Fix comparing the empty string for global credentials

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/lib/private/DB/Connection.php b/lib/private/DB/Connection.php
index 4d390a04ec533f48367eb86b0e2b4510c9cf04a8..17e76c37b3384f21163db02a486140fef4cdf2e4 100644 (file)
--- a/lib/private/DB/Connection.php
+++ b/lib/private/DB/Connection.php
@@ -307,11 +307,17 @@ class Connection extends ReconnectWrapper implements IDBConnection {
                        $where = $updateQb->expr()->andX();
                        $whereValues = array_merge($keys, $updatePreconditionValues);
                        foreach ($whereValues as $name => $value) {
-                               $where->add($updateQb->expr()->eq(
-                                       $name,
-                                       $updateQb->createNamedParameter($value, $this->getType($value)),
-                                       $this->getType($value)
-                               ));
+                               if ($value === '') {
+                                       $where->add($updateQb->expr()->emptyString(
+                                               $name
+                                       ));
+                               } else {
+                                       $where->add($updateQb->expr()->eq(
+                                               $name,
+                                               $updateQb->createNamedParameter($value, $this->getType($value)),
+                                               $this->getType($value)
+                                       ));
+                               }
                        }
                        $updateQb->where($where);
                        $affected = $updateQb->execute();

diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php
index a40a7e1d88e9f457f9f415364e2972922961347b..20af25ae10fab15b8226136d8f055e2751c19854 100644 (file)
--- a/lib/private/Security/CredentialsManager.php
+++ b/lib/private/Security/CredentialsManager.php
@@ -81,9 +81,13 @@ class CredentialsManager implements ICredentialsManager {
                $qb = $this->dbConnection->getQueryBuilder();
                $qb->select('credentials')
                        ->from(self::DB_TABLE)
-                       ->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)))
-                       ->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)))
-               ;
+                       ->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)));
+
+               if ($userId === '') {
+                       $qb->andWhere($qb->expr()->emptyString('user'));
+               } else {
+                       $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+               }
 
                $qResult = $qb->execute();
                $result = $qResult->fetch();
@@ -107,9 +111,14 @@ class CredentialsManager implements ICredentialsManager {
        public function delete($userId, $identifier) {
                $qb = $this->dbConnection->getQueryBuilder();
                $qb->delete(self::DB_TABLE)
-                       ->where($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)))
-                       ->andWhere($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)))
-               ;
+                       ->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)));
+
+               if ($userId === '') {
+                       $qb->andWhere($qb->expr()->emptyString('user'));
+               } else {
+                       $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+               }
+
                return $qb->execute();
        }