Issues in Grammar.php (master) - Issues in master - sonrac/larango - Measure and Improve Code Quality continuously with Scrutinizer

Issues (46)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Query/Grammars/Grammar.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Created by PhpStorm.
 * User: admin
 * Date: 21.01.2018
 * Time: 14:35
 */

namespace sonrac\Arango\Query\Grammars;

use Illuminate\Database\Query\Builder;
use Illuminate\Database\Query\Grammars\Grammar as IlluminateGrammar;
use function sonrac\Arango\Helpers\getEntityName;
use function sonrac\Arango\Helpers\getEntityNameFromColumn;

class Grammar extends IlluminateGrammar
{
    /**
     * The components that make up a select clause.
     *
     * @var array
     */
    protected $selectComponents = [
        'aggregate',
        'from',
        'joins',
        'wheres',
        'groups',
        'havings',
        'orders',
        'limit',
        'offset',
        'columns',
        'unions',
        'lock',
    ];

    /**
     * {@inheritdoc}
     */
    public function compileInsertGetId(Builder $query, $values, $sequence)
    {
        return $this->compileInsert($query, $values) . ' RETURN NEW';
    }

    /**
     * {@inheritdoc}
     */
    public function compileInsert(Builder $query, array $values)
    {
        // Essentially we will force every insert to be treated as a batch insert which
        // simply makes creating the SQL easier for us since we can utilize the same
        // basic routine regardless of an amount of records given to us to insert.
        $collection = $this->wrapTable($query->from);

        $entityName = getEntityName($query->from);

        if (!is_array(reset($values))) {
            $values = [$values];
        }

        $columns = array_keys(reset($values));

        $parameters = [];

        foreach ($values as $record) {
            $bindValuesTmp = [];
            foreach ($columns as $column) {
                if (!isset($record[$column])) {
                    continue;
                }
                $bindValuesTmp[$column] = $record[$column];
            }
            $parameters[] = $bindValuesTmp;
        }
        $parameters = json_encode($parameters);
        $parameters = preg_replace('/"(\@B\w+)"/', '$1', $parameters);

        $aql = "FOR {$entityName} IN {$parameters} INSERT {$entityName} INTO {$collection}";
        return $aql;
    }

    /**
     * Prepare column before use in AQL request
     * Add entityName and wrap it if needed.
     * Add alias for string like (column as other_name)
     *
     * @param $collection
     * @param $column
     * @param bool $withCollection
     * @return string
     */
    public function wrapColumn($column, $collection = null, $withCollection = true)
    {
        $entityName = getEntityNameFromColumn($column);

        $clearColumn = $this->getClearColumnName($column);

        $alias = $this->getAliasNameFromColumn($column);

        if (is_null($entityName) && !is_null($collection)) {
            $entityName = getEntityName($collection);
        }

        if ($clearColumn !== '_key') {
            $clearColumn = trim($clearColumn, '`');
            $clearColumn = '`'.$clearColumn.'`';
        }
        if ($withCollection) {
            $column = $entityName.'.'.$clearColumn;
        }
        if ($alias) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $column = $alias.':'.$column;
        }
        return $column;
    }

    /**
     * Return collection name
     * @return string
     */
    public function wrapTable($table)
    {
        return $this->wrapCollection($table);
    }

    /**
     * {@inheritdoc}
     */
    public function columnize(array $columns)
    {
        $resultColumns = [];
        foreach ($columns as $column) {
            if (strpos($column, ':') !== false) {
                $resultColumns[] = $column;
                continue;
            }

            list($entityName, $column) = explode('.', $column);
            if ($column === '`*`') {
                $resultColumns[] = $entityName . ': '.$entityName;
                continue;
            }
            $resultColumns[] = $column . ': ' . $entityName . '.' . $column;
        }
        return implode(',', $resultColumns);
    }

    /**
     * {@inheritdoc}
     */
    public function compileUpdate(Builder $query, $values)
    {
        $table = $this->wrapTable($query->from);

        // Each one of the columns in the update statements needs to be wrapped in the
        // keyword identifiers, also a place-holder needs to be created for each of
        // the values in the list of bindings so we can make the sets statements.
        $columns = collect($values)->map(function ($value, $key) {
            return $key.' : '.$value;
        })->implode(', ');

        $joins = '';

        if (isset($query->joins)) {
            $joins = $this->compileJoins($query, $query->joins).' ';
        }

        // Of course, update queries may also be constrained by where clauses so we'll
        // need to compile the where clauses and attach it to the query so only the
        // intended records are updated by the SQL statements we generate to run.
        $wheres = $this->compileWheres($query);

        $entityName = getEntityName($table);

        $aql = $joins.'FOR '.$entityName.' IN '.$table.' '.$wheres.
            ' UPDATE '.$entityName.' WITH { '.$columns.' } IN '.$table;

        var_dump($aql);

        return $aql;
    }

    /**
     * {@inheritdoc}
     */
    public function compileDelete(Builder $query)
    {
        $wheres = is_array($query->wheres) ? $this->compileWheres($query) : '';

        $collection = $this->wrapTable($query->from);
        $entityName = getEntityName($collection);
        $aql = "FOR {$entityName} in {$collection} {$wheres} REMOVE {$entityName} IN {$collection}";
        var_dump($aql);

        return $aql;
    }

    /**
     * {@inheritdoc}
     */
    public function compileSelect(Builder $query)
    {
        // If the query does not have any columns set, we'll set the columns to the
        // * character to just get all of the columns from the database. Then we
        // can build the query and concatenate all the pieces together as one.
        $original = $query->columns;

        if (is_null($query->columns)) {
            $query->columns = ['*'];
        }

        // To compile the query, we'll spin through each component of the query and
        // see if that component exists. If it does we'll just call the compiler
        // function for the component which is responsible for making the AQL.
        $aql = trim($this->concatenate(
            $this->compileComponents($query))
        );

        if (isset($query->joins)) {
            $aql = $this->compileJoins($query, $query->joins).' '.$aql;
        }

        if (!is_null($query->aggregate)) {
            $aql = $this->compileAggregateExtended($query, $query->aggregate, $aql);
        }
        $query->columns = $original;

        return $aql;
    }

    /**
     * {@inheritdoc}
     */
    protected function compileJoins(Builder $query, $joins)
    {
        return collect($joins)->map(function ($join) use (&$aql) {
            $table = $this->wrapTable($join->table);
            $entityName = getEntityName($join->table);
            return 'FOR '.$entityName.' IN '.$table;
        })->implode(' ');
    }

    /**
     * {@inheritdoc}
     */
    protected function compileComponents(Builder $query)
    {
        $aql = [];

        foreach ($this->selectComponents as $component) {
            // To compile the query, we'll spin through each component of the query and
            // see if that component exists. If it does we'll just call the compiler
            // function for the component which is responsible for making the SQL.
            if (!is_null($query->$component)) {
                if ($component === 'aggregate' ||
                   $component === 'joins') {
                    continue;
                }
                $method = 'compile'.ucfirst($component);

                $aql[$component] = $this->$method($query, $query->$component);
            }
        }

        return $aql;
    }

    /**
     * {@inheritdoc}
     */
    protected function compileFrom(Builder $query, $collection)
    {
        return 'FOR '.getEntityName($collection).' IN '.$this->wrapCollection($collection);
    }

    /**
     * {@inheritdoc}
     */
    protected function compileColumns(Builder $query, $columns)
    {
        if (count($columns) === 1 && $columns[0] === '*') {
            return 'RETURN '.getEntityName($query->from);
        }

        return 'RETURN { ' . $this->columnize($columns) . ' }';
    }

    /**
     * Return string for aggregate some column from AQL request
     *
     * @param Builder $query
     * @param $aggregate
     * @param $aql
     * @return string
     */
    protected function compileAggregateExtended(Builder $query, $aggregate, $aql)

    {
        return 'RETURN {"aggregate":'.$aggregate['function'].'('.$aql.')}';
    }

    /**
     * {@inheritdoc}
     */
    protected function compileWheres(Builder $query)
    {
        // Each type of where clauses has its own compiler function which is responsible
        // for actually creating the where clauses SQL. This helps keep the code nice
        // and maintainable since each clause has a very small method that it uses.
        if (is_null($query->wheres)) {
            return '';
        }

        // If we actually have some where clauses, we will strip off the first boolean
        // operator, which is added by the query builders for convenience so we can
        // avoid checking for the first clauses in each of the compilers methods.
        if (count($sql = $this->compileWheresToArray($query)) > 0) {
            return $this->concatenateWhereClauses($query, $sql);
        }

        return '';
    }

    /**
     * {@inheritdoc}
     */
    protected function concatenateWhereClauses($query, $sql)
    {
        return 'FILTER '.$this->removeLeadingBoolean(implode(' ', $sql));
    }

    /**
     * {@inheritdoc}
     */
    protected function compileWheresToArray($query)
    {
        return collect($query->wheres)->map(function ($where) use ($query) {
            return $where['boolean'].' '.$this->{"where{$where['type']}"}($query, $where);
        })->all();
    }

    /**
     * {@inheritdoc}
     */
    protected function whereBasic(Builder $query, $where)
    {
        return $where['column'].' '.$where['operator'].' '.$where['value'];
    }

    /**
     * {@inheritdoc}
     */
    protected function whereIn(Builder $query, $where)

    {
        if (!empty($where['values'])) {
            $column = $this->wrapColumn($where['column'], $query->from);
            return '['.implode(',', $where['values']).'] ANY == '.$column;
        }

        return '0 = 1';
    }

    /**
     * {@inheritdoc}
     */
    protected function whereNotIn(Builder $query, $where)

    {
        if (!empty($where['values'])) {
            $column = $this->wrapColumn($where['table'], $where['column']);
            return '['.implode(',', $where['values']).'] NONE == '.$column;
        }

        return '0 = 1';
    }

    /**
     * {@inheritdoc}
     */
    protected function whereNull(Builder $query, $where)
    {
        return $this->wrapColumn($where['column'], $query->from).' == NULL';
    }

    /**
     * {@inheritdoc}
     */
    protected function whereNotNull(Builder $query, $where)
    {
        return $this->wrapColumn($where['column'], $query->from).' != NULL';
    }

    /**
     * {@inheritdoc}
     */
    protected function whereColumn(Builder $query, $where)
    {
        $firstWrapColumn = $this->wrapColumn($where['first'], $query->from);
        $secondWrapColumn = $this->wrapColumn($where['second'], $query->from);
        return $firstWrapColumn.' '.$where['operator'].' '.$secondWrapColumn;
    }

    /**
     * {@inheritdoc}
     */
    protected function compileOrders(Builder $query, $orders)
    {
        if (!empty($orders)) {
            return 'SORT '.implode(', ', $this->compileOrdersToArray($query, $orders));
        }

        return '';
    }

    /**
     * {@inheritdoc}
     */
    protected function compileOrdersToArray(Builder $query, $orders)
    {
        return array_map(function ($order) {
            return !isset($order['sql'])
                ? $order['column'].' '.$order['direction']
                : $order['sql'];
        }, $orders);
    }

    /**
     * {@inheritdoc}
     */
    protected function compileLimit(Builder $query, $limit)
    {
        $result = 'LIMIT ';

        if (isset($query->offset)) {
            $result .= (int) $query->offset.', ';
        }
        $result .= (int) $limit;

        return $result;
    }

    /**
     * {@inheritdoc}
     */
    protected function compileOffset(Builder $query, $offset)
    {
        if (!isset($query->limit)) {
            throw new \Exception("You can't set offset without limit for arangodb");
        }
        return '';
    }

    /**
     * Wrap collection name
     * @param string $collection
     * @return string
     */
    protected function wrapCollection($collection)
    {
        return '`'.trim($collection, '`').'`';
    }

    protected function getClearColumnName($column)
    {
        $parts = explode('.', $column);
        if (count($parts) > 1) {
            $column = $parts[1];
        }
        $column = explode('as', $column)[0];

        return trim($column, '` ');
    }

    protected function getAliasNameFromColumn($column)
    {
        $parts = explode('as', $column);
        if (count($parts) < 2) {
            return null;
        }

        return '`'.trim($parts[1], '` ').'`';
    }
}


1		<?php
2		/**
3		* Created by PhpStorm.
4		* User: admin
5		* Date: 21.01.2018
6		* Time: 14:35
7		*/
8
9		namespace sonrac\Arango\Query\Grammars;
10
11		use Illuminate\Database\Query\Builder;
12		use Illuminate\Database\Query\Grammars\Grammar as IlluminateGrammar;
13		use function sonrac\Arango\Helpers\getEntityName;
14		use function sonrac\Arango\Helpers\getEntityNameFromColumn;
15
16		class Grammar extends IlluminateGrammar
17		{
18		/**
19		* The components that make up a select clause.
20		*
21		* @var array
22		*/
23		protected $selectComponents = [
24		'aggregate',
25		'from',
26		'joins',
27		'wheres',
28		'groups',
29		'havings',
30		'orders',
31		'limit',
32		'offset',
33		'columns',
34		'unions',
35		'lock',
36		];
37
38		/**
39		* {@inheritdoc}
40		*/
41		public function compileInsertGetId(Builder $query, $values, $sequence)
42		{
43		return $this->compileInsert($query, $values) . ' RETURN NEW';
44		}
45
46		/**
47		* {@inheritdoc}
48		*/
49		public function compileInsert(Builder $query, array $values)
50		{
51		// Essentially we will force every insert to be treated as a batch insert which
52		// simply makes creating the SQL easier for us since we can utilize the same
53		// basic routine regardless of an amount of records given to us to insert.
54		$collection = $this->wrapTable($query->from);
55
56		$entityName = getEntityName($query->from);
57
58		if (!is_array(reset($values))) {
59		$values = [$values];
60		}
61
62		$columns = array_keys(reset($values));
63
64		$parameters = [];
65
66		foreach ($values as $record) {
67		$bindValuesTmp = [];
68		foreach ($columns as $column) {
69		if (!isset($record[$column])) {
70		continue;
71		}
72		$bindValuesTmp[$column] = $record[$column];
73		}
74		$parameters[] = $bindValuesTmp;
75		}
76		$parameters = json_encode($parameters);
77		$parameters = preg_replace('/"(\@B\w+)"/', '$1', $parameters);
78
79		$aql = "FOR {$entityName} IN {$parameters} INSERT {$entityName} INTO {$collection}";
80		return $aql;
81		}
82
83		/**
84		* Prepare column before use in AQL request
85		* Add entityName and wrap it if needed.
86		* Add alias for string like (column as other_name)
87		*
88		* @param $collection
89		* @param $column
90		* @param bool $withCollection
91		* @return string
92		*/
93		public function wrapColumn($column, $collection = null, $withCollection = true)
94		{
95		$entityName = getEntityNameFromColumn($column);
96
97		$clearColumn = $this->getClearColumnName($column);
98
99		$alias = $this->getAliasNameFromColumn($column);
100
101		if (is_null($entityName) && !is_null($collection)) {
102		$entityName = getEntityName($collection);
103		}
104
105		if ($clearColumn !== '_key') {
106		$clearColumn = trim($clearColumn, '`');
107		$clearColumn = '`'.$clearColumn.'`';
108		}
109		if ($withCollection) {
110		$column = $entityName.'.'.$clearColumn;
111		}
112		if ($alias) {
		0 ignored issues – show Bug Best Practice introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$alias` of type `null\|string` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
113		$column = $alias.':'.$column;
114		}
115		return $column;
116		}
117
118		/**
119		* Return collection name
120		* @return string
121		*/
122		public function wrapTable($table)
123		{
124		return $this->wrapCollection($table);
125		}
126
127		/**
128		* {@inheritdoc}
129		*/
130		public function columnize(array $columns)
131		{
132		$resultColumns = [];
133		foreach ($columns as $column) {
134		if (strpos($column, ':') !== false) {
135		$resultColumns[] = $column;
136		continue;
137		}
138
139		list($entityName, $column) = explode('.', $column);
140		if ($column === '`*`') {
141		$resultColumns[] = $entityName . ': '.$entityName;
142		continue;
143		}
144		$resultColumns[] = $column . ': ' . $entityName . '.' . $column;
145		}
146		return implode(',', $resultColumns);
147		}
148
149		/**
150		* {@inheritdoc}
151		*/
152		public function compileUpdate(Builder $query, $values)
153		{
154		$table = $this->wrapTable($query->from);
155
156		// Each one of the columns in the update statements needs to be wrapped in the
157		// keyword identifiers, also a place-holder needs to be created for each of
158		// the values in the list of bindings so we can make the sets statements.
159		$columns = collect($values)->map(function ($value, $key) {
160		return $key.' : '.$value;
161		})->implode(', ');
162
163		$joins = '';
164
165		if (isset($query->joins)) {
166		$joins = $this->compileJoins($query, $query->joins).' ';
167		}
168
169		// Of course, update queries may also be constrained by where clauses so we'll
170		// need to compile the where clauses and attach it to the query so only the
171		// intended records are updated by the SQL statements we generate to run.
172		$wheres = $this->compileWheres($query);
173
174		$entityName = getEntityName($table);
175
176		$aql = $joins.'FOR '.$entityName.' IN '.$table.' '.$wheres.
177		' UPDATE '.$entityName.' WITH { '.$columns.' } IN '.$table;
178
179		var_dump($aql);
		0 ignored issues – show Security Debugging Code introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this `var_dump($aql);` looks like debug code. Are you sure you do not want to remove it? This might expose sensitive data. Loading history...
180		return $aql;
181		}
182
183		/**
184		* {@inheritdoc}
185		*/
186		public function compileDelete(Builder $query)
187		{
188		$wheres = is_array($query->wheres) ? $this->compileWheres($query) : '';
189
190		$collection = $this->wrapTable($query->from);
191		$entityName = getEntityName($collection);
192		$aql = "FOR {$entityName} in {$collection} {$wheres} REMOVE {$entityName} IN {$collection}";
193		var_dump($aql);
		0 ignored issues – show Security Debugging Code introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this `var_dump($aql);` looks like debug code. Are you sure you do not want to remove it? This might expose sensitive data. Loading history...
194		return $aql;
195		}
196
197		/**
198		* {@inheritdoc}
199		*/
200		public function compileSelect(Builder $query)
201		{
202		// If the query does not have any columns set, we'll set the columns to the
203		// * character to just get all of the columns from the database. Then we
204		// can build the query and concatenate all the pieces together as one.
205		$original = $query->columns;
206
207		if (is_null($query->columns)) {
208		$query->columns = ['*'];
209		}
210
211		// To compile the query, we'll spin through each component of the query and
212		// see if that component exists. If it does we'll just call the compiler
213		// function for the component which is responsible for making the AQL.
214		$aql = trim($this->concatenate(
215		$this->compileComponents($query))
216		);
217
218		if (isset($query->joins)) {
219		$aql = $this->compileJoins($query, $query->joins).' '.$aql;
220		}
221
222		if (!is_null($query->aggregate)) {
223		$aql = $this->compileAggregateExtended($query, $query->aggregate, $aql);
224		}
225		$query->columns = $original;
226
227		return $aql;
228		}
229
230		/**
231		* {@inheritdoc}
232		*/
233		protected function compileJoins(Builder $query, $joins)
234		{
235		return collect($joins)->map(function ($join) use (&$aql) {
236		$table = $this->wrapTable($join->table);
237		$entityName = getEntityName($join->table);
238		return 'FOR '.$entityName.' IN '.$table;
239		})->implode(' ');
240		}
241
242		/**
243		* {@inheritdoc}
244		*/
245		protected function compileComponents(Builder $query)
246		{
247		$aql = [];
248
249		foreach ($this->selectComponents as $component) {
250		// To compile the query, we'll spin through each component of the query and
251		// see if that component exists. If it does we'll just call the compiler
252		// function for the component which is responsible for making the SQL.
253		if (!is_null($query->$component)) {
254		if ($component === 'aggregate' \|\|
255		$component === 'joins') {
256		continue;
257		}
258		$method = 'compile'.ucfirst($component);
259
260		$aql[$component] = $this->$method($query, $query->$component);
261		}
262		}
263
264		return $aql;
265		}
266
267		/**
268		* {@inheritdoc}
269		*/
270		protected function compileFrom(Builder $query, $collection)
271		{
272		return 'FOR '.getEntityName($collection).' IN '.$this->wrapCollection($collection);
273		}
274
275		/**
276		* {@inheritdoc}
277		*/
278		protected function compileColumns(Builder $query, $columns)
279		{
280		if (count($columns) === 1 && $columns[0] === '*') {
281		return 'RETURN '.getEntityName($query->from);
282		}
283
284		return 'RETURN { ' . $this->columnize($columns) . ' }';
285		}
286
287		/**
288		* Return string for aggregate some column from AQL request
289		*
290		* @param Builder $query
291		* @param $aggregate
292		* @param $aql
293		* @return string
294		*/
295		protected function compileAggregateExtended(Builder $query, $aggregate, $aql)
		0 ignored issues – show Unused Code introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$query` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
296		{
297		return 'RETURN {"aggregate":'.$aggregate['function'].'('.$aql.')}';
298		}
299
300		/**
301		* {@inheritdoc}
302		*/
303		protected function compileWheres(Builder $query)
304		{
305		// Each type of where clauses has its own compiler function which is responsible
306		// for actually creating the where clauses SQL. This helps keep the code nice
307		// and maintainable since each clause has a very small method that it uses.
308		if (is_null($query->wheres)) {
309		return '';
310		}
311
312		// If we actually have some where clauses, we will strip off the first boolean
313		// operator, which is added by the query builders for convenience so we can
314		// avoid checking for the first clauses in each of the compilers methods.
315		if (count($sql = $this->compileWheresToArray($query)) > 0) {
316		return $this->concatenateWhereClauses($query, $sql);
317		}
318
319		return '';
320		}
321
322		/**
323		* {@inheritdoc}
324		*/
325		protected function concatenateWhereClauses($query, $sql)
326		{
327		return 'FILTER '.$this->removeLeadingBoolean(implode(' ', $sql));
328		}
329
330		/**
331		* {@inheritdoc}
332		*/
333		protected function compileWheresToArray($query)
334		{
335		return collect($query->wheres)->map(function ($where) use ($query) {
336		return $where['boolean'].' '.$this->{"where{$where['type']}"}($query, $where);
337		})->all();
338		}
339
340		/**
341		* {@inheritdoc}
342		*/
343		protected function whereBasic(Builder $query, $where)
344		{
345		return $where['column'].' '.$where['operator'].' '.$where['value'];
346		}
347
348		/**
349		* {@inheritdoc}
350		*/
351	View Code Duplication	protected function whereIn(Builder $query, $where)
		0 ignored issues – show Duplication introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
352		{
353		if (!empty($where['values'])) {
354		$column = $this->wrapColumn($where['column'], $query->from);
355		return '['.implode(',', $where['values']).'] ANY == '.$column;
356		}
357
358		return '0 = 1';
359		}
360
361		/**
362		* {@inheritdoc}
363		*/
364	View Code Duplication	protected function whereNotIn(Builder $query, $where)
		0 ignored issues – show Duplication introduced 2018-05-13 10:18 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
365		{
366		if (!empty($where['values'])) {
367		$column = $this->wrapColumn($where['table'], $where['column']);
368		return '['.implode(',', $where['values']).'] NONE == '.$column;
369		}
370
371		return '0 = 1';
372		}
373
374		/**
375		* {@inheritdoc}
376		*/
377		protected function whereNull(Builder $query, $where)
378		{
379		return $this->wrapColumn($where['column'], $query->from).' == NULL';
380		}
381
382		/**
383		* {@inheritdoc}
384		*/
385		protected function whereNotNull(Builder $query, $where)
386		{
387		return $this->wrapColumn($where['column'], $query->from).' != NULL';
388		}
389
390		/**
391		* {@inheritdoc}
392		*/
393		protected function whereColumn(Builder $query, $where)
394		{
395		$firstWrapColumn = $this->wrapColumn($where['first'], $query->from);
396		$secondWrapColumn = $this->wrapColumn($where['second'], $query->from);
397		return $firstWrapColumn.' '.$where['operator'].' '.$secondWrapColumn;
398		}
399
400		/**
401		* {@inheritdoc}
402		*/
403		protected function compileOrders(Builder $query, $orders)
404		{
405		if (!empty($orders)) {
406		return 'SORT '.implode(', ', $this->compileOrdersToArray($query, $orders));
407		}
408
409		return '';
410		}
411
412		/**
413		* {@inheritdoc}
414		*/
415		protected function compileOrdersToArray(Builder $query, $orders)
416		{
417		return array_map(function ($order) {
418		return !isset($order['sql'])
419		? $order['column'].' '.$order['direction']
420		: $order['sql'];
421		}, $orders);
422		}
423
424		/**
425		* {@inheritdoc}
426		*/
427		protected function compileLimit(Builder $query, $limit)
428		{
429		$result = 'LIMIT ';
430
431		if (isset($query->offset)) {
432		$result .= (int) $query->offset.', ';
433		}
434		$result .= (int) $limit;
435
436		return $result;
437		}
438
439		/**
440		* {@inheritdoc}
441		*/
442		protected function compileOffset(Builder $query, $offset)
443		{
444		if (!isset($query->limit)) {
445		throw new \Exception("You can't set offset without limit for arangodb");
446		}
447		return '';
448		}
449
450		/**
451		* Wrap collection name
452		* @param string $collection
453		* @return string
454		*/
455		protected function wrapCollection($collection)
456		{
457		return '`'.trim($collection, '`').'`';
458		}
459
460		protected function getClearColumnName($column)
461		{
462		$parts = explode('.', $column);
463		if (count($parts) > 1) {
464		$column = $parts[1];
465		}
466		$column = explode('as', $column)[0];
467
468		return trim($column, '` ');
469		}
470
471		protected function getAliasNameFromColumn($column)
472		{
473		$parts = explode('as', $column);
474		if (count($parts) < 2) {
475		return null;
476		}
477
478		return '`'.trim($parts[1], '` ').'`';
479		}
480		}
481

sonrac / larango

Issues (46)

Security Analysis not enabled

src/Query/Grammars/Grammar.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like