fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-08 11:33:55 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #1422 incorrect quoting of expressions in XML queries

Browse source
This commit is contained in:
Kijin Sung 2020-10-21 23:20:35 +09:00
parent 57b356f5fa
commit 28b3c2ef34
4 changed files with 35 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
common/framework/parsers/dbquery/query.php
View file

@ -581,11 +581,13 @@ class Query extends VariableBase
*/ */
public static function quoteName(string $column_name): string public static function quoteName(string $column_name): string
{ {
$columns = explode('.', $column_name); return preg_replace_callback('/[a-z][a-z0-9_.*]*(?!\\()\b/i', function($m) {
$columns = array_map(function($str) { $columns = explode('.', $m[0]);
return $str === '*' ? $str : ('`' . $str . '`'); $columns = array_map(function($str) {
}, $columns); return $str === '*' ? $str : ('`' . $str . '`');
return implode('.', $columns); }, $columns);
return implode('.', $columns);
}, $column_name);
} }
/** /**

2
tests/_data/dbquery/selectTest.xml → tests/_data/dbquery/selectTest1.xml
View file

@ -1,4 +1,4 @@
<query id="selectTest" action="select"> <query id="selectTest1" action="select">
<tables> <tables>
<table name="documents" /> <table name="documents" />
</tables> </tables>

12
tests/_data/dbquery/selectTest2.xml Normal file
View file

@ -0,0 +1,12 @@
<query id="selectTest2" action="select">
<tables>
<table name="documents" />
</tables>
<columns>
<column name="readed_count + trackback_count" alias="count" />
</columns>
<conditions>
<condition operation="more" column="voted_count + blamed_count" var="voted_count" notnull="notnull" />
<condition operation="equal" column="LEFT(regdate, 8)" var="date" notnull="notnull" />
</conditions>
</query>

18
tests/unit/framework/parsers/DBQueryParserTest.php
View file

@ -4,9 +4,9 @@ class DBQueryParserTest extends \Codeception\TestCase\Test
{ {
public function testLoadXML() public function testLoadXML()
{ {
$query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectTest.xml'); $query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectTest1.xml');
$this->assertTrue($query instanceof Rhymix\Framework\Parsers\DBQuery\Query); $this->assertTrue($query instanceof Rhymix\Framework\Parsers\DBQuery\Query);
$this->assertEquals('selectTest', $query->name); $this->assertEquals('selectTest1', $query->name);
$this->assertEquals('SELECT', $query->type); $this->assertEquals('SELECT', $query->type);
$this->assertTrue($query->select_distinct); $this->assertTrue($query->select_distinct);
@ -47,7 +47,7 @@ class DBQueryParserTest extends \Codeception\TestCase\Test
public function testSimpleSelect() public function testSimpleSelect()
{ {
$query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectTest.xml'); $query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectTest1.xml');
$args = array('member_srl' => 1234, 'regdate_more' => '20200707120000', 'page' => 3); $args = array('member_srl' => 1234, 'regdate_more' => '20200707120000', 'page' => 3);
$sql = $query->getQueryString('rx_', $args); $sql = $query->getQueryString('rx_', $args);
$params = $query->getQueryParams(); $params = $query->getQueryParams();
@ -58,6 +58,18 @@ class DBQueryParserTest extends \Codeception\TestCase\Test
$this->assertEquals(['1234', '20200707120000', 'PUBLIC'], $params); $this->assertEquals(['1234', '20200707120000', 'PUBLIC'], $params);
} }
public function testSelectWithExpressions()
{
$query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectTest2.xml');
$args = array('voted_count' => 20, 'date' => '20201021');
$sql = $query->getQueryString('rx_', $args);
$params = $query->getQueryParams();
$this->assertEquals('SELECT readed_count + trackback_count AS `count` ' .
'FROM `rx_documents` AS `documents` WHERE `voted_count` + `blamed_count` >= ? AND LEFT(`regdate`, 8) = ?', $sql);
$this->assertEquals([20, '20201021'], $params);
}
public function testJoin1() public function testJoin1()
{ {
$query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectJoinTest1.xml'); $query = Rhymix\Framework\Parsers\DBQueryParser::loadXML(\RX_BASEDIR . 'tests/_data/dbquery/selectJoinTest1.xml');