package com.jladder.db;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/jladder/db/CheckWhere.class */
public class CheckWhere {
    public static final int CWF_DISABLE_SQLKEY = 1;
    public static final int CWF_DISABLE_CONST_EXP = 2;
    public static final int CWF_DISABLE_EQUATION_EXP = 4;
    public static final int CWF_DISABLE_IN_EXP = 8;
    private static int whereCheckFlag = 1;

    private static Matcher regexMatcher(String str, int i, String str2) {
        return Pattern.compile(str, i).matcher(str2);
    }

    private static void checkMatchFind(int i, String str, int i2, String str2, String str3) {
        if (isEnable(i)) {
            Matcher regexMatcher = regexMatcher(str, i2, str2);
            if (regexMatcher.find()) {
                throw new IllegalArgumentException(String.format(str3 + " '%s'", regexMatcher.group()));
            }
        }
    }

    private static boolean isEnable(int i) {
        return (whereCheckFlag & i) == i;
    }

    static String checkWhere(String str) {
        Boolean valueOf;
        String trim = null == str ? "" : str.trim();
        if (!trim.isEmpty()) {
            if (!trim.toUpperCase().startsWith("WHERE")) {
                throw new IllegalArgumentException("WHERE expression must start with 'WHERE'(case insensitive)");
            }
            checkMatchFind(4, "(('[^']*'\\s*|\"[^\"]*\\\"\\s*)+\\s*=\\s*('[^']*'\\s*|\"[^\"]*\"\\s*)+|([+-]?(?:\\d*\\.)?\\d+)\\s*=\\s*[+-]?(?:\\d*\\.)?\\d+|([^'\"\\s]+)\\s*=\\s*\\5\\b|([+-]?(?:\\d*\\.)?\\d+)\\s*=\\s*('|\")[+-]?(?:\\d*\\.)?\\d+\\s*\\7|('|\")([+-]?(?:\\d*\\.)?\\d+)\\s*\\8\\s*=\\s*[+-]?(?:\\d*\\.)?\\d+)", 0, trim, "INVALID WHERE equation  expression");
            if (isEnable(2)) {
                Matcher regexMatcher = regexMatcher("((?:where|or)\\s+)(not\\s+)?(false|true|('|\")([+-]?\\d+(\\.\\d+)?).*\\4)", 2, trim);
                while (regexMatcher.find()) {
                    boolean z = null != regexMatcher.group(2);
                    String group = regexMatcher.group(3);
                    if (group.equalsIgnoreCase("true")) {
                        valueOf = true;
                    } else if (group.equalsIgnoreCase("false")) {
                        valueOf = false;
                    } else {
                        valueOf = Boolean.valueOf(0.0d != Double.valueOf(regexMatcher.group(5)).doubleValue());
                    }
                    if (z) {
                        valueOf = Boolean.valueOf(!valueOf.booleanValue());
                    }
                    if (valueOf.booleanValue()) {
                        throw new IllegalArgumentException(String.format("INVALID WHERE const true  expression '%s'", regexMatcher.group()));
                    }
                }
            }
            checkMatchFind(8, "((('|\")[^']*\\3\\s*)|[\\d\\.+-]+\\s*)\\s+IN\\s+\\(.*\\)", 2, trim, "INVALID IN expression");
            checkMatchFind(1, "\\b(exec|insert|delete|update|join|union|master|truncate)\\b", 2, trim.replaceAll("('[^']*'|\"[^\"]*\")", ""), "ILLEGAL SQL key");
        }
        return trim;
    }

    public static void setWhereCheckFlag(int i) {
        whereCheckFlag = i;
    }

    private static void testCheckWhere(String str, boolean z) {
        try {
            checkWhere(str);
            if (z) {
            } else {
                throw new AssertionError();
            }
        } catch (Exception e) {
            System.out.printf("%s\n", e.getMessage());
            if (z) {
                throw new AssertionError();
            }
        }
    }

    public static void main(String[] strArr) {
        setWhereCheckFlag(-1);
        testCheckWhere("WHERE ", true);
        testCheckWhere("WHERE name='1342342' or age=15", true);
        testCheckWhere("WHERE name like '1342342%' and age>15 and birthdate='1990-01-01'", true);
        testCheckWhere("WHERE name='1342342%' and age>15 and birthdate='1990-01-01'", true);
        testCheckWhere("WHERE 1=1", false);
        testCheckWhere("WHERE 1=1.0", false);
        testCheckWhere("WHERE 1=1.0", false);
        testCheckWhere("WHERE  .12='12' or  \".1\"=.10 1=1 \"hello\"='world'   hello=hello", false);
        testCheckWhere("WHERE true", false);
        testCheckWhere("WHERE false", true);
        testCheckWhere("WHERE not false", false);
        testCheckWhere("WHERE '12345'='1342342' or age=15", false);
        testCheckWhere("WHERE age=15 or 1=2", false);
        testCheckWhere("WHERE age in ()", true);
        testCheckWhere("WHERE age in (1,2,3,45)", true);
        testCheckWhere("WHERE 1 in ()", false);
        testCheckWhere("WHERE 1 in (1,2,3,45)", false);
        testCheckWhere("WHERE 'hello' in ('hello')", false);
        testCheckWhere("WHERE 'hello' in ('hello')", false);
        testCheckWhere("WHERE a=1 union select * from systemtable", false);
        testCheckWhere("WHERE a in ( select a from systemtable)", true);
        testCheckWhere("WHERE name='union' or age=15", true);
    }
}
