Skip to content

Commit

Permalink
doctrine dbal: fix error detection in queries without args (#246)
Browse files Browse the repository at this point in the history 
Co-authored-by: Markus Staab <[email protected]>
  • Loading branch information
@staabm @clxmstaab
staabm and clxmstaab authored Feb 4, 2022
1 parent 767bad8 commit c4e6265
Show file tree
Hide file tree
Showing 8 changed files with 358 additions and 146 deletions.
169 changes: 168 additions & 1 deletion .phpstan-dba.cache
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

38 changes: 25 additions & 13 deletions src/Rules/SyntaxErrorInPreparedStatementMethodRule.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ private function checkErrors(CallLike $callLike, Scope $scope): array
{
$args = $callLike->getArgs();

if (\count($args) < 2) {
if (\count($args) < 1) {
return [];
}

Expand All @@ -102,29 +102,41 @@ private function checkErrors(CallLike $callLike, Scope $scope): array
}

$queryReflection = new QueryReflection();
$parameterTypes = $scope->getType($args[1]->value);
try {
$parameters = $queryReflection->resolveParameters($parameterTypes) ?? [];
} catch (UnresolvableQueryException $exception) {
return [
RuleErrorBuilder::message($exception->asRuleMessage())->tip(UnresolvableQueryException::RULE_TIP)->line($callLike->getLine())->build(),
];

$parameters = null;
if (\count($args) > 1) {
$parameterTypes = $scope->getType($args[1]->value);
try {
$parameters = $queryReflection->resolveParameters($parameterTypes) ?? [];
} catch (UnresolvableQueryException $exception) {
return [
RuleErrorBuilder::message($exception->asRuleMessage())->tip(UnresolvableQueryException::RULE_TIP)->line($callLike->getLine())->build(),
];
}
}

if (null === $parameters) {
$queryStrings = $queryReflection->resolveQueryStrings($queryExpr, $scope);
} else {
$queryStrings = $queryReflection->resolvePreparedQueryStrings($queryExpr, $parameterTypes, $scope);
}

$errors = [];
$placeholderValidation = new PlaceholderValidation();
try {
foreach ($queryReflection->resolvePreparedQueryStrings($queryExpr, $parameterTypes, $scope) as $queryString) {
foreach ($queryStrings as $queryString) {
$queryError = $queryReflection->validateQueryString($queryString);
if (null !== $queryError) {
$error = $queryError->asRuleMessage();
$errors[$error] = $error;
}
}

foreach ($placeholderValidation->checkQuery($queryExpr, $scope, $parameters) as $error) {
// make error messages unique
$errors[$error] = $error;
if (null !== $parameters) {
$placeholderValidation = new PlaceholderValidation();
foreach ($placeholderValidation->checkQuery($queryExpr, $scope, $parameters) as $error) {
// make error messages unique
$errors[$error] = $error;
}
}

$ruleErrors = [];
Expand Down
4 changes: 4 additions & 0 deletions tests/default/SyntaxErrorInPreparedStatementMethodRuleTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@ public function testSyntaxErrorInQueryRule(): void
'Query expects placeholder :name, but it is missing from values given.',
307,
],
[
"Query error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL/MariaDB server version for the right syntax to use near 'gesperrt freigabe1u1 FROM ada LIMIT 0' at line 1 (1064).",
319,
],
]);
}
}
Loading

0 comments on commit c4e6265

Please sign in to comment.