Also, please note that newlines, tabs and sql comments will return a false-positive.
Some of our queries passed to the is_write_query() use sql-comments, such as the following:
$q = "/* a_function_call_name -- cached, CE */ SELECT foo FROM bar ...";
You’ll need to do a preg_replace (or sommat) to the $q query BEFORE the return to ensure that you’ve escaped spaces, tabs, etc.
My regex is weak, too, but I’ve got testing to do, so here’s mine:
function is_write_query($q){
$q = preg_replace('/\/\* *([a-zA-Z0-9\-\.\_ ]*)\*\//',' ',$q); // trim comments
$q = ltrim($q,"\t\r\n ("); // trim whitespace
return !preg_match('/^(?:SELECT|SHOW|DESCRIBE|EXPLAIN)\s/i',$q);
} // end function is_write_query()
Hope that helps someone else out there,
–Chad
