On 6/3/2006, at 8:55, Quinn Comendant wrote:
[...]
$sql = "WHERE category = '" . addslashes($category) . "'";
...or...
$qid = DB::query(" WHERE category = '" . addslashes($category) . "' ");
To match the SQL part I think you will need two different rules (one for each construct).
I have written an example of matching the first construct below, let me know if you have further questions.
{ begin = '($sql) = '; end = ';';
# assign a scope name to the “$sql” part captures = { 1 = { name = 'variable.other.php'; } };
patterns = ( # start a new context for … in “$sql = …;”
# match strings in this context { name = 'string.quoted.double.php'; begin = '"'; end = '"'; patterns = ( { match = '\.'; }. # escaped characters { include = 'source.sql'; } # treat content of string as SQL ); }.
# for that which is not matched as a string in this # context use the normal (root level) PHP rules { include = '$self'; } ); }