Fix code quality violations and enhance ROUTE-EXISTS-01 rule
Implement JQHTML function cache ID system and fix bundle compilation Implement underscore prefix for system tables Fix JS syntax linter to support decorators and grant exception to Task system SPA: Update planning docs and wishlists with remaining features SPA: Document Navigation API abandonment and future enhancements Implement SPA browser integration with History API (Phase 1) Convert contacts view page to SPA action Convert clients pages to SPA actions and document conversion procedure SPA: Merge GET parameters and update documentation Implement SPA route URL generation in JavaScript and PHP Implement SPA bootstrap controller architecture Add SPA routing manual page (rsx:man spa) Add SPA routing documentation to CLAUDE.md Phase 4 Complete: Client-side SPA routing implementation Update get_routes() consumers for unified route structure Complete SPA Phase 3: PHP-side route type detection and is_spa flag Restore unified routes structure and Manifest_Query class Refactor route indexing and add SPA infrastructure Phase 3 Complete: SPA route registration in manifest Implement SPA Phase 2: Extract router code and test decorators Rename Jqhtml_Component to Component and complete SPA foundation setup 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
root
@@ -200,8 +200,12 @@ class SqlQueryTransformer
|
||||
*/
|
||||
private static function __validate_forbidden_types(string $query): void
|
||||
{
|
||||
// Strip comments and quoted strings before validation to avoid false positives
|
||||
// (e.g., "TIME" in a COMMENT won't trigger the TIME type check)
|
||||
$query_without_strings = self::__strip_comments_and_strings($query);
|
||||
|
||||
// Check for ENUM
|
||||
if (preg_match('/\bENUM\s*\(/i', $query)) {
|
||||
if (preg_match('/\bENUM\s*\(/i', $query_without_strings)) {
|
||||
throw new \RuntimeException(
|
||||
"ENUM column type is forbidden in RSpade. Use VARCHAR with validation instead.\n" .
|
||||
"ENUMs cannot be modified without table locks and cause deployment issues.\n" .
|
||||
@@ -210,7 +214,7 @@ class SqlQueryTransformer
|
||||
}
|
||||
|
||||
// Check for SET
|
||||
if (preg_match('/\bSET\s*\(/i', $query)) {
|
||||
if (preg_match('/\bSET\s*\(/i', $query_without_strings)) {
|
||||
throw new \RuntimeException(
|
||||
"SET column type is forbidden in RSpade. Use JSON or a separate table instead.\n" .
|
||||
"Query: " . substr($query, 0, 200)
|
||||
@@ -218,7 +222,7 @@ class SqlQueryTransformer
|
||||
}
|
||||
|
||||
// Check for YEAR
|
||||
if (preg_match('/\bYEAR\b/i', $query)) {
|
||||
if (preg_match('/\bYEAR\b/i', $query_without_strings)) {
|
||||
throw new \RuntimeException(
|
||||
"YEAR column type is forbidden in RSpade. Use INT or DATE instead.\n" .
|
||||
"Query: " . substr($query, 0, 200)
|
||||
@@ -226,14 +230,102 @@ class SqlQueryTransformer
|
||||
}
|
||||
|
||||
// Check for TIME (but allow DATETIME and TIMESTAMP)
|
||||
if (preg_match('/\bTIME\b(?!STAMP)/i', $query)) {
|
||||
throw new \RuntimeException(
|
||||
"TIME column type is forbidden in RSpade. Use DATETIME instead.\n" .
|
||||
"Query: " . substr($query, 0, 200)
|
||||
);
|
||||
if (preg_match('/\bTIME\b(?!STAMP)/i', $query_without_strings)) {
|
||||
// Additional check: make sure it's not part of DATETIME
|
||||
if (!preg_match('/\bDATETIME\b/i', $query_without_strings) ||
|
||||
preg_match('/[,\s]\s*TIME\s+/i', $query_without_strings)) {
|
||||
throw new \RuntimeException(
|
||||
"TIME column type is forbidden in RSpade. Use DATETIME instead.\n" .
|
||||
"Query: " . substr($query, 0, 200)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Strip comments and quoted strings from SQL query
|
||||
*
|
||||
* Removes:
|
||||
* - Single-quoted strings
|
||||
* - Double-quoted strings
|
||||
* - SQL comments (both single-line and multi-line)
|
||||
*
|
||||
* This prevents false positives in validation (e.g., 'TIME' in a comment)
|
||||
*
|
||||
* @param string $query The SQL query
|
||||
* @return string Query with comments and strings removed
|
||||
*/
|
||||
private static function __strip_comments_and_strings(string $query): string
|
||||
{
|
||||
$result = '';
|
||||
$len = strlen($query);
|
||||
$i = 0;
|
||||
|
||||
while ($i < $len) {
|
||||
// Check for single-line comment --
|
||||
if ($i < $len - 1 && $query[$i] === '-' && $query[$i + 1] === '-') {
|
||||
// Skip until newline
|
||||
while ($i < $len && $query[$i] !== "\n") {
|
||||
$i++;
|
||||
}
|
||||
$i++; // Skip the newline
|
||||
continue;
|
||||
}
|
||||
|
||||
// Check for multi-line comment /* */
|
||||
if ($i < $len - 1 && $query[$i] === '/' && $query[$i + 1] === '*') {
|
||||
// Skip until */
|
||||
$i += 2;
|
||||
while ($i < $len - 1 && !($query[$i] === '*' && $query[$i + 1] === '/')) {
|
||||
$i++;
|
||||
}
|
||||
$i += 2; // Skip the */
|
||||
continue;
|
||||
}
|
||||
|
||||
// Check for single-quoted string
|
||||
if ($query[$i] === "'") {
|
||||
$i++; // Skip opening quote
|
||||
while ($i < $len) {
|
||||
if ($query[$i] === "'") {
|
||||
// Check for escaped quote ''
|
||||
if ($i + 1 < $len && $query[$i + 1] === "'") {
|
||||
$i += 2; // Skip escaped quote
|
||||
} else {
|
||||
$i++; // Skip closing quote
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
// Check for double-quoted string
|
||||
if ($query[$i] === '"') {
|
||||
$i++; // Skip opening quote
|
||||
while ($i < $len) {
|
||||
if ($query[$i] === '"') {
|
||||
$i++; // Skip closing quote
|
||||
break;
|
||||
} else if ($query[$i] === '\\' && $i + 1 < $len) {
|
||||
$i += 2; // Skip escaped character
|
||||
} else {
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
continue;
|
||||
}
|
||||
|
||||
// Regular character - keep it
|
||||
$result .= $query[$i];
|
||||
$i++;
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate MySQL syntax patterns that commonly cause issues
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user