public static function sFromUsColumnArray($usColumns)
{
foreach ($usColumns as $usCol) {
if (!StrictNameRule::isSafe($usCol)) {
return null;
}
}
return $usColumns;
}
function testStrictNameRule($t)
{
$isSafeTestCase = array(array(true, 'a0_table', 'normal'), array(true, 'A0_TABLE', 'upper case'), array(false, 'a0-table', 'hyphen'), array(false, 'A0_TABLE', 'multi bytes'), array(false, '日本語', 'multi bytes'), array(false, "a0 OR 1=1 ", 'null byte'), array(false, "a0\n OR 1=1 ", 'return'), array(false, "a0; OR 1=1", 'semi coron'), array(false, "a0' OR ''='", 'quote'));
foreach ($isSafeTestCase as $case) {
$expect = $case[0];
$value = $case[1];
$explain = $case[2];
$t->ok($expect === StrictNameRule::isSafe($value), $explain);
}
$sFromUsNameTestCase = array(array('a0_table', 'a0_table', 'normal'), array('A0_TABLE', 'A0_TABLE', 'upper case'), array(null, 'a0-table', 'hyphen'), array(null, 'A0_TABLE', 'multi bytes'), array(null, '日本語', 'multi bytes'), array(null, "a0 OR 1=1 ", 'null byte'), array(null, "a0\n OR 1=1 ", 'return'), array(null, "a0; OR 1=1", 'semi coron'), array(null, "a0' OR ''='", 'quote'));
foreach ($sFromUsNameTestCase as $case) {
$expect = $case[0];
$value = $case[1];
$explain = $case[2];
$t->ok($expect === StrictNameRule::sFromUsName($value), $explain);
}
$sFromUsNameArrayTestCase = array(array(null, array("name", "created-on"), "hyphen"), array(null, array("名前", "created_on"), "multi byte"), array(null, array("name 1=1 OR"), "null byte"), array(null, array("name, 1=1 OR"), "semi colon"), array(null, array("name' 1=1 OR"), "quote"), array(null, array("name\n 1=1 OR"), "return"), array(array('name', 'created_on'), array('name', 'created_on'), 'normal'));
foreach ($sFromUsNameArrayTestCase as $case) {
$expect = $case[0];
$value = $case[1];
$explain = $case[2];
$t->is($expect, StrictNameRule::sFromUsColumnArray($value), $explain);
}
}
