Improve query type detection

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2020-11-05 17:08:35 +0100
committer: Joas Schilling <coding@schilljs.com> 2020-11-06 08:38:56 +0100
commit: 3d2f71cfa9a38a0db8be7dc6111e61b67b17695e (patch)
tree: 9f9d2cefcc600bd9e6064854e81b335dddeac1bf /lib/private/legacy/OC_DB.php
parent: 404785dd2bbddc644fd2064f83160904f770fc0d (diff)
download: nextcloud-server-3d2f71cfa9a38a0db8be7dc6111e61b67b17695e.tar.gz
nextcloud-server-3d2f71cfa9a38a0db8be7dc6111e61b67b17695e.zip
1 files changed, 9 insertions, 6 deletions
diff --git a/lib/private/legacy/OC_DB.php b/lib/private/legacy/OC_DB.php
index 50dab74abb9..4f2c78ed5b4 100644
--- a/lib/private/legacy/OC_DB.php
+++ b/lib/private/legacy/OC_DB.php
@@ -73,8 +73,7 @@ class OC_DB {
 			throw new \OC\DatabaseException($e->getMessage());
 		}
 		// differentiate between query and manipulation
-		$result = new OC_DB_StatementWrapper($result, $isManipulation);
-		return $result;
+		return new OC_DB_StatementWrapper($result, $isManipulation);
 	}
 
 	/**
@@ -85,22 +84,26 @@ class OC_DB {
 	 * @return bool
 	 */
 	public static function isManipulation($sql) {
+		$sql = trim($sql);
 		$selectOccurrence = stripos($sql, 'SELECT');
-		if ($selectOccurrence !== false && $selectOccurrence < 10) {
+		if ($selectOccurrence === 0) {
 			return false;
 		}
 		$insertOccurrence = stripos($sql, 'INSERT');
-		if ($insertOccurrence !== false && $insertOccurrence < 10) {
+		if ($insertOccurrence === 0) {
 			return true;
 		}
 		$updateOccurrence = stripos($sql, 'UPDATE');
-		if ($updateOccurrence !== false && $updateOccurrence < 10) {
+		if ($updateOccurrence === 0) {
 			return true;
 		}
 		$deleteOccurrence = stripos($sql, 'DELETE');
-		if ($deleteOccurrence !== false && $deleteOccurrence < 10) {
+		if ($deleteOccurrence === 0) {
 			return true;
 		}
+
+		\OC::$server->getLogger()->logException(new \Exception('Can not detect if query is manipulating: ' . $sql));
+
 		return false;
 	}
author	Joas Schilling <coding@schilljs.com>	2020-11-05 17:08:35 +0100
committer	Joas Schilling <coding@schilljs.com>	2020-11-06 08:38:56 +0100
commit	3d2f71cfa9a38a0db8be7dc6111e61b67b17695e (patch)
tree	9f9d2cefcc600bd9e6064854e81b335dddeac1bf /lib/private/legacy/OC_DB.php
parent	404785dd2bbddc644fd2064f83160904f770fc0d (diff)
download	nextcloud-server-3d2f71cfa9a38a0db8be7dc6111e61b67b17695e.tar.gz nextcloud-server-3d2f71cfa9a38a0db8be7dc6111e61b67b17695e.zip