From b7d0f281cf1e94fa2c668eba55fc43534a3264ed Mon Sep 17 00:00:00 2001
From: Markus Staab <maggus.staab@googlemail.com>
Date: Sun, 26 Feb 2023 13:14:46 +0100
Subject: [PATCH] error on from table-name create from function-call (#459)

---
 .../rules/data/syntax-error-in-prepared-statement.php | 10 ++++++++++
 tests/rules/data/syntax-error-in-query-function.php   | 11 +++++++++++
 tests/rules/data/syntax-error-in-query-method.php     | 11 +++++++++++
 3 files changed, 32 insertions(+)

diff --git a/tests/rules/data/syntax-error-in-prepared-statement.php b/tests/rules/data/syntax-error-in-prepared-statement.php
index 6a5d9b84b..ab38d639f 100644
--- a/tests/rules/data/syntax-error-in-prepared-statement.php
+++ b/tests/rules/data/syntax-error-in-prepared-statement.php
@@ -351,4 +351,14 @@ public function testInvalidDeleteUpdateInsert(Connection $conn)
         ]);
     }
 
+    /**
+     * @return string|false
+     */
+    private function returnsUnion() {}
+
+    public function bug458(Connection $conn)
+    {
+        $table = $this->returnsUnion();
+        $conn->executeQuery('SELECT * FROM ' . $table . ' LIMIT 1');
+    }
 }
diff --git a/tests/rules/data/syntax-error-in-query-function.php b/tests/rules/data/syntax-error-in-query-function.php
index 53e69a837..805c9a765 100644
--- a/tests/rules/data/syntax-error-in-query-function.php
+++ b/tests/rules/data/syntax-error-in-query-function.php
@@ -43,4 +43,15 @@ public function bug442(\mysqli $mysqli, string $table)
     {
         mysqli_query($mysqli, "SELECT * FROM `$table`");
     }
+
+    /**
+     * @return string|false
+     */
+    private function returnsUnion() {}
+
+    public function bug458(\mysqli $mysqli)
+    {
+        $table = $this->returnsUnion();
+        mysqli_query($mysqli,'SELECT * FROM ' . $table . ' LIMIT 1');
+    }
 }
diff --git a/tests/rules/data/syntax-error-in-query-method.php b/tests/rules/data/syntax-error-in-query-method.php
index 2af4a99f8..89a5a27f5 100644
--- a/tests/rules/data/syntax-error-in-query-method.php
+++ b/tests/rules/data/syntax-error-in-query-method.php
@@ -138,4 +138,15 @@ public function testInvalidDeleteUpdateInsert(PDO $pdo)
         $pdo->query('REPLACE into adasfd SET email="sdf"');
     }
 
+    /**
+     * @return string|false
+     */
+    private function returnsUnion() {}
+
+    public function bug458(PDO $pdo)
+    {
+        $table = $this->returnsUnion();
+        $pdo->query('SELECT * FROM ' . $table . ' LIMIT 1');
+    }
+
 }