Commit d478cbe9 authored by Manuel Selbach's avatar Manuel Selbach Committed by Christian Kuhn
Browse files

[TASK] Refactor use of queryBuilder to use prepared statements

To remove the susceptiblity to errors of SQL injections within the core
the principle of prepared statements should be followed for all queries.
Even variables which will be casted to e.g. an integer should use
setParameter(), setParameters() or createNamedParameter().

Change-Id: I7d6d256a199ba05f75791eb01f38b3b89b421989
Resolves: #78437
Releases: master
Reviewed-on: https://review.typo3.org/50090

Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
parent 9e3cca87
......@@ -70,10 +70,22 @@ class DefaultAvatarProvider implements AvatarProviderInterface
->select('uid_local')
->from('sys_file_reference')
->where(
$queryBuilder->expr()->eq('tablenames', $queryBuilder->createNamedParameter('be_users')),
$queryBuilder->expr()->eq('fieldname', $queryBuilder->createNamedParameter('avatar')),
$queryBuilder->expr()->eq('table_local', $queryBuilder->createNamedParameter('sys_file')),
$queryBuilder->expr()->eq('uid_foreign', (int)$beUserId)
$queryBuilder->expr()->eq(
'tablenames',
$queryBuilder->createNamedParameter('be_users', \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'fieldname',
$queryBuilder->createNamedParameter('avatar', \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'table_local',
$queryBuilder->createNamedParameter('sys_file', \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'uid_foreign',
$queryBuilder->createNamedParameter($beUserId, \PDO::PARAM_INT)
)
)
->execute()
->fetchColumn();
......
......@@ -19,6 +19,7 @@ use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Module\ModuleLoader;
use TYPO3\CMS\Backend\Toolbar\ToolbarItemInterface;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Database\Connection;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\QueryHelper;
use TYPO3\CMS\Core\Imaging\Icon;
......@@ -254,12 +255,24 @@ class ShortcutToolbarItem implements ToolbarItemInterface
->from('sys_be_shortcuts')
->where(
$queryBuilder->expr()->andX(
$queryBuilder->expr()->eq('userid', (int)$backendUser->user['uid']),
$queryBuilder->expr()->gte('sc_group', 0)
$queryBuilder->expr()->eq(
'userid',
$queryBuilder->createNamedParameter($backendUser->user['uid'], \PDO::PARAM_INT)
),
$queryBuilder->expr()->gte(
'sc_group',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
)
)
)
->orWhere(
$queryBuilder->expr()->in('sc_group', array_keys($this->getGlobalShortcutGroups()))
$queryBuilder->expr()->in(
'sc_group',
$queryBuilder->createNamedParameter(
array_keys($this->getGlobalShortcutGroups()),
Connection::PARAM_INT_ARRAY
)
)
)
->orderBy('sc_group')
->addOrderBy('sorting')
......@@ -536,7 +549,12 @@ class ShortcutToolbarItem implements ToolbarItemInterface
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable('sys_be_shortcuts');
$affectedRows = $queryBuilder->delete('sys_be_shortcuts')
->where($queryBuilder->expr()->eq('uid', $shortcutId))
->where(
$queryBuilder->expr()->eq(
'uid',
$queryBuilder->createNamedParameter($shortcutId, \PDO::PARAM_INT)
)
)
->execute();
if ($affectedRows === 1) {
$success = true;
......@@ -712,9 +730,9 @@ class ShortcutToolbarItem implements ToolbarItemInterface
->where(
$queryBuilder->expr()->eq(
'userid',
$queryBuilder->createNamedParameter($this->getBackendUser()->user['uid'])
$queryBuilder->createNamedParameter($this->getBackendUser()->user['uid'], \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq('url', $queryBuilder->createNamedParameter($url))
$queryBuilder->expr()->eq('url', $queryBuilder->createNamedParameter($url, \PDO::PARAM_STR))
)
->execute()
->fetchColumn();
......@@ -743,13 +761,23 @@ class ShortcutToolbarItem implements ToolbarItemInterface
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable('sys_be_shortcuts');
$queryBuilder->update('sys_be_shortcuts')
->where($queryBuilder->expr()->eq('uid', $shortcutId))
->where(
$queryBuilder->expr()->eq(
'uid',
$queryBuilder->createNamedParameter($shortcutId, \PDO::PARAM_INT)
)
)
->set('description', $shortcutName)
->set('sc_group', $shortcutGroupId);
if (!$backendUser->isAdmin()) {
// Users can only modify their own shortcuts
$queryBuilder->andWhere($queryBuilder->expr()->eq('userid', (int)$backendUser->user['uid']));
$queryBuilder->andWhere(
$queryBuilder->expr()->eq(
'userid',
$queryBuilder->createNamedParameter($backendUser->user['uid'], \PDO::PARAM_INT)
)
);
if ($shortcutGroupId < 0) {
$queryBuilder->set('sc_group', 0);
......@@ -848,7 +876,12 @@ class ShortcutToolbarItem implements ToolbarItemInterface
->getQueryBuilderForTable($table);
$queryBuilder->select(...array_unique(array_values($selectFields)))
->from($table)
->where($queryBuilder->expr()->in('uid', $recordid));
->where(
$queryBuilder->expr()->in(
'uid',
$queryBuilder->createNamedParameter($recordid, \PDO::PARAM_INT)
)
);
if ($table === 'pages' && $this->perms_clause) {
$queryBuilder->andWhere(QueryHelper::stripLogicalOperatorPrefix($this->perms_clause));
......
......@@ -506,12 +506,24 @@ class Clipboard
->select('*')
->from($table)
->where(
$queryBuilder->expr()->eq($tcaCtrl['transOrigPointerField'], (int)$parentRec['uid']),
$queryBuilder->expr()->neq($tcaCtrl['languageField'], 0)
$queryBuilder->expr()->eq(
$tcaCtrl['transOrigPointerField'],
$queryBuilder->createNamedParameter($parentRec['uid'], \PDO::PARAM_INT)
),
$queryBuilder->expr()->neq(
$tcaCtrl['languageField'],
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
)
);
if (isset($tcaCtrl['versioningWS']) && $tcaCtrl['versioningWS']) {
$queryBuilder->andWhere($queryBuilder->expr()->eq('t3ver_wsid', (int)$parentRec['t3ver_wsid']));
$queryBuilder
->andWhere(
$queryBuilder->expr()->eq(
't3ver_wsid',
$queryBuilder->createNamedParameter($parentRec['t3ver_wsid'], \PDO::PARAM_INT)
)
);
}
$rows = $queryBuilder->execute()->fetchAll();
if (is_array($rows)) {
......
......@@ -133,13 +133,33 @@ class TranslationConfigurationProvider
->select(...GeneralUtility::trimExplode(',', $selFieldList))
->from($translationTable)
->where(
$queryBuilder->expr()->eq($GLOBALS['TCA'][$translationTable]['ctrl']['transOrigPointerField'], (int)$uid),
$queryBuilder->expr()->eq('pid', (int)($table === 'pages' ? $row['uid'] : $row['pid']))
$queryBuilder->expr()->eq(
$GLOBALS['TCA'][$translationTable]['ctrl']['transOrigPointerField'],
$queryBuilder->createNamedParameter($uid, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'pid',
$queryBuilder->createNamedParameter(
($table === 'pages' ? $row['uid'] : $row['pid']),
\PDO::PARAM_INT
)
)
);
if (!$languageUid) {
$queryBuilder->andWhere($queryBuilder->expr()->gt($GLOBALS['TCA'][$translationTable]['ctrl']['languageField'], 0));
$queryBuilder->andWhere(
$queryBuilder->expr()->gt(
$GLOBALS['TCA'][$translationTable]['ctrl']['languageField'],
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
)
);
} else {
$queryBuilder->andWhere($queryBuilder->expr()->eq($GLOBALS['TCA'][$translationTable]['ctrl']['languageField'], (int)$languageUid));
$queryBuilder
->andWhere(
$queryBuilder->expr()->eq(
$GLOBALS['TCA'][$translationTable]['ctrl']['languageField'],
$queryBuilder->createNamedParameter($languageUid, \PDO::PARAM_INT)
)
);
}
$translationRecords = $queryBuilder
->execute()
......
......@@ -652,9 +652,18 @@ class ElementInformationController
->select('*')
->from('sys_refindex')
->where(
$queryBuilder->expr()->eq('ref_table', $queryBuilder->createNamedParameter($selectTable)),
$queryBuilder->expr()->eq('ref_uid', (int)$selectUid),
$queryBuilder->expr()->eq('deleted', 0)
$queryBuilder->expr()->eq(
'ref_table',
$queryBuilder->createNamedParameter($selectTable, \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'ref_uid',
$queryBuilder->createNamedParameter($selectUid, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'deleted',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
)
)
->execute()
->fetchAll();
......@@ -770,8 +779,14 @@ class ElementInformationController
->select('*')
->from('sys_refindex')
->where(
$queryBuilder->expr()->eq('tablename', $queryBuilder->createNamedParameter($table)),
$queryBuilder->expr()->eq('recuid', (int)$ref)
$queryBuilder->expr()->eq(
'tablename',
$queryBuilder->createNamedParameter($table, \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'recuid',
$queryBuilder->createNamedParameter($ref, \PDO::PARAM_INT)
)
)
->execute()
->fetchAll();
......@@ -874,7 +889,12 @@ class ElementInformationController
$fileReference = $queryBuilder
->select('*')
->from('sys_file_reference')
->where($queryBuilder->expr()->eq('uid', (int)$referenceRecord['recuid']))
->where(
$queryBuilder->expr()->eq(
'uid',
$queryBuilder->createNamedParameter($referenceRecord['recuid'], \PDO::PARAM_INT)
)
)
->execute()
->fetch();
......
......@@ -1345,9 +1345,12 @@ class EditDocumentController extends AbstractModule
->where(
$queryBuilder->expr()->eq(
'tablename',
$queryBuilder->createNamedParameter($this->firstEl['table'])
$queryBuilder->createNamedParameter($this->firstEl['table'], \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq('recuid', (int)$this->firstEl['uid'])
$queryBuilder->expr()->eq(
'recuid',
$queryBuilder->createNamedParameter($this->firstEl['uid'], \PDO::PARAM_INT)
)
)
->orderBy('tstamp', 'DESC')
->setMaxResults(1)
......@@ -1580,9 +1583,18 @@ class EditDocumentController extends AbstractModule
$result = $queryBuilder->select(...GeneralUtility::trimExplode(',', $fetchFields, true))
->from($table)
->where(
$queryBuilder->expr()->eq('pid', (int)$pid),
$queryBuilder->expr()->gt($languageField, 0),
$queryBuilder->expr()->eq($transOrigPointerField, (int)$rowsByLang[0]['uid'])
$queryBuilder->expr()->eq(
'pid',
$queryBuilder->createNamedParameter($pid, \PDO::PARAM_INT)
),
$queryBuilder->expr()->gt(
$languageField,
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
$transOrigPointerField,
$queryBuilder->createNamedParameter($rowsByLang[0]['uid'], \PDO::PARAM_INT)
)
)
->execute();
......@@ -1652,8 +1664,14 @@ class EditDocumentController extends AbstractModule
$localizedRecord = $queryBuilder->select('uid')
->from($table)
->where(
$queryBuilder->expr()->eq($GLOBALS['TCA'][$table]['ctrl']['languageField'], (int)$language),
$queryBuilder->expr()->eq($GLOBALS['TCA'][$table]['ctrl']['transOrigPointerField'], (int)$origUid)
$queryBuilder->expr()->eq(
$GLOBALS['TCA'][$table]['ctrl']['languageField'],
$queryBuilder->createNamedParameter($language, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
$GLOBALS['TCA'][$table]['ctrl']['transOrigPointerField'],
$queryBuilder->createNamedParameter($origUid, \PDO::PARAM_INT)
)
)
->execute()
->fetch();
......@@ -1721,11 +1739,8 @@ class EditDocumentController extends AbstractModule
// Add join with pages_languages_overlay table to only show active languages
$queryBuilder->from('pages_language_overlay', 'o')
->where(
$queryBuilder->expr()->eq(
'o.sys_language_uid',
$queryBuilder->quoteIdentifier('s.uid')
),
$queryBuilder->expr()->eq('o.pid', (int)$id)
$queryBuilder->expr()->eq('o.sys_language_uid', $queryBuilder->quoteIdentifier('s.uid')),
$queryBuilder->expr()->eq('o.pid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT))
);
}
......
......@@ -28,6 +28,7 @@ use TYPO3\CMS\Backend\Tree\View\ContentLayoutPagePositionMap;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\View\BackendLayoutView;
use TYPO3\CMS\Backend\View\PageLayoutView;
use TYPO3\CMS\Core\Database\Connection;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\QueryBuilder;
use TYPO3\CMS\Core\Database\Query\Restriction\BackendWorkspaceRestriction;
......@@ -411,14 +412,32 @@ class PageLayoutController
'sys_language',
'pages_language_overlay',
'pages_language_overlay',
$queryBuilder->expr()->eq('sys_language.uid', $queryBuilder->quoteIdentifier('pages_language_overlay.sys_language_uid'))
$queryBuilder->expr()->eq(
'sys_language.uid',
$queryBuilder->quoteIdentifier('pages_language_overlay.sys_language_uid')
)
)
->where(
$queryBuilder->expr()->eq('pages_language_overlay.deleted', 0),
$queryBuilder->expr()->eq('pages_language_overlay.pid', (int)$this->id),
$queryBuilder->expr()->eq(
'pages_language_overlay.deleted',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'pages_language_overlay.pid',
$queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)
),
$queryBuilder->expr()->orX(
$queryBuilder->expr()->gte('pages_language_overlay.t3ver_state', (int)(new VersionState(VersionState::DEFAULT_STATE))),
$queryBuilder->expr()->eq('pages_language_overlay.t3ver_wsid', (int)$this->getBackendUser()->workspace)
$queryBuilder->expr()->gte(
'pages_language_overlay.t3ver_state',
$queryBuilder->createNamedParameter(
(string)new VersionState(VersionState::DEFAULT_STATE),
\PDO::PARAM_INT
)
),
$queryBuilder->expr()->eq(
'pages_language_overlay.t3ver_wsid',
$queryBuilder->createNamedParameter($this->getBackendUser()->workspace, \PDO::PARAM_INT)
)
)
)
->groupBy('pages_language_overlay.sys_language_uid', 'sys_language.uid', 'sys_language.pid',
......@@ -426,7 +445,12 @@ class PageLayoutController
'sys_language.language_isocode', 'sys_language.static_lang_isocode', 'sys_language.flag')
->orderBy('sys_language.sorting');
if (!$this->getBackendUser()->isAdmin()) {
$queryBuilder->andWhere($queryBuilder->expr()->eq('sys_language.hidden', 0));
$queryBuilder->andWhere(
$queryBuilder->expr()->eq(
'sys_language.hidden',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
)
);
}
$statement = $queryBuilder->execute();
} else {
......@@ -663,8 +687,11 @@ class PageLayoutController
->select('title')
->from('pages_language_overlay')
->where(
$queryBuilder->expr()->eq('pid', (int)$this->id),
$queryBuilder->expr()->eq('sys_language_uid', (int)$this->current_sys_language)
$queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)),
$queryBuilder->expr()->eq(
'sys_language_uid',
$queryBuilder->createNamedParameter($this->current_sys_language, \PDO::PARAM_INT)
)
)
->setMaxResults(1)
->execute()
......@@ -824,12 +851,27 @@ class PageLayoutController
->from('tt_content')
->orderBy('sorting')
->where(
$queryBuilder->expr()->eq('pid', (int)$this->id),
$queryBuilder->expr()->eq('colPos', (int)substr($edit_record, 10)),
$queryBuilder->expr()->eq('sys_language_uid', (int)$this->current_sys_language),
$queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)),
$queryBuilder->expr()->eq(
'colPos',
$queryBuilder->createNamedParameter(substr($edit_record, 10), \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'sys_language_uid',
$queryBuilder->createNamedParameter($this->current_sys_language, \PDO::PARAM_INT)
),
$queryBuilder->expr()->orX(
$queryBuilder->expr()->gte('t3ver_state', (int)(new VersionState(VersionState::DEFAULT_STATE))),
$queryBuilder->expr()->eq('t3ver_wsid', (int)$beUser->workspace)
$queryBuilder->expr()->gte(
't3ver_state',
$queryBuilder->createNamedParameter(
(string)new VersionState(VersionState::DEFAULT_STATE),
\PDO::PARAM_INT
)
),
$queryBuilder->expr()->eq(
't3ver_wsid',
$queryBuilder->createNamedParameter($beUser->workspace, \PDO::PARAM_INT)
)
)
)
->execute();
......@@ -850,8 +892,14 @@ class PageLayoutController
$sys_log_row = $queryBuilder->select('tablename', 'recuid')
->from('sys_log')
->where(
$queryBuilder->expr()->eq('userid', (int)$beUser->user['uid']),
$queryBuilder->expr()->eq('NEWid', $queryBuilder->createNamedParameter($this->new_unique_uid))
$queryBuilder->expr()->eq(
'userid',
$queryBuilder->createNamedParameter($beUser->user['uid'], \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'NEWid',
$queryBuilder->createNamedParameter($this->new_unique_uid, \PDO::PARAM_INT)
)
)
->execute()
->fetch();
......@@ -872,8 +920,14 @@ class PageLayoutController
$this->undoButtonR = $queryBuilder->select('tstamp')
->from('sys_history')
->where(
$queryBuilder->expr()->eq('tablename', $queryBuilder->createNamedParameter($tableName)),
$queryBuilder->expr()->eq('recuid', (int)$this->eRParts[1])
$queryBuilder->expr()->eq(
'tablename',
$queryBuilder->createNamedParameter($tableName, \PDO::PARAM_STR)
),
$queryBuilder->expr()->eq(
'recuid',
$queryBuilder->createNamedParameter($this->eRParts[1], \PDO::PARAM_INT)
)
)
->orderBy('tstamp', 'DESC')
->setMaxResults(1)
......@@ -1263,8 +1317,14 @@ class PageLayoutController
->select('uid')
->from('pages_language_overlay')
->where(
$queryBuilder->expr()->eq('pid', (int)$this->id),
$queryBuilder->expr()->eq('sys_language_uid', (int)$this->current_sys_language)
$queryBuilder->expr()->eq(
'pid',
$queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'sys_language_uid',
$queryBuilder->createNamedParameter($this->current_sys_language, \PDO::PARAM_INT)
)
)
->setMaxResults(1)
->execute()
......@@ -1421,25 +1481,46 @@ class PageLayoutController
->count('uid')
->from('tt_content')
->where(
$queryBuilder->expr()->eq('pid', (int)$this->id),
$queryBuilder->expr()->eq('sys_language_uid', (int)$this->current_sys_language)
$queryBuilder->expr()->eq(
'pid',
$queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)
),
$queryBuilder->expr()->eq(
'sys_language_uid',
$queryBuilder->createNamedParameter($this->current_sys_language, \PDO::PARAM_INT)
)
);
if (!empty($GLOBALS['TCA']['tt_content']['ctrl']['enablecolumns']['disabled'])) {
$andWhere[] = $queryBuilder->expr()->neq('hidden', 0);
$andWhere[] = $queryBuilder->expr()->neq(
'hidden',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
);
}
if (!empty($GLOBALS['TCA']['tt_content']['ctrl']['enablecolumns']['starttime'])) {
$andWhere[] = $queryBuilder->expr()->andX(
$queryBuilder->expr()->neq('starttime', 0),
$queryBuilder->expr()->gt('starttime', (int)$GLOBALS['SIM_ACCESS_TIME'])
$queryBuilder->expr()->neq(
'starttime',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
),
$queryBuilder->expr()->gt(
'starttime',
$queryBuilder->createNamedParameter($GLOBALS['SIM_ACCESS_TIME'], \PDO::PARAM_INT)
)
);
}
if (!empty($GLOBALS['TCA']['tt_content']['ctrl']['enablecolumns']['endtime'])) {
$andWhere[] = $queryBuilder->expr()->andX(
$queryBuilder->expr()->neq('endtime', 0),
$queryBuilder->expr()->lte('endtime', (int)$GLOBALS['SIM_ACCESS_TIME'])
$queryBuilder->expr()->neq(
'endtime',
$queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)
),
$queryBuilder->expr()->lte(
'endtime',
$queryBuilder->createNamedParameter($GLOBALS['SIM_ACCESS_TIME'], \PDO::PARAM_INT)
)
);
}
......@@ -1578,18 +1659,44 @@ class PageLayoutController
$queryBuilder->select('*')
->from('tt_content')
->where(
$queryBuilder->expr()->eq('pid', (int)$this->id),
$queryBuilder->expr()->eq('sys_language_uid', (int)$this->current_sys_language),
$queryBuilder->expr()->in('colPos', GeneralUtility::intExplode(',', $this->colPosList)),
$queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($this->id, \PDO::PARAM_INT)),
$queryBuilder->expr()->eq(
'sys_language_uid',
$queryBuilder->createNamedParameter($this->current_sys_language, \PDO::PARAM_INT)
),
$queryBuilder->expr()->in(
'colPos',
$queryBuilder->createNamedParameter(
GeneralUtility::intExplode(',', $this->colPosList, true),
Connection::PARAM_INT_ARRAY
)
),
$queryBuilder->expr()->orX(
$queryBuilder->expr()->gte('t3ver_state', (int)(new VersionState(VersionState::DEFAULT_STATE))),
$queryBuilder->expr()->eq('t3ver_wsid', (int)$beUser->workspace)
$queryBuilder->expr()->gte(
't3ver_state',
$queryBuilder->createNamedParameter(
(string)new VersionState(VersionState::DEFAULT_STATE),
\PDO::PARAM_INT
)
),
$queryBuilder->expr()->eq(
't3ver_wsid',