C#中的Lexing部分SQL [英] Lexing partial SQL in C#

问题描述

我需要解析部分SQL查询(用于SQL注入审核工具).例如

I'd need to parse partial SQL queries (it's for a SQL injection auditing tool). For example

'1' AND 1=1--

应分解为类似令牌

[0] => [SQL_STRING, '1']
[1] => [SQL_AND]
[2] => [SQL_INT, 1]
[3] => [SQL_AND]
[4] => [SQL_INT, 1]
[5] => [SQL_COMMENT]
[6] => [SQL_QUERY_END]

它们是否至少是我所基于的SQL词法分析器，还是像C#的bison之类的好工具(尽管我宁愿不编写自己的语法，因为我需要支持大多数(如果不是全部)MySQL 5语法)

Are their any at least lexers for SQL that I base mine off of or any good tools like bison for C# (though I'd rather not write my own grammar as I need to support most if not all the grammar of MySQL 5)

推荐答案

似乎有一些不错的解析器.

Seems that there's a few good parsers out there.

这篇SO文章中有一个使用MS的实体框架的示例:
使用C#解析SQL代码

This SO article has a sample using MS's Entity Framework:
Parsing SQL code in C#

似乎有人将自己的代码放到了Code Project中:
http://www.codeproject.com/KB/dotnet/SQL_parser.aspx

Seems someone else rolled their own and put it up on Code Project:
http://www.codeproject.com/KB/dotnet/SQL_parser.aspx

就个人而言，我将使用Entity Framework解决方案，因为它是由MS创建和维护的，因此也可能与SQL Server紧密结合.由于您正在研究MySQL，因此您可能希望在Code Project上使用自定义解决方案，因为我确信您可以按照语法要求在更多的自定义解决方案中进行编码.

Personally, I'd go with the Entity Framework solution, since it was created and maintained by MS, but it also therefore probably is closely coupled with SQL Server. Since you're looking at MySQL, you may want to go with the custom solution on Code Project, as I'm sure you can then code in more custom solutions as the grammar requires.

我将很快使用它(对于Oracle，而不是MySQL)，所以请让社区了解该解决方案的工作原理！

I'll be using this soon (for Oracle, not MySQL), so please let the community know how the solution works out!

更新:
我刚回到这本书并阅读了评论...经过进一步的思考，我真的建议ANTLR，因为它支持多种语法.再一次，我没有使用过它，所以很高兴听到它是如何工作的，这取决于您自己决定.
https://stackoverflow.com/questions/76083/parsing-sql-in-net/76151

UPDATE:
I just came back to this and read the comments... upon further reflection, I'd really recommend ANTLR, since it supports multiple grammars. Once again, I haven't used it, so it'll be good to hear how it worked out, and it's up to you to decide.
https://stackoverflow.com/questions/76083/parsing-sql-in-net/76151

这篇关于C#中的Lexing部分SQL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！