From e52925c5fb357323eb081b9833554366aa2540ae Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 6 Nov 2020 11:48:52 +0100 Subject: [PATCH] Use query builder instead of OC_DB in trashbin Signed-off-by: Joas Schilling --- apps/files_trashbin/lib/Trashbin.php | 77 ++++++++++++++++++++-------- 1 file changed, 56 insertions(+), 21 deletions(-) diff --git a/apps/files_trashbin/lib/Trashbin.php b/apps/files_trashbin/lib/Trashbin.php index a18cac25bb9bf..2ad67e5559a3f 100644 --- a/apps/files_trashbin/lib/Trashbin.php +++ b/apps/files_trashbin/lib/Trashbin.php @@ -128,17 +128,20 @@ public static function getUidAndFilename($filename) { * @return array (filename => array (timestamp => original location)) */ public static function getLocations($user) { - $query = \OC_DB::prepare('SELECT `id`, `timestamp`, `location`' - . ' FROM `*PREFIX*files_trash` WHERE `user`=?'); - $result = $query->execute([$user]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->select('id', 'timestamp', 'location') + ->from('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($user))); + $result = $query->execute(); $array = []; - while ($row = $result->fetchRow()) { + while ($row = $result->fetch()) { if (isset($array[$row['id']])) { $array[$row['id']][$row['timestamp']] = $row['location']; } else { $array[$row['id']] = [$row['timestamp'] => $row['location']]; } } + $result->closeCursor(); return $array; } @@ -151,11 +154,19 @@ public static function getLocations($user) { * @return string original location */ public static function getLocation($user, $filename, $timestamp) { - $query = \OC_DB::prepare('SELECT `location` FROM `*PREFIX*files_trash`' - . ' WHERE `user`=? AND `id`=? AND `timestamp`=?'); - $result = $query->execute([$user, $filename, $timestamp])->fetchAll(); - if (isset($result[0]['location'])) { - return $result[0]['location']; + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->select('location') + ->from('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($user))) + ->andWhere($query->expr()->eq('id', $query->createNamedParameter($filename))) + ->andWhere($query->expr()->eq('timestamp', $query->createNamedParameter($timestamp))); + + $result = $query->execute(); + $row = $result->fetch(); + $result->closeCursor(); + + if (isset($row['location'])) { + return $row['location']; } else { return false; } @@ -208,8 +219,13 @@ private static function copyFilesToUser($sourcePath, $owner, $targetPath, $user, if ($view->file_exists($target)) { - $query = \OC_DB::prepare("INSERT INTO `*PREFIX*files_trash` (`id`,`timestamp`,`location`,`user`) VALUES (?,?,?,?)"); - $result = $query->execute([$targetFilename, $timestamp, $targetLocation, $user]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->insert('files_trash') + ->setValue('id', $query->createNamedParameter($targetFilename)) + ->setValue('timestamp', $query->createNamedParameter($timestamp)) + ->setValue('location', $query->createNamedParameter($targetLocation)) + ->setValue('user', $query->createNamedParameter($user)); + $result = $query->execute(); if (!$result) { \OC::$server->getLogger()->error('trash bin database couldn\'t be updated for the files owner', ['app' => 'files_trashbin']); } @@ -330,8 +346,13 @@ public static function move2trash($file_path, $ownerOnly = false) { } if ($moveSuccessful) { - $query = \OC_DB::prepare("INSERT INTO `*PREFIX*files_trash` (`id`,`timestamp`,`location`,`user`) VALUES (?,?,?,?)"); - $result = $query->execute([$filename, $timestamp, $location, $owner]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->insert('files_trash') + ->setValue('id', $query->createNamedParameter($filename)) + ->setValue('timestamp', $query->createNamedParameter($timestamp)) + ->setValue('location', $query->createNamedParameter($location)) + ->setValue('user', $query->createNamedParameter($owner)); + $result = $query->execute(); if (!$result) { \OC::$server->getLogger()->error('trash bin database couldn\'t be updated', ['app' => 'files_trashbin']); } @@ -489,8 +510,12 @@ public static function restore($file, $filename, $timestamp) { self::restoreVersions($view, $file, $filename, $uniqueFilename, $location, $timestamp); if ($timestamp) { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*files_trash` WHERE `user`=? AND `id`=? AND `timestamp`=?'); - $query->execute([$user, $filename, $timestamp]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->delete('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($user))) + ->andWhere($query->expr()->eq('id', $query->createNamedParameter($filename))) + ->andWhere($query->expr()->eq('timestamp', $query->createNamedParameter($timestamp))); + $query->execute(); } return true; @@ -576,8 +601,11 @@ public static function deleteAll() { // actual file deletion $trash->delete(); - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*files_trash` WHERE `user`=?'); - $query->execute([$user]); + + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->delete('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($user))); + $query->execute(); // Bulk PostDelete-Hook \OC_Hook::emit('\OCP\Trashbin', 'deleteAll', ['paths' => $filePaths]); @@ -626,8 +654,13 @@ public static function delete($filename, $user, $timestamp = null) { $size = 0; if ($timestamp) { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*files_trash` WHERE `user`=? AND `id`=? AND `timestamp`=?'); - $query->execute([$user, $filename, $timestamp]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->delete('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($user))) + ->andWhere($query->expr()->eq('id', $query->createNamedParameter($filename))) + ->andWhere($query->expr()->eq('timestamp', $query->createNamedParameter($timestamp))); + $query->execute(); + $file = $filename . '.d' . $timestamp; } else { $file = $filename; @@ -709,8 +742,10 @@ public static function file_exists($filename, $timestamp = null) { * @return bool result of db delete operation */ public static function deleteUser($uid) { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*files_trash` WHERE `user`=?'); - return $query->execute([$uid]); + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->delete('files_trash') + ->where($query->expr()->eq('user', $query->createNamedParameter($uid))); + return (bool) $query->execute(); } /**