PHP Tokenizer and SQL

Hi there,

I am looking at writing a simple SQL interface.

I want to tokenize an SQL string so I can prepend a table identifier to table names.

The reason is I only have one database, and I want to separate out the tables so they have structure...

for instance

userlist for the blog section should be different to the userlist for the distribution list section, but theyh could have simple sql...

select * from userlist

with a tokenizer, I can prepend the DB section to the table name..

select * from dist_userlist
select * from blog_userlist

making reading a lot simpler... I think.

Any ideas how I can do this simply?

Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

gnudiffConnect With a Mentor Commented:
I wrote a small class for that recently.

The basic idea is to store different parts of the query in separate arrays, and only join them into a query upon executing it.

ie. something like:

$sb = new SQLBuilder;

$sb->add_clause('FROM', 'table1 t1');
$sb->add_clause('FROM', 'table2 t2');
$sb->add_clause('WHERE', ' =');

and then $query = $sb->parse();

where parse takes all the currently defined parts together and forms a single:
SELECT mysql FROM table1 t1, table2 t2 WHERE

substr(strtolower($query), ' from ');
substr(strtolower($query), ' where');

You'd then good retrieve the 'from table table table where'-piece and replacement should be doable.

Or even better. Have variable queries:

$query = 'SELECT * FROM `'.$table.'` WHERE etc';

nigel5Author Commented:
roonaan. I had a few issues with strtolower() since the WHERE Clauses are generally case sensitive. I did think about finding the strpos of 'FROM' and 'WHERE' then using split.... but that got messy.

gnudiff, thanks that inspired me, and I have a class that builds the SQL in the first place. This is not the optimal solution however, since it is easier to type SQL.... it does mean that I cannot type SQL into a form input and have it run against the database...

But then would I really want that much power... best have some form with some control and dynamic inputs...

Thanks guys.
It certainly depends on your users.

I have just written some PHP that allows user to build query using webform and adding/removing conditions one by one.
Like, he can select dropdown for logical operator (AND/OR/AND NOT/OR NOT), field, condition (is/isn't/>/</contains/...) and value, and that gets shown in the list on the page, eg:

AND title contains 'One'
AND creation date > 2002-01-01
AND NOT header is 9338
AND NOT header starts with 7

There are certain benefits to storing the query in this form at all times, and constructing the real SQL only at the point of executing it.
Why I used strtolower was because you would like to have a case insensitive search to where the positions of the keywords 'FROM' and 'WHERE' are. This is because stripos is still not functional on all systems.

But better indeed to have a class which performs some validation before querying. Saves a lot of work in the future :-)


All Courses

From novice to tech pro — start learning today.