diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2018-10-16 14:55:41 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2018-10-19 12:12:52 +0200 |
| commit | f6cdab6b115fec1c162e75f20bb3f371c299a11e (patch) | |
| tree | d1cbe1d4b893e056588bc54e66925fc6203fceeb | |
| parent | c1fbf70d831d4f8039f847f2ca2c96fd781052a1 (diff) | |
| download | nextcloud-server-f6cdab6b115fec1c162e75f20bb3f371c299a11e.tar.gz nextcloud-server-f6cdab6b115fec1c162e75f20bb3f371c299a11e.zip | |
Properly escape column name in "createFunction" call
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
| -rw-r--r-- | apps/dav/lib/Migration/BuildCalendarSearchIndex.php | 2 | ||||
| -rw-r--r-- | apps/files_sharing/lib/Command/CleanupRemoteStorages.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Mapping/AbstractMapping.php | 2 | ||||
| -rw-r--r-- | lib/private/Comments/Manager.php | 2 | ||||
| -rw-r--r-- | lib/private/Group/Database.php | 4 | ||||
| -rw-r--r-- | lib/private/User/Manager.php | 4 |
6 files changed, 8 insertions, 8 deletions
diff --git a/apps/dav/lib/Migration/BuildCalendarSearchIndex.php b/apps/dav/lib/Migration/BuildCalendarSearchIndex.php index da4b4f4fe84..22274e36c6b 100644 --- a/apps/dav/lib/Migration/BuildCalendarSearchIndex.php +++ b/apps/dav/lib/Migration/BuildCalendarSearchIndex.php @@ -70,7 +70,7 @@ class BuildCalendarSearchIndex implements IRepairStep { } $query = $this->db->getQueryBuilder(); - $query->select($query->createFunction('MAX(id)')) + $query->select($query->createFunction('MAX(' . $query->getColumnName('id') . ')')) ->from('calendarobjects'); $maxId = (int)$query->execute()->fetchColumn(); diff --git a/apps/files_sharing/lib/Command/CleanupRemoteStorages.php b/apps/files_sharing/lib/Command/CleanupRemoteStorages.php index f269b86ea9f..2175982dfc1 100644 --- a/apps/files_sharing/lib/Command/CleanupRemoteStorages.php +++ b/apps/files_sharing/lib/Command/CleanupRemoteStorages.php @@ -98,7 +98,7 @@ class CleanupRemoteStorages extends Command { public function countFiles($numericId, OutputInterface $output) { $queryBuilder = $this->connection->getQueryBuilder(); - $queryBuilder->select($queryBuilder->createFunction('count(fileid)')) + $queryBuilder->select($queryBuilder->createFunction('COUNT(' . $queryBuilder->getColumnName('fileid') . ')')) ->from('filecache') ->where($queryBuilder->expr()->eq( 'storage', diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php index c7d737a7631..c3f09fd6caa 100644 --- a/apps/user_ldap/lib/Mapping/AbstractMapping.php +++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php @@ -311,7 +311,7 @@ abstract class AbstractMapping { */ public function count() { $qb = $this->dbc->getQueryBuilder(); - $query = $qb->select($qb->createFunction('COUNT(`ldap_dn`)')) + $query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('ldap_dn') . ')')) ->from($this->getTableName()); $res = $query->execute(); $count = $res->fetchColumn(); diff --git a/lib/private/Comments/Manager.php b/lib/private/Comments/Manager.php index 6d9e37ae94e..e9bb001f77d 100644 --- a/lib/private/Comments/Manager.php +++ b/lib/private/Comments/Manager.php @@ -163,7 +163,7 @@ class Manager implements ICommentsManager { */ protected function updateChildrenInformation($id, \DateTime $cDateTime) { $qb = $this->dbConn->getQueryBuilder(); - $query = $qb->select($qb->createFunction('COUNT(`id`)')) + $query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('id') . ')')) ->from('comments') ->where($qb->expr()->eq('parent_id', $qb->createParameter('id'))) ->setParameter('id', $id); diff --git a/lib/private/Group/Database.php b/lib/private/Group/Database.php index 9bcb7eb3385..c77ae9e2ee8 100644 --- a/lib/private/Group/Database.php +++ b/lib/private/Group/Database.php @@ -387,9 +387,9 @@ class Database extends ABackend $this->fixDI(); $query = $this->dbConn->getQueryBuilder(); - $query->select($query->createFunction('COUNT(Distinct uid)')) + $query->select($query->createFunction('COUNT(DISTINCT ' . $query->getColumnName('uid') . ')')) ->from('preferences', 'p') - ->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid') + ->innerJoin('p', 'group_user', 'g', $query->expr()->eq('p.userid', 'g.uid')) ->where($query->expr()->eq('appid', $query->createNamedParameter('core'))) ->andWhere($query->expr()->eq('configkey', $query->createNamedParameter('enabled'))) ->andWhere($query->expr()->eq('configvalue', $query->createNamedParameter('false'), IQueryBuilder::PARAM_STR)) diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php index 494a345be59..54d7d7f9612 100644 --- a/lib/private/User/Manager.php +++ b/lib/private/User/Manager.php @@ -475,9 +475,9 @@ class Manager extends PublicEmitter implements IUserManager { */ public function countDisabledUsersOfGroups(array $groups): int { $queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder(); - $queryBuilder->select($queryBuilder->createFunction('COUNT(Distinct uid)')) + $queryBuilder->select($queryBuilder->createFunction('COUNT(DISTINCT ' . $queryBuilder->getColumnName('uid') . ')')) ->from('preferences', 'p') - ->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid') + ->innerJoin('p', 'group_user', 'g', $queryBuilder->expr()->eq('p.userid', 'g.uid')) ->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('core'))) ->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('enabled'))) ->andWhere($queryBuilder->expr()->eq('configvalue', $queryBuilder->createNamedParameter('false'), IQueryBuilder::PARAM_STR)) |