package com.inet.lib.util;

import com.inet.annotations.InternalApi;
import com.inet.permissions.url.legacy.OldPermissionXMLUtils;

@InternalApi
/* loaded from: input_file:com/inet/lib/util/SqlFunctions.class */
public class SqlFunctions {
    public static boolean isRedFlagSQL(String str) {
        String trim = str.toUpperCase().trim();
        String[] strArr = {"SELECT", "CALL", "{CALL", "{?=CALL", "WITH", "EXEC"};
        boolean z = false;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str2 = strArr[i];
            if (trim.startsWith(str2) && trim.length() > str2.length() && Character.isWhitespace(trim.charAt(str2.length()))) {
                z = true;
                break;
            }
            i++;
        }
        if (!z) {
            return true;
        }
        String join = String.join(OldPermissionXMLUtils.XML_WS, trim.split("[; '\"]"));
        if (join.contains(" DROP TABLE ") || join.contains(" DELETE FROM ")) {
            return true;
        }
        return (join.matches(".*SELECT.* DROP .* TABLE .*SELECT.*") || join.matches(".*SELECT.* DELETE .* FROM .*SELECT.*") || join.matches(".*SELECT.* UPDATE .*SELECT.*")) && trim.contains(";");
    }
}
