[BUGFIX] Quote table and fieldnames in BackendUtility::BEenableFields 01/52401/2
authorMorton Jonuschat <m.jonuschat@mojocode.de>
Sat, 8 Apr 2017 22:24:12 +0000 (15:24 -0700)
committerBenni Mack <benni@typo3.org>
Thu, 13 Apr 2017 21:59:25 +0000 (23:59 +0200)
Use Doctrine API to quote table and field names in BEenableFields().

Resolves: #80768
Releases: master
Change-Id: Ia473b2c25b9745059263be5b2dc3eb6a30343e0b
Reviewed-on: https://review.typo3.org/52401
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
typo3/sysext/backend/Classes/Utility/BackendUtility.php
typo3/sysext/extbase/Tests/Unit/Persistence/Generic/Storage/Typo3DbQueryParserTest.php

index eaf10a9..237226e 100644 (file)
@@ -351,29 +351,52 @@ class BackendUtility
     public static function BEenableFields($table, $inv = false)
     {
         $ctrl = $GLOBALS['TCA'][$table]['ctrl'];
-        $query = [];
-        $invQuery = [];
+        $expressionBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
+            ->getConnectionForTable($table)
+            ->getExpressionBuilder();
+        $query = $expressionBuilder->andX();
+        $invQuery = $expressionBuilder->orX();
+
         if (is_array($ctrl)) {
             if (is_array($ctrl['enablecolumns'])) {
                 if ($ctrl['enablecolumns']['disabled']) {
                     $field = $table . '.' . $ctrl['enablecolumns']['disabled'];
-                    $query[] = $field . '=0';
-                    $invQuery[] = $field . '<>0';
+                    $query->add($expressionBuilder->eq($field, 0));
+                    $invQuery->add($expressionBuilder->neq($field, 0));
                 }
                 if ($ctrl['enablecolumns']['starttime']) {
                     $field = $table . '.' . $ctrl['enablecolumns']['starttime'];
-                    $query[] = '(' . $field . '<=' . $GLOBALS['SIM_ACCESS_TIME'] . ')';
-                    $invQuery[] = '(' . $field . '<>0 AND ' . $field . '>' . $GLOBALS['SIM_ACCESS_TIME'] . ')';
+                    $query->add($expressionBuilder->lte($field, (int)$GLOBALS['SIM_ACCESS_TIME']));
+                    $invQuery->add(
+                        $expressionBuilder->andX(
+                            $expressionBuilder->neq($field, 0),
+                            $expressionBuilder->gt($field, (int)$GLOBALS['SIM_ACCESS_TIME'])
+                        )
+                    );
                 }
                 if ($ctrl['enablecolumns']['endtime']) {
                     $field = $table . '.' . $ctrl['enablecolumns']['endtime'];
-                    $query[] = '(' . $field . '=0 OR ' . $field . '>' . $GLOBALS['SIM_ACCESS_TIME'] . ')';
-                    $invQuery[] = '(' . $field . '<>0 AND ' . $field . '<=' . $GLOBALS['SIM_ACCESS_TIME'] . ')';
+                    $query->add(
+                        $expressionBuilder->orX(
+                            $expressionBuilder->eq($field, 0),
+                            $expressionBuilder->gt($field, (int)$GLOBALS['SIM_ACCESS_TIME'])
+                        )
+                    );
+                    $invQuery->add(
+                        $expressionBuilder->andX(
+                            $expressionBuilder->neq($field, 0),
+                            $expressionBuilder->lte($field, (int)$GLOBALS['SIM_ACCESS_TIME'])
+                        )
+                    );
                 }
             }
         }
-        $outQ = $inv ? '(' . implode(' OR ', $invQuery) . ')' : implode(' AND ', $query);
-        return $outQ ? ' AND ' . $outQ : '';
+
+        if ($query->count() === 0) {
+            return '';
+        }
+
+        return ' AND ' . ($inv ? $invQuery : $query);
     }
 
     /**
index 960771d..6314c19 100644 (file)
@@ -610,8 +610,8 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
         return [
             'in be: include all' => ['BE', true, [], true, ''],
             'in be: ignore enable fields but do not include deleted' => ['BE', true, [], false, 'tx_foo_table.deleted_column = 0'],
-            'in be: respect enable fields but include deleted' => ['BE', false, [], true, 'tx_foo_table.disabled_column=0 AND (tx_foo_table.starttime_column<=123456789)'],
-            'in be: respect enable fields and do not include deleted' => ['BE', false, [], false, 'tx_foo_table.disabled_column=0 AND (tx_foo_table.starttime_column<=123456789) AND tx_foo_table.deleted_column = 0'],
+            'in be: respect enable fields but include deleted' => ['BE', false, [], true, '(tx_foo_table.disabled_column = 0) AND (tx_foo_table.starttime_column <= 123456789)'],
+            'in be: respect enable fields and do not include deleted' => ['BE', false, [], false, '(tx_foo_table.disabled_column = 0) AND (tx_foo_table.starttime_column <= 123456789) AND tx_foo_table.deleted_column = 0'],
             'in fe: include all' => ['FE', true, [], true, ''],
             'in fe: ignore enable fields but do not include deleted' => ['FE', true, [], false, 'tx_foo_table.deleted_column=0'],
             'in fe: ignore only starttime and do not include deleted' => ['FE', true, ['starttime'], false, '(tx_foo_table.deleted_column = 0) AND (tx_foo_table.disabled_column = 0)'],
@@ -639,6 +639,9 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
 
         $connectionProphet = $this->prophesize(Connection::class);
         $connectionProphet->quoteIdentifier(Argument::cetera())->willReturnArgument(0);
+        $connectionProphet->getExpressionBuilder()->willReturn(
+            GeneralUtility::makeInstance(ExpressionBuilder::class, $connectionProphet->reveal())
+        );
 
         $queryBuilderProphet = $this->prophesize(QueryBuilder::class);
         $queryBuilderProphet->expr()->willReturn(
@@ -647,8 +650,10 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
         $queryBuilderProphet->createNamedParameter(Argument::cetera())->willReturnArgument(0);
 
         $connectionPoolProphet = $this->prophesize(ConnectionPool::class);
+        $connectionPoolProphet->getConnectionForTable(Argument::any($tableName, 'pages'))->willReturn($connectionProphet->reveal());
         $connectionPoolProphet->getQueryBuilderForTable(Argument::any($tableName, 'pages'))->willReturn($queryBuilderProphet->reveal());
         GeneralUtility::addInstance(ConnectionPool::class, $connectionPoolProphet->reveal());
+        GeneralUtility::addInstance(ConnectionPool::class, $connectionPoolProphet->reveal());
 
         $mockQuerySettings = $this->getMockBuilder(\TYPO3\CMS\Extbase\Persistence\Generic\Typo3QuerySettings::class)
             ->setMethods(['getIgnoreEnableFields', 'getEnableFieldsToBeIgnored', 'getIncludeDeleted'])
@@ -675,7 +680,7 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
     {
         return [
             'in be: respectEnableFields=false' => ['BE', false, ''],
-            'in be: respectEnableFields=true' => ['BE', true, 'tx_foo_table.disabled_column=0 AND (tx_foo_table.starttime_column<=123456789) AND tx_foo_table.deleted_column = 0'],
+            'in be: respectEnableFields=true' => ['BE', true, '(tx_foo_table.disabled_column = 0) AND (tx_foo_table.starttime_column <= 123456789) AND tx_foo_table.deleted_column = 0'],
             'in FE: respectEnableFields=false' => ['FE', false, ''],
             'in FE: respectEnableFields=true' => ['FE', true, '(tx_foo_table.deleted_column = 0) AND (tx_foo_table.disabled_column = 0) AND (tx_foo_table.starttime_column <= 123456789)']
         ];
@@ -701,7 +706,9 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
 
         $connectionProphet = $this->prophesize(Connection::class);
         $connectionProphet->quoteIdentifier(Argument::cetera())->willReturnArgument(0);
-
+        $connectionProphet->getExpressionBuilder(Argument::cetera())->willReturn(
+            GeneralUtility::makeInstance(ExpressionBuilder::class, $connectionProphet->reveal())
+        );
         $queryBuilderProphet = $this->prophesize(QueryBuilder::class);
         $queryBuilderProphet->expr()->willReturn(
             GeneralUtility::makeInstance(ExpressionBuilder::class, $connectionProphet->reveal())
@@ -710,6 +717,8 @@ class Typo3DbQueryParserTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestC
 
         $connectionPoolProphet = $this->prophesize(ConnectionPool::class);
         $connectionPoolProphet->getQueryBuilderForTable(Argument::any($tableName, 'pages'))->willReturn($queryBuilderProphet->reveal());
+        $connectionPoolProphet->getConnectionForTable(Argument::any($tableName, 'pages'))->willReturn($connectionProphet->reveal());
+        GeneralUtility::addInstance(ConnectionPool::class, $connectionPoolProphet->reveal());
         GeneralUtility::addInstance(ConnectionPool::class, $connectionPoolProphet->reveal());
 
         /** @var \TYPO3\CMS\Extbase\Persistence\Generic\Typo3QuerySettings $mockQuerySettings */