Finding all queries in a string in a source code using grep

Question

I need to identify all queries in a php source code spread in many files under different directories.

I though about using grep and MySQL keywords to identify them. There are two ways I can differentiate queries in this source code.

1. They are always quoted in double quotes.
2. They will always have the MySQL keywords such as insert , select , update , delete and alter .

But there is a problem, the queries in double quotes can be spread in multiple lines. Example :

$newQuery = "Select username
             from 
             usertable"

So I need to identify "Select username from usertable"

But grep can not work on multiple lines.

I tried :

egrep -e '"(.*?)\+"' test.php | grep "select"

It works great for single line but again misses multiline queries.

So I tried

sed -e '/\"/,/\"/!d' test.php

It returns all the queries, But then I do

sed -e '/\"/,/\"/!d' test.php | grep select

It returns,

"select 

which is not good. I think I need to escape newlines in sed. How do I achieve this? Any other standard commands for bash will also do, such as awk.

Answer 1

I often use perl -pe instead of sed for some more fancy expressions.

cat tmp.php | \
perl -pe "s/[\n\r\s]+/ /g" | \ # remove all spaces and line breaks
perl -e '$x=join " ", (<>); print join " ", ($x =~ /".*?(?:select|alter).*?"/gi)'

In the last line you find all the quotes with select keyword and join them

Answer 2

One way using Perl:

perl -00ne 'print $1,"\n" while (/"((select|insert|update|delete|alter).*?)"/sig);' file

To get output in single line:

perl -00ne 'while (/"((select|insert|update|delete|alter).*?)"/sig){$x=$1;$x=~s/\n//g;$x=~s/\s+/ /g;print "$x\n";};' file

To get single line output using join and split:

perl -00ne 'print join " ",split(/\s+/,$1),"\n" while (/"((select|insert|update|delete|alter).*?)"/sig);' file