Пример #1
0
 /**
  * Implements PHP magic __toString method to convert the query to a string.
  *
  * @return string
  *   The prepared statement.
  */
 public function __toString()
 {
     // Create a sanitized comment string to prepend to the query.
     $comments = $this->connection->makeComment($this->comments);
     // Expressions take priority over literal fields, so we process those first
     // and remove any literal fields that conflict.
     $fields = $this->fields;
     $update_fields = array();
     foreach ($this->expressionFields as $field => $data) {
         if ($data['expression'] instanceof SelectInterface) {
             // Compile and cast expression subquery to a string.
             $data['expression']->compile($this->connection, $this);
             $data['expression'] = ' (' . $data['expression'] . ')';
         }
         $update_fields[] = $this->connection->escapeField($field) . '=' . $data['expression'];
         unset($fields[$field]);
     }
     $max_placeholder = 0;
     foreach ($fields as $field => $value) {
         $update_fields[] = $this->connection->escapeField($field) . '=:db_update_placeholder_' . $max_placeholder++;
     }
     $query = $comments . 'UPDATE {' . $this->connection->escapeTable($this->table) . '} SET ' . implode(', ', $update_fields);
     if (count($this->condition)) {
         $this->condition->compile($this->connection, $this);
         // There is an implicit string cast on $this->condition.
         $query .= "\nWHERE " . $this->condition;
     }
     return $query;
 }
Пример #2
0
 /**
  * Implements PHP magic __toString method to convert the query to a string.
  *
  * @return string
  *   The prepared statement.
  */
 public function __toString()
 {
     // Create a sanitized comment string to prepend to the query.
     $comments = $this->connection->makeComment($this->comments);
     $query = $comments . 'DELETE FROM {' . $this->connection->escapeTable($this->table) . '} ';
     if (count($this->condition)) {
         $this->condition->compile($this->connection, $this);
         $query .= "\nWHERE " . $this->condition;
     }
     return $query;
 }
Пример #3
0
 /**
  * Implements Drupal\Core\Database\Query\ConditionInterface::compile().
  */
 public function compile(Connection $connection, PlaceholderInterface $queryPlaceholder)
 {
     $this->condition->compile($connection, $queryPlaceholder);
 }
Пример #4
0
 /**
  * Compiles the HAVING clause for later retrieval.
  *
  * @param $connection
  *   The database connection for which to compile the clause.
  */
 public function havingCompile(Connection $connection)
 {
     $this->having->compile($connection, $this);
 }
Пример #5
0
 /**
  * @covers ::compile
  *
  * @expectedException \PHPUnit_Framework_Error
  * @dataProvider providerTestCompileWithSqlInjectionForOperator
  */
 public function testCompileWithSqlInjectionForOperator($operator)
 {
     $connection = $this->prophesize(Connection::class);
     $connection->escapeField(Argument::any())->will(function ($args) {
         return preg_replace('/[^A-Za-z0-9_.]+/', '', $args[0]);
     });
     $connection->mapConditionOperator(Argument::any())->willReturn(NULL);
     $connection = $connection->reveal();
     $query_placeholder = $this->prophesize(PlaceholderInterface::class);
     $counter = 0;
     $query_placeholder->nextPlaceholder()->will(function () use(&$counter) {
         return $counter++;
     });
     $query_placeholder->uniqueIdentifier()->willReturn(4);
     $query_placeholder = $query_placeholder->reveal();
     $condition = new Condition('AND');
     $condition->condition('name', 'value', $operator);
     $condition->compile($connection, $query_placeholder);
 }