Properly escape column name in "createFunction" call

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

diff --git a/apps/dav/lib/Migration/BuildCalendarSearchIndex.php b/apps/dav/lib/Migration/BuildCalendarSearchIndex.php
index da4b4f4fe840b5533db4bc7fb9a93ba7d42cd675..22274e36c6b65e503e788e783ae39c7f701764ee 100644 (file)
--- a/apps/dav/lib/Migration/BuildCalendarSearchIndex.php
+++ b/apps/dav/lib/Migration/BuildCalendarSearchIndex.php
@@ -70,7 +70,7 @@ class BuildCalendarSearchIndex implements IRepairStep {
                }
 
                $query = $this->db->getQueryBuilder();
-               $query->select($query->createFunction('MAX(id)'))
+               $query->select($query->createFunction('MAX(' . $query->getColumnName('id') . ')'))
                        ->from('calendarobjects');
                $maxId = (int)$query->execute()->fetchColumn();
 

diff --git a/apps/files_sharing/lib/Command/CleanupRemoteStorages.php b/apps/files_sharing/lib/Command/CleanupRemoteStorages.php
index f269b86ea9f7a295552b0d0b3a9cdc566136b9a1..2175982dfc155dbb295b66b35967fdec7cae49e6 100644 (file)
--- a/apps/files_sharing/lib/Command/CleanupRemoteStorages.php
+++ b/apps/files_sharing/lib/Command/CleanupRemoteStorages.php
@@ -98,7 +98,7 @@ class CleanupRemoteStorages extends Command {
 
        public function countFiles($numericId, OutputInterface $output) {
                $queryBuilder = $this->connection->getQueryBuilder();
-               $queryBuilder->select($queryBuilder->createFunction('count(fileid)'))
+               $queryBuilder->select($queryBuilder->createFunction('COUNT(' . $queryBuilder->getColumnName('fileid') . ')'))
                        ->from('filecache')
                        ->where($queryBuilder->expr()->eq(
                                'storage',

diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index c7d737a7631c1b92fd2d0d050371965978217852..c3f09fd6caa01ac7a960196926ba4b9576806b01 100644 (file)
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -311,7 +311,7 @@ abstract class AbstractMapping {
         */
        public function count() {
                $qb = $this->dbc->getQueryBuilder();
-               $query = $qb->select($qb->createFunction('COUNT(`ldap_dn`)'))
+               $query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('ldap_dn') . ')'))
                        ->from($this->getTableName());
                $res = $query->execute();
                $count = $res->fetchColumn();

diff --git a/lib/private/Comments/Manager.php b/lib/private/Comments/Manager.php
index 6d9e37ae94e9202e0c481228e30326335b8c0dc8..e9bb001f77dac699a827445a9ce095d541b5fc05 100644 (file)
--- a/lib/private/Comments/Manager.php
+++ b/lib/private/Comments/Manager.php
@@ -163,7 +163,7 @@ class Manager implements ICommentsManager {
         */
        protected function updateChildrenInformation($id, \DateTime $cDateTime) {
                $qb = $this->dbConn->getQueryBuilder();
-               $query = $qb->select($qb->createFunction('COUNT(`id`)'))
+               $query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('id') . ')'))
                        ->from('comments')
                        ->where($qb->expr()->eq('parent_id', $qb->createParameter('id')))
                        ->setParameter('id', $id);

diff --git a/lib/private/Group/Database.php b/lib/private/Group/Database.php
index 9bcb7eb338583a58aac6d3e2cffae11ac84ed075..c77ae9e2ee862f7d5082198bdf9c993d67b161b7 100644 (file)
--- a/lib/private/Group/Database.php
+++ b/lib/private/Group/Database.php
@@ -387,9 +387,9 @@ class Database extends ABackend
                $this->fixDI();
                
                $query = $this->dbConn->getQueryBuilder();
-               $query->select($query->createFunction('COUNT(Distinct uid)'))
+               $query->select($query->createFunction('COUNT(DISTINCT ' . $query->getColumnName('uid') . ')'))
                        ->from('preferences', 'p')
-                       ->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid')
+                       ->innerJoin('p', 'group_user', 'g', $query->expr()->eq('p.userid', 'g.uid'))
                        ->where($query->expr()->eq('appid', $query->createNamedParameter('core')))
                        ->andWhere($query->expr()->eq('configkey', $query->createNamedParameter('enabled')))
                        ->andWhere($query->expr()->eq('configvalue', $query->createNamedParameter('false'), IQueryBuilder::PARAM_STR))

diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php
index 494a345be597c411963536c9defe1e6a52609068..54d7d7f96124dd177635c3b94b46c24d85371151 100644 (file)
--- a/lib/private/User/Manager.php
+++ b/lib/private/User/Manager.php
@@ -475,9 +475,9 @@ class Manager extends PublicEmitter implements IUserManager {
         */
        public function countDisabledUsersOfGroups(array $groups): int {
                $queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-               $queryBuilder->select($queryBuilder->createFunction('COUNT(Distinct uid)'))
+               $queryBuilder->select($queryBuilder->createFunction('COUNT(DISTINCT ' . $queryBuilder->getColumnName('uid') . ')'))
                        ->from('preferences', 'p')
-                       ->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid')
+                       ->innerJoin('p', 'group_user', 'g', $queryBuilder->expr()->eq('p.userid', 'g.uid'))
                        ->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('core')))
                        ->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('enabled')))
                        ->andWhere($queryBuilder->expr()->eq('configvalue', $queryBuilder->createNamedParameter('false'), IQueryBuilder::PARAM_STR))