
+WHERE 1 = 1;";s:3:"len";i:87;s:4:"last";i:87;s:4:"list";O:31:"PhpMyAdmin\SqlParser\TokensList":3:{s:6:"tokens";a:29:{i:0;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:19:"-- extraneous comma";s:5:"value";s:19:"-- extraneous comma";s:7:"keyword";N;s:4:"type";i:4;s:5:"flags";i:4;s:8:"position";i:0;}i:1;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"
+";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:19;}i:2;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:6:"UPDATE";s:5:"value";s:6:"UPDATE";s:7:"keyword";s:6:"UPDATE";s:4:"type";i:1;s:5:"flags";i:3;s:8:"position";i:20;}i:3;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:"
+    ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:26;}i:4;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:"users";s:5:"value";s:5:"users";s:7:"keyword";N;s:4:"type";i:0;s:5:"flags";i:0;s:8:"position";i:31;}i:5;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"
+";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:36;}i:6;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:3:"SET";s:5:"value";s:3:"SET";s:7:"keyword";s:3:"SET";s:4:"type";i:1;s:5:"flags";i:11;s:8:"position";i:37;}i:7;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:"
+    ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:40;}i:8;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:8:"username";s:5:"value";s:8:"username";s:7:"keyword";N;s:4:"type";i:0;s:5:"flags";i:0;s:8:"position";i:45;}i:9;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:" ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:53;}i:10;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"=";s:5:"value";s:1:"=";s:7:"keyword";N;s:4:"type";i:2;s:5:"flags";i:2;s:8:"position";i:54;}i:11;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:" ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:55;}i:12;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:""Dan"";s:5:"value";s:3:"Dan";s:7:"keyword";N;s:4:"type";i:7;s:5:"flags";i:2;s:8:"position";i:56;}i:13;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:",";s:5:"value";s:1:",";s:7:"keyword";N;s:4:"type";i:2;s:5:"flags";i:16;s:8:"position";i:61;}i:14;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:"
+    ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:62;}i:15;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:2:"id";s:5:"value";s:2:"id";s:7:"keyword";N;s:4:"type";i:0;s:5:"flags";i:0;s:8:"position";i:67;}i:16;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"=";s:5:"value";s:1:"=";s:7:"keyword";N;s:4:"type";i:2;s:5:"flags";i:2;s:8:"position";i:69;}i:17;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:3:"155";s:5:"value";i:155;s:7:"keyword";N;s:4:"type";i:6;s:5:"flags";i:0;s:8:"position";i:70;}i:18;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:",";s:5:"value";s:1:",";s:7:"keyword";N;s:4:"type";i:2;s:5:"flags";i:16;s:8:"position";i:73;}i:19;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"
+";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:74;}i:20;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:5:"WHERE";s:5:"value";s:5:"WHERE";s:7:"keyword";s:5:"WHERE";s:4:"type";i:1;s:5:"flags";i:3;s:8:"position";i:75;}i:21;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:" ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:80;}i:22;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"1";s:5:"value";i:1;s:7:"keyword";N;s:4:"type";i:6;s:5:"flags";i:0;s:8:"position";i:81;}i:23;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:" ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:82;}i:24;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"=";s:5:"value";s:1:"=";s:7:"keyword";N;s:4:"type";i:2;s:5:"flags";i:2;s:8:"position";i:83;}i:25;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:" ";s:5:"value";s:1:" ";s:7:"keyword";N;s:4:"type";i:3;s:5:"flags";i:0;s:8:"position";i:84;}i:26;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:"1";s:5:"value";i:1;s:7:"keyword";N;s:4:"type";i:6;s:5:"flags";i:0;s:8:"position";i:85;}i:27;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";s:1:";";s:5:"value";s:1:";";s:7:"keyword";N;s:4:"type";i:9;s:5:"flags";i:0;s:8:"position";i:86;}i:28;O:26:"PhpMyAdmin\SqlParser\Token":6:{s:5:"token";N;s:5:"value";N;s:7:"keyword";N;s:4:"type";i:9;s:5:"flags";i:0;s:8:"position";N;}}s:5:"count";i:29;s:3:"idx";i:29;}s:9:"delimiter";s:1:";";s:12:"delimiterLen";i:1;s:6:"strict";b:0;s:6:"errors";a:0:{}}s:6:"parser";O:27:"PhpMyAdmin\SqlParser\Parser":5:{s:4:"list";r:7;s:10:"statements";a:1:{i:0;O:47:"PhpMyAdmin\SqlParser\Statements\UpdateStatement":8:{s:6:"tables";a:1:{i:0;O:42:"PhpMyAdmin\SqlParser\Components\Expression":7:{s:8:"database";N;s:5:"table";s:5:"users";s:6:"column";N;s:4:"expr";s:5:"users";s:5:"alias";N;s:8:"function";N;s:8:"subquery";N;}}s:3:"set";a:2:{i:0;O:44:"PhpMyAdmin\SqlParser\Components\SetOperation":2:{s:6:"column";s:8:"username";s:5:"value";s:5:""Dan"";}i:1;O:44:"PhpMyAdmin\SqlParser\Components\SetOperation":2:{s:6:"column";s:2:"id";s:5:"value";s:3:"155";}}s:5:"where";a:1:{i:0;O:41:"PhpMyAdmin\SqlParser\Components\Condition":3:{s:11:"identifiers";a:0:{}s:10:"isOperator";b:0;s:4:"expr";s:5:"1 = 1";}}s:5:"order";N;s:5:"limit";N;s:7:"options";O:44:"PhpMyAdmin\SqlParser\Components\OptionsArray":1:{s:7:"options";a:0:{}}s:5:"first";i:0;s:4:"last";i:26;}}s:8:"brackets";i:0;s:6:"strict";b:0;s:6:"errors";a:0:{}}s:6:"errors";a:2:{s:5:"lexer";a:0:{}s:6:"parser";a:1:{i:0;a:3:{i:0;s:17:"Unexpected token.";i:1;r:135;i:2;i:0;}}}}

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ public function testUpdateProvider()`
`22`	`22`	`array('parser/parseUpdate'),`
`23`	`23`	`array('parser/parseUpdate2'),`
`24`	`24`	`array('parser/parseUpdate3'),`
	`25`	`+ array('parser/parseUpdateErr'),`
`25`	`26`	`);`
`26`	`27`	`}`
`27`	`28`	`}`