Merge branch 'Bug-DBIOWrongParamCountWithCommentBeforeParam' into Feature-AclLoginClassUpdateTokenCheckWithUuidV4
This commit is contained in:
Clemens Schwaighofer
@@ -5135,6 +5135,39 @@ final class CoreLibsDBIOTest extends TestCase
|
|||||||
SQL,
|
SQL,
|
||||||
'count' => 6,
|
'count' => 6,
|
||||||
'convert' => false,
|
'convert' => false,
|
||||||
|
],
|
||||||
|
'comments in insert' => [
|
||||||
|
'query' => <<<SQL
|
||||||
|
INSERT INTO table_with_primary_key (
|
||||||
|
row_int, row_numeric, row_varchar, row_varchar_literal
|
||||||
|
) VALUES (
|
||||||
|
-- comment
|
||||||
|
$1, $2,
|
||||||
|
-- comment
|
||||||
|
$3
|
||||||
|
-- comment
|
||||||
|
, $4
|
||||||
|
)
|
||||||
|
SQL,
|
||||||
|
'count' => 4,
|
||||||
|
'convert' => false
|
||||||
|
],
|
||||||
|
// Note some are not set
|
||||||
|
'a complete set of possible' => [
|
||||||
|
'query' => <<<SQL
|
||||||
|
UPDATE table_with_primary_key SET
|
||||||
|
-- ROW
|
||||||
|
row_varchar = $1
|
||||||
|
WHERE
|
||||||
|
row_varchar = ANY($2) AND row_varchar <> $3
|
||||||
|
AND row_varchar > $4 AND row_varchar < $5
|
||||||
|
AND row_varchar >= $6 AND row_varchar <=$7
|
||||||
|
AND row_jsonb->'a' = $8 AND row_jsonb->>$9 = 'a'
|
||||||
|
AND row_jsonb<@$10 AND row_jsonb@>$11
|
||||||
|
AND row_varchar ^@ $12
|
||||||
|
SQL,
|
||||||
|
'count' => 12,
|
||||||
|
'convert' => false,
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1332,6 +1332,7 @@ class IO
|
|||||||
*/
|
*/
|
||||||
private function __dbCheckQueryParams(string $query, array $params): bool
|
private function __dbCheckQueryParams(string $query, array $params): bool
|
||||||
{
|
{
|
||||||
|
// $this->log->debug('DB QUERY PARAMS REGEX', ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS);
|
||||||
$placeholder_count = $this->__dbCountQueryParams($query);
|
$placeholder_count = $this->__dbCountQueryParams($query);
|
||||||
$params_count = count($params);
|
$params_count = count($params);
|
||||||
if ($params_count != $placeholder_count) {
|
if ($params_count != $placeholder_count) {
|
||||||
|
|||||||
@@ -14,8 +14,19 @@ namespace CoreLibs\DB\Support;
|
|||||||
|
|
||||||
class ConvertPlaceholder
|
class ConvertPlaceholder
|
||||||
{
|
{
|
||||||
/** @var string split regex */
|
// NOTE for missing: range */+ are not iplemented in the regex below, but - is for now
|
||||||
private const PATTERN_QUERY_SPLIT = '[(<>=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
|
// NOTE some combinations are allowed, but the query will fail before this
|
||||||
|
/** @var string split regex, entries before $ group */
|
||||||
|
private const PATTERN_QUERY_SPLIT =
|
||||||
|
',|' // for ',' mostly in INSERT
|
||||||
|
. '[(<>=]|' // general set for (, <, >, = in any query with any combination
|
||||||
|
. '(?:[\(,]\s*\-\-\s*\w*)\r?\n|' // a comment that starts after a ( or ,
|
||||||
|
. '\^@|' // text search for start from text with ^@
|
||||||
|
. '\|\||' // concats two elements
|
||||||
|
. '&&|' // array overlap
|
||||||
|
. '\-\|\-|' // range overlap
|
||||||
|
. '[^-]-{1}|' // single -, used in JSON too
|
||||||
|
. '->|->>|#>|#>>|@>|<@|@@|@\?|\?{1}|\?\||\?&|#-'; //JSON searches, Array searchs, etc
|
||||||
/** @var string the main regex including the pattern query split */
|
/** @var string the main regex including the pattern query split */
|
||||||
private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:\?\?|' . self::PATTERN_QUERY_SPLIT . ')\s*';
|
private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:\?\?|' . self::PATTERN_QUERY_SPLIT . ')\s*';
|
||||||
/** @var string parts to ignore in the SQL */
|
/** @var string parts to ignore in the SQL */
|
||||||
|
|||||||
Reference in New Issue
Block a user