Merge pull request #11929 from nextcloud/backport/11870/proper-column…

…-name-escaping

[stable14] Properly escape column name in "createFunction" call

apps/dav/lib/Migration/BuildCalendarSearchIndex.php

@@ -70,7 +70,7 @@ public function run(IOutput $output) {
 		}
 
 		$query = $this->db->getQueryBuilder();
-		$query->select($query->createFunction('MAX(id)'))
+		$query->select($query->createFunction('MAX(' . $query->getColumnName('id') . ')'))
 			->from('calendarobjects');
 		$maxId = (int)$query->execute()->fetchColumn();
 

apps/files_sharing/lib/Command/CleanupRemoteStorages.php

@@ -98,7 +98,7 @@ public function execute(InputInterface $input, OutputInterface $output) {
 
 	public function countFiles($numericId, OutputInterface $output) {
 		$queryBuilder = $this->connection->getQueryBuilder();
-		$queryBuilder->select($queryBuilder->createFunction('count(fileid)'))
+		$queryBuilder->select($queryBuilder->createFunction('COUNT(' . $queryBuilder->getColumnName('fileid') . ')'))
 			->from('filecache')
 			->where($queryBuilder->expr()->eq(
 				'storage',

apps/user_ldap/lib/Mapping/AbstractMapping.php

@@ -311,7 +311,7 @@ public function clearCb(Callable $preCallback, Callable $postCallback): bool {
 	 */
 	public function count() {
 		$qb = $this->dbc->getQueryBuilder();
-		$query = $qb->select($qb->createFunction('COUNT(`ldap_dn`)'))
+		$query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('ldap_dn') . ')'))
 			->from($this->getTableName());
 		$res = $query->execute();
 		$count = $res->fetchColumn();

lib/private/Comments/Manager.php

@@ -163,7 +163,7 @@ protected function determineTopmostParentId($id) {
 	 */
 	protected function updateChildrenInformation($id, \DateTime $cDateTime) {
 		$qb = $this->dbConn->getQueryBuilder();
-		$query = $qb->select($qb->createFunction('COUNT(`id`)'))
+		$query = $qb->select($qb->createFunction('COUNT(' . $qb->getColumnName('id') . ')'))
 			->from('comments')
 			->where($qb->expr()->eq('parent_id', $qb->createParameter('id')))
 			->setParameter('id', $id);

lib/private/Group/Database.php

@@ -387,9 +387,9 @@ public function countDisabledInGroup(string $gid): int {
 		$this->fixDI();
 
 		$query = $this->dbConn->getQueryBuilder();
-		$query->select($query->createFunction('COUNT(Distinct uid)'))
+		$query->select($query->createFunction('COUNT(DISTINCT ' . $query->getColumnName('uid') . ')'))
 			->from('preferences', 'p')
-			->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid')
+			->innerJoin('p', 'group_user', 'g', $query->expr()->eq('p.userid', 'g.uid'))
 			->where($query->expr()->eq('appid', $query->createNamedParameter('core')))
 			->andWhere($query->expr()->eq('configkey', $query->createNamedParameter('enabled')))
 			->andWhere($query->expr()->eq('configvalue', $query->createNamedParameter('false'), IQueryBuilder::PARAM_STR))

lib/private/User/Manager.php

@@ -475,9 +475,9 @@ public function countDisabledUsers(): int {
 	 */
 	public function countDisabledUsersOfGroups(array $groups): int {
 		$queryBuilder = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-		$queryBuilder->select($queryBuilder->createFunction('COUNT(Distinct uid)'))
+		$queryBuilder->select($queryBuilder->createFunction('COUNT(DISTINCT ' . $queryBuilder->getColumnName('uid') . ')'))
 			->from('preferences', 'p')
-			->innerJoin('p', 'group_user', 'g', 'p.userid = g.uid')
+			->innerJoin('p', 'group_user', 'g', $queryBuilder->expr()->eq('p.userid', 'g.uid'))
 			->where($queryBuilder->expr()->eq('appid', $queryBuilder->createNamedParameter('core')))
 			->andWhere($queryBuilder->expr()->eq('configkey', $queryBuilder->createNamedParameter('enabled')))
 			->andWhere($queryBuilder->expr()->eq('configvalue', $queryBuilder->createNamedParameter('false'), IQueryBuilder::PARAM_STR))