diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2016-03-15 12:14:17 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-03-15 12:14:17 +0100 |
| commit | e9eeb3607fe0ba15413c1c22b1120fc53aaed6dc (patch) | |
| tree | 1da9445e8bc8bb499cf7c7639629dbf612d9b5cd /apps | |
| parent | f8180579d03fcd10ab8f92f1ecb27899436c7653 (diff) | |
| parent | 6b4117df34232fbe9da49fca9a813bc8c5ec226d (diff) | |
| download | nextcloud-server-e9eeb3607fe0ba15413c1c22b1120fc53aaed6dc.tar.gz nextcloud-server-e9eeb3607fe0ba15413c1c22b1120fc53aaed6dc.zip | |
Merge pull request #23074 from owncloud/issue-22835-correctly-use-querybuilder-api
Correctly escape join statements and use selectAlias
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/dav/lib/caldav/caldavbackend.php | 4 | ||||
| -rw-r--r-- | apps/files_external/service/dbconfigservice.php | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/apps/dav/lib/caldav/caldavbackend.php b/apps/dav/lib/caldav/caldavbackend.php index fdfc8c399ed..bb50100d9a2 100644 --- a/apps/dav/lib/caldav/caldavbackend.php +++ b/apps/dav/lib/caldav/caldavbackend.php @@ -815,9 +815,9 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription function getCalendarObjectByUID($principalUri, $uid) { $query = $this->db->getQueryBuilder(); - $query->select([$query->createFunction('c.`uri` AS `calendaruri`'), $query->createFunction('co.`uri` AS `objecturi`')]) + $query->selectAlias('c.uri', 'calendaruri')->selectAlias('co.uri', 'objecturi') ->from('calendarobjects', 'co') - ->leftJoin('co', 'calendars', 'c', 'co.`calendarid` = c.`id`') + ->leftJoin('co', 'calendars', 'c', $query->expr()->eq('co.calendarid', 'c.id')) ->where($query->expr()->eq('c.principaluri', $query->createNamedParameter($principalUri))) ->andWhere($query->expr()->eq('co.uid', $query->createNamedParameter($uid))); diff --git a/apps/files_external/service/dbconfigservice.php b/apps/files_external/service/dbconfigservice.php index 5bbc3b23682..a37c541f045 100644 --- a/apps/files_external/service/dbconfigservice.php +++ b/apps/files_external/service/dbconfigservice.php @@ -92,7 +92,7 @@ class DBConfigService { protected function getForQuery(IQueryBuilder $builder, $type, $value) { $query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type']) ->from('external_mounts', 'm') - ->innerJoin('m', 'external_applicable', 'a', 'm.mount_id = a.mount_id') + ->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id')) ->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT))); if (is_null($value)) { @@ -148,7 +148,7 @@ class DBConfigService { $query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type']) ->from('external_mounts', 'm') - ->innerJoin('m', 'external_applicable', 'a', 'm.mount_id = a.mount_id') + ->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id')) ->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT))) ->andWhere($builder->expr()->in('a.value', $params)); $query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT))); |