Issue #1019694 by Jody Lynn - fixed spelling typos
[project/coder.git] / coder_review / includes / coder_review_sql.inc
1 <?php
2
3 /**
4 * @file
5 * This include file implements coder functionality for SQL strings
6 */
7
8 /**
9 * Implements hook_reviews().
10 */
11 function coder_review_sql_reviews() {
12 $table = '\{[A-Za-z_]+\}'; // table-regex
13 $bad = '[A-Za-z_]+';
14 $rules = array(
15 // NOTE: this doesn't catch all non-upper case keywords, but is a good start
16 array(
17 '#type' => 'regex',
18 '#value' => '^(select\s+.*\s+from\s+' . $table . '|insert\s+into\s+' . $table . '|update\s+' . $table . '\s+set|delete\s+from\s+' . $table . ')',
19 '#source' => 'quote',
20 '#warning' => 'SQL keywords should be upper case',
21 '#case-sensitive' => TRUE,
22 '#severity' => 'minor'
23 ),
24 array(
25 '#type' => 'regex',
26 '#value' => '^(select\s+.*\s+from\s+' . $bad . '|insert\s+into\s+' . $bad . '|update\s+' . $bad . '\s+set|delete\s+from\s' . $bad . ')',
27 '#source' => 'quote',
28 '#warning' => 'table names should be enclosed in {curly_brackets}',
29 '#severity' => 'critical',
30 ),
31 array(
32 '#type' => 'regex',
33 '#value' => '^(select\s+.*\s+from\s+' . $table . '|insert\s+into\s+' . $table . '|update\s+' . $table . '\s+set|delete\s+from\s' . $table . ')\s+.*[Ll][Ii][Mm][Ii][Tt]\s[0-9]+',
34 '#source' => 'quote',
35 '#warning_callback' => '_coder_review_sql_db_query_range_warning',
36 ),
37 array(
38 '#type' => 'regex',
39 '#value' => '^(select\s+.*\s+from\s+' . $table . '|update\s+' . $table . '\s+set|delete\s+from\s' . $table . ')\s+.*!=',
40 '#source' => 'quote',
41 '#warning' => 'Use ANSI standard <> instead of !=',
42 ),
43 array(
44 '#type' => 'regex',
45 '#value' => '^(select\s+.*\s+from\s+' . $table . '\s+.+?=\s*`|insert\s+into\s+' . $table . '\s+.*?VALUES\s*(\(\s*`|\(.*?,\s*`)|update\s+' . $table . '\s+set\s+.*?=\s*`|delete\s+from\s' . $table . '\s+.*?=\s*`)',
46 '#source' => 'quote',
47 '#warning' => "Don't use back ticks to quote values as it is not compliant with ANSI SQL"
48 ),
49 array(
50 '#type' => 'regex',
51 '#source' => 'allphp',
52 '#value' => 'db_query\s*\(\s*[\'"]select\s+count\s*\(\s*\*\s*\)\s+from\s+',
53 '#warning_callback' => '_coder_review_sql_select_count_warning',
54 '#severity' => 'minor',
55 ),
56 );
57 $review = array(
58 '#title' => t('Drupal SQL Standards'),
59 '#rules' => $rules,
60 '#description' => t('new review, so use with caution'),
61 );
62 return array('sql' => $review);
63 }
64
65 /**
66 * Define the warning callbacks
67 */
68
69 function _coder_review_sql_db_query_range_warning() {
70 return array(
71 '#warning' => t('Use !db_query_range() instead of the SQL LIMIT clause',
72 array(
73 '!db_query_range' => theme('drupalapi', array('function' => 'db_query_range')),
74 )
75 ),
76 '#link' => 'http://drupal.org/node/1395',
77 );
78 }
79
80 function _coder_review_sql_select_count_warning() {
81 return array(
82 '#warning' => t('You may not want to use SELECT COUNT(*), if all you want to do is check for the existance of any rows, rather than the actual number of rows.'),
83 '#link' => 'http://drupal.org/node/224333#select_count',
84 );
85 }
86