Skip to content

Commit 1ffd881

Browse files
MauricioFauthMauricioFauth
committed
Refactor ConfigStorage\RelationCleanup::user()
- Replaces escapeString() with quoteString() Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
1 parent b4f9063 commit 1ffd881

3 files changed

Lines changed: 113 additions & 110 deletions

File tree

libraries/classes/ConfigStorage/RelationCleanup.php

Lines changed: 92 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -319,103 +319,124 @@ public function database(string $db): void
319319
*
320320
* @param string $username username
321321
*/
322-
public function user($username): void
322+
public function user(string $username): void
323323
{
324324
$relationParameters = $this->relation->getRelationParameters();
325325
if ($relationParameters->db === null) {
326326
return;
327327
}
328328

329-
if ($relationParameters->bookmarkFeature !== null) {
330-
$remove_query = 'DELETE FROM '
331-
. Util::backquote($relationParameters->bookmarkFeature->database)
332-
. '.' . Util::backquote($relationParameters->bookmarkFeature->bookmark)
333-
. " WHERE `user` = '" . $this->dbi->escapeString($username)
334-
. "'";
335-
$this->dbi->queryAsControlUser($remove_query);
329+
$bookmarkFeature = $relationParameters->bookmarkFeature;
330+
$sqlHistoryFeature = $relationParameters->sqlHistoryFeature;
331+
$recentlyUsedTablesFeature = $relationParameters->recentlyUsedTablesFeature;
332+
$favoriteTablesFeature = $relationParameters->favoriteTablesFeature;
333+
$uiPreferencesFeature = $relationParameters->uiPreferencesFeature;
334+
$userPreferencesFeature = $relationParameters->userPreferencesFeature;
335+
$configurableMenusFeature = $relationParameters->configurableMenusFeature;
336+
$navigationItemsHidingFeature = $relationParameters->navigationItemsHidingFeature;
337+
$savedQueryByExampleSearchesFeature = $relationParameters->savedQueryByExampleSearchesFeature;
338+
$databaseDesignerSettingsFeature = $relationParameters->databaseDesignerSettingsFeature;
339+
340+
if ($bookmarkFeature !== null) {
341+
$statement = sprintf(
342+
'DELETE FROM %s.%s WHERE `user` = %s',
343+
Util::backquote($bookmarkFeature->database),
344+
Util::backquote($bookmarkFeature->bookmark),
345+
$this->dbi->quoteString($username),
346+
);
347+
$this->dbi->queryAsControlUser($statement);
336348
}
337349

338-
if ($relationParameters->sqlHistoryFeature !== null) {
339-
$remove_query = 'DELETE FROM '
340-
. Util::backquote($relationParameters->sqlHistoryFeature->database)
341-
. '.' . Util::backquote($relationParameters->sqlHistoryFeature->history)
342-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
343-
. "'";
344-
$this->dbi->queryAsControlUser($remove_query);
350+
if ($sqlHistoryFeature !== null) {
351+
$statement = sprintf(
352+
'DELETE FROM %s.%s WHERE `username` = %s',
353+
Util::backquote($sqlHistoryFeature->database),
354+
Util::backquote($sqlHistoryFeature->history),
355+
$this->dbi->quoteString($username),
356+
);
357+
$this->dbi->queryAsControlUser($statement);
345358
}
346359

347-
if ($relationParameters->recentlyUsedTablesFeature !== null) {
348-
$remove_query = 'DELETE FROM '
349-
. Util::backquote($relationParameters->recentlyUsedTablesFeature->database)
350-
. '.' . Util::backquote($relationParameters->recentlyUsedTablesFeature->recent)
351-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
352-
. "'";
353-
$this->dbi->queryAsControlUser($remove_query);
360+
if ($recentlyUsedTablesFeature !== null) {
361+
$statement = sprintf(
362+
'DELETE FROM %s.%s WHERE `username` = %s',
363+
Util::backquote($recentlyUsedTablesFeature->database),
364+
Util::backquote($recentlyUsedTablesFeature->recent),
365+
$this->dbi->quoteString($username),
366+
);
367+
$this->dbi->queryAsControlUser($statement);
354368
}
355369

356-
if ($relationParameters->favoriteTablesFeature !== null) {
357-
$remove_query = 'DELETE FROM '
358-
. Util::backquote($relationParameters->favoriteTablesFeature->database)
359-
. '.' . Util::backquote($relationParameters->favoriteTablesFeature->favorite)
360-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
361-
. "'";
362-
$this->dbi->queryAsControlUser($remove_query);
370+
if ($favoriteTablesFeature !== null) {
371+
$statement = sprintf(
372+
'DELETE FROM %s.%s WHERE `username` = %s',
373+
Util::backquote($favoriteTablesFeature->database),
374+
Util::backquote($favoriteTablesFeature->favorite),
375+
$this->dbi->quoteString($username),
376+
);
377+
$this->dbi->queryAsControlUser($statement);
363378
}
364379

365-
if ($relationParameters->uiPreferencesFeature !== null) {
366-
$remove_query = 'DELETE FROM '
367-
. Util::backquote($relationParameters->uiPreferencesFeature->database)
368-
. '.' . Util::backquote($relationParameters->uiPreferencesFeature->tableUiPrefs)
369-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
370-
. "'";
371-
$this->dbi->queryAsControlUser($remove_query);
380+
if ($uiPreferencesFeature !== null) {
381+
$statement = sprintf(
382+
'DELETE FROM %s.%s WHERE `username` = %s',
383+
Util::backquote($uiPreferencesFeature->database),
384+
Util::backquote($uiPreferencesFeature->tableUiPrefs),
385+
$this->dbi->quoteString($username),
386+
);
387+
$this->dbi->queryAsControlUser($statement);
372388
}
373389

374-
if ($relationParameters->userPreferencesFeature !== null) {
375-
$remove_query = 'DELETE FROM '
376-
. Util::backquote($relationParameters->userPreferencesFeature->database)
377-
. '.' . Util::backquote($relationParameters->userPreferencesFeature->userConfig)
378-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
379-
. "'";
380-
$this->dbi->queryAsControlUser($remove_query);
390+
if ($userPreferencesFeature !== null) {
391+
$statement = sprintf(
392+
'DELETE FROM %s.%s WHERE `username` = %s',
393+
Util::backquote($userPreferencesFeature->database),
394+
Util::backquote($userPreferencesFeature->userConfig),
395+
$this->dbi->quoteString($username),
396+
);
397+
$this->dbi->queryAsControlUser($statement);
381398
}
382399

383-
if ($relationParameters->configurableMenusFeature !== null) {
384-
$remove_query = 'DELETE FROM '
385-
. Util::backquote($relationParameters->configurableMenusFeature->database)
386-
. '.' . Util::backquote($relationParameters->configurableMenusFeature->users)
387-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
388-
. "'";
389-
$this->dbi->queryAsControlUser($remove_query);
400+
if ($configurableMenusFeature !== null) {
401+
$statement = sprintf(
402+
'DELETE FROM %s.%s WHERE `username` = %s',
403+
Util::backquote($configurableMenusFeature->database),
404+
Util::backquote($configurableMenusFeature->users),
405+
$this->dbi->quoteString($username),
406+
);
407+
$this->dbi->queryAsControlUser($statement);
390408
}
391409

392-
if ($relationParameters->navigationItemsHidingFeature !== null) {
393-
$remove_query = 'DELETE FROM '
394-
. Util::backquote($relationParameters->navigationItemsHidingFeature->database)
395-
. '.' . Util::backquote($relationParameters->navigationItemsHidingFeature->navigationHiding)
396-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
397-
. "'";
398-
$this->dbi->queryAsControlUser($remove_query);
410+
if ($navigationItemsHidingFeature !== null) {
411+
$statement = sprintf(
412+
'DELETE FROM %s.%s WHERE `username` = %s',
413+
Util::backquote($navigationItemsHidingFeature->database),
414+
Util::backquote($navigationItemsHidingFeature->navigationHiding),
415+
$this->dbi->quoteString($username),
416+
);
417+
$this->dbi->queryAsControlUser($statement);
399418
}
400419

401-
if ($relationParameters->savedQueryByExampleSearchesFeature !== null) {
402-
$remove_query = 'DELETE FROM '
403-
. Util::backquote($relationParameters->savedQueryByExampleSearchesFeature->database)
404-
. '.' . Util::backquote($relationParameters->savedQueryByExampleSearchesFeature->savedSearches)
405-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
406-
. "'";
407-
$this->dbi->queryAsControlUser($remove_query);
420+
if ($savedQueryByExampleSearchesFeature !== null) {
421+
$statement = sprintf(
422+
'DELETE FROM %s.%s WHERE `username` = %s',
423+
Util::backquote($savedQueryByExampleSearchesFeature->database),
424+
Util::backquote($savedQueryByExampleSearchesFeature->savedSearches),
425+
$this->dbi->quoteString($username),
426+
);
427+
$this->dbi->queryAsControlUser($statement);
408428
}
409429

410-
if ($relationParameters->databaseDesignerSettingsFeature === null) {
430+
if ($databaseDesignerSettingsFeature === null) {
411431
return;
412432
}
413433

414-
$remove_query = 'DELETE FROM '
415-
. Util::backquote($relationParameters->databaseDesignerSettingsFeature->database)
416-
. '.' . Util::backquote($relationParameters->databaseDesignerSettingsFeature->designerSettings)
417-
. " WHERE `username` = '" . $this->dbi->escapeString($username)
418-
. "'";
419-
$this->dbi->queryAsControlUser($remove_query);
434+
$statement = sprintf(
435+
'DELETE FROM %s.%s WHERE `username` = %s',
436+
Util::backquote($databaseDesignerSettingsFeature->database),
437+
Util::backquote($databaseDesignerSettingsFeature->designerSettings),
438+
$this->dbi->quoteString($username),
439+
);
440+
$this->dbi->queryAsControlUser($statement);
420441
}
421442
}

psalm-baseline.xml

Lines changed: 0 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1378,20 +1378,6 @@
13781378
&& is_scalar($GLOBALS['cfg']['ForeignKeyDropdownOrder'][1])]]></code>
13791379
</RedundantCondition>
13801380
</file>
1381-
<file src="libraries/classes/ConfigStorage/RelationCleanup.php">
1382-
<DeprecatedMethod>
1383-
<code>escapeString</code>
1384-
<code>escapeString</code>
1385-
<code>escapeString</code>
1386-
<code>escapeString</code>
1387-
<code>escapeString</code>
1388-
<code>escapeString</code>
1389-
<code>escapeString</code>
1390-
<code>escapeString</code>
1391-
<code>escapeString</code>
1392-
<code>escapeString</code>
1393-
</DeprecatedMethod>
1394-
</file>
13951381
<file src="libraries/classes/ConfigStorage/UserGroups.php">
13961382
<DeprecatedMethod>
13971383
<code>escapeString</code>
@@ -16204,11 +16190,6 @@
1620416190
<code>setAccessible</code>
1620516191
</UnusedMethodCall>
1620616192
</file>
16207-
<file src="test/classes/ConfigStorage/RelationCleanupTest.php">
16208-
<DeprecatedMethod>
16209-
<code>withConsecutive</code>
16210-
</DeprecatedMethod>
16211-
</file>
1621216193
<file src="test/classes/ConfigStorage/RelationTest.php">
1621316194
<DocblockTypeContradiction>
1621416195
<code>assertSame</code>

test/classes/ConfigStorage/RelationCleanupTest.php

Lines changed: 21 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -184,8 +184,8 @@ public function testUserWithoutRelations(): void
184184

185185
public function testUserWithRelations(): void
186186
{
187-
$_SESSION['relation'] = [];
188-
$_SESSION['relation'][$GLOBALS['server']] = RelationParameters::fromArray([
187+
$relation = $this->createStub(Relation::class);
188+
$relation->method('getRelationParameters')->willReturn(RelationParameters::fromArray([
189189
'user' => 'user',
190190
'db' => 'pmadb',
191191
'bookmarkwork' => true,
@@ -209,24 +209,25 @@ public function testUserWithRelations(): void
209209
'navigationhiding' => 'navigationhiding',
210210
'savedsearches' => 'savedsearches',
211211
'designer_settings' => 'designer_settings',
212-
])->toArray();
213-
214-
$dbi = $this->createPartialMock(DatabaseInterface::class, ['queryAsControlUser']);
215-
$dbi->expects($this->exactly(10))
216-
->method('queryAsControlUser')
217-
->withConsecutive(
218-
[$this->equalTo("DELETE FROM `pmadb`.`bookmark` WHERE `user` = 'user'")],
219-
[$this->equalTo("DELETE FROM `pmadb`.`history` WHERE `username` = 'user'")],
220-
[$this->equalTo("DELETE FROM `pmadb`.`recent` WHERE `username` = 'user'")],
221-
[$this->equalTo("DELETE FROM `pmadb`.`favorite` WHERE `username` = 'user'")],
222-
[$this->equalTo("DELETE FROM `pmadb`.`table_uiprefs` WHERE `username` = 'user'")],
223-
[$this->equalTo("DELETE FROM `pmadb`.`userconfig` WHERE `username` = 'user'")],
224-
[$this->equalTo("DELETE FROM `pmadb`.`users` WHERE `username` = 'user'")],
225-
[$this->equalTo("DELETE FROM `pmadb`.`navigationhiding` WHERE `username` = 'user'")],
226-
[$this->equalTo("DELETE FROM `pmadb`.`savedsearches` WHERE `username` = 'user'")],
227-
[$this->equalTo("DELETE FROM `pmadb`.`designer_settings` WHERE `username` = 'user'")]
228-
);
212+
]));
229213

230-
(new RelationCleanup($dbi, new Relation($dbi)))->user('user');
214+
$dbi = $this->createMock(DatabaseInterface::class);
215+
$dbi->expects($this->any())->method('quoteString')
216+
->will($this->returnCallback(static fn (string $string): string => "'" . $string . "'"));
217+
$result = $this->createStub(ResultInterface::class);
218+
$dbi->expects($this->exactly(10))->method('queryAsControlUser')->willReturnMap([
219+
["DELETE FROM `pmadb`.`bookmark` WHERE `user` = 'user'", $result],
220+
["DELETE FROM `pmadb`.`history` WHERE `username` = 'user'", $result],
221+
["DELETE FROM `pmadb`.`recent` WHERE `username` = 'user'", $result],
222+
["DELETE FROM `pmadb`.`favorite` WHERE `username` = 'user'", $result],
223+
["DELETE FROM `pmadb`.`table_uiprefs` WHERE `username` = 'user'", $result],
224+
["DELETE FROM `pmadb`.`userconfig` WHERE `username` = 'user'", $result],
225+
["DELETE FROM `pmadb`.`users` WHERE `username` = 'user'", $result],
226+
["DELETE FROM `pmadb`.`navigationhiding` WHERE `username` = 'user'", $result],
227+
["DELETE FROM `pmadb`.`savedsearches` WHERE `username` = 'user'", $result],
228+
["DELETE FROM `pmadb`.`designer_settings` WHERE `username` = 'user'", $result],
229+
]);
230+
231+
(new RelationCleanup($dbi, $relation))->user('user');
231232
}
232233
}

0 commit comments

Comments
 (0)