I have listed some goals of this project below.
- To create a SQL parser in Delphi that can be used to create an AST of the SQL
- Ability to create a Syntax highlighter for SQL
- by forcing the use of parameters by preventing the use of constant values in SQL
- detecting multiple statements that are going to be executed together
- detecting always true / always false statements
- detecting statements like
select 1in a where restriction
- Do equivilant of SQL refactoring (renaming various things like table names,field names etc)
- Convert between different dialects of SQL
Currently the project is in a very early stage although, it can decode fair number of the simple SQL commands although for anything complicated it probably can't yet handle.
- The project can currently decode 69 out of the 70 test SQL statements.
- The project can compare what the expected AST is to what the decoded AST is to ensure the parser is working properly
- At the moment no attempt to limit SQL dialect type has been implemented.
- Initial testing of
1 = 1like conditions for detecting SQL Injection attacks - Initial testing of
select 1like conditions in where clauses - Detection of constant value anywhere in the SQL statement
- Add check for multiple statements in SQL text