diff --git a/src/Database/Database.php b/src/Database/Database.php index 791cb78b..7e971416 100644 --- a/src/Database/Database.php +++ b/src/Database/Database.php @@ -209,14 +209,9 @@ public static function select(string $sql_statement, array $data = []): mixed { static::ensureDatabaseConnection(); - if ( - !preg_match( - "/^(select\s.+?\sfrom\s.+;?|desc\s.+;?)$/i", - $sql_statement - ) - ) { + if (!preg_match("/^\s*select\b/i", $sql_statement)) { throw new DatabaseException( - 'Syntax Error on the Request', + 'Syntax Error on the Request: ' . $sql_statement, E_USER_ERROR ); } @@ -246,9 +241,9 @@ public static function selectOne(string $sql_statement, array $data = []): mixed { static::ensureDatabaseConnection(); - if (!preg_match("/^select\s.+?\sfrom\s.+;?$/i", $sql_statement)) { + if (!preg_match("/^\s*select\b/i", $sql_statement)) { throw new DatabaseException( - 'Syntax Error on the Request', + 'Syntax Error on the Request: ' . $sql_statement, E_USER_ERROR ); } @@ -278,14 +273,9 @@ public static function insert(string $sql_statement, array $data = []): int { static::ensureDatabaseConnection(); - if ( - !preg_match( - "/^insert\s+into\s+[\w\d_-`]+\s*(\(.+\))?\s+(values\s*(\(.+\),?)+|\s?set\s+(.+)+);?$/ism", - $sql_statement - ) - ) { + if (!preg_match("/^\s*insert\b/i", $sql_statement)) { throw new DatabaseException( - 'Syntax Error on the Request', + 'Syntax Error on the Request: ' . $sql_statement, E_USER_ERROR ); } @@ -344,7 +334,7 @@ public static function delete(string $sql_statement, array $data = []): int { static::ensureDatabaseConnection(); - if (!preg_match("/^delete\s+from\s+[\w\d_`]+\s+where\s+.+;?$/i", $sql_statement)) { + if (!preg_match(""/^\s*delete\b/i"", $sql_statement)) { throw new DatabaseException( 'Syntax Error on the Request', E_USER_ERROR