Merge pull request #24631 from nextcloud/bugfix/noid/prevent-select-asterix-and-specifics

Prevent * and other things in the same query for Oracle

1 files changed, 21 insertions, 0 deletions

diff --git a/lib/private/DB/QueryBuilder/QueryBuilder.php b/lib/private/DB/QueryBuilder/QueryBuilder.php
index ebd715df1c1..a5ea08127c7 100644
--- a/lib/private/DB/QueryBuilder/QueryBuilder.php
+++ b/lib/private/DB/QueryBuilder/QueryBuilder.php
@@ -31,6 +31,7 @@ namespace OC\DB\QueryBuilder;
 use Doctrine\DBAL\Platforms\MySqlPlatform;
 use Doctrine\DBAL\Platforms\PostgreSqlPlatform;
 use Doctrine\DBAL\Platforms\SqlitePlatform;
+use Doctrine\DBAL\Query\QueryException;
 use OC\DB\OracleConnection;
 use OC\DB\QueryBuilder\ExpressionBuilder\ExpressionBuilder;
 use OC\DB\QueryBuilder\ExpressionBuilder\MySqlExpressionBuilder;
@@ -223,6 +224,26 @@ class QueryBuilder implements IQueryBuilder {
 			}
 		}
 
+		if (!empty($this->getQueryPart('select'))) {
+			$select = $this->getQueryPart('select');
+			$hasSelectAll = array_filter($select, static function ($s) {
+				return $s === '*';
+			});
+			$hasSelectSpecific = array_filter($select, static function ($s) {
+				return $s !== '*';
+			});
+
+			if (empty($hasSelectAll) === empty($hasSelectSpecific)) {
+				$exception = new QueryException('Query is selecting * and specific values in the same query. This is not supported in Oracle.');
+				$this->logger->logException($exception, [
+					'message' => 'Query is selecting * and specific values in the same query. This is not supported in Oracle.',
+					'query' => $this->getSQL(),
+					'level' => ILogger::ERROR,
+					'app' => 'core',
+				]);
+			}
+		}
+
 		return $this->queryBuilder->execute();
 	}