These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Spatie\QueryBuilder\Filters; |
||
4 | |||
5 | use Illuminate\Database\Eloquent\Builder; |
||
6 | use Illuminate\Support\Collection; |
||
7 | use Illuminate\Support\Str; |
||
8 | |||
9 | class FiltersExact implements Filter |
||
10 | { |
||
11 | protected $relationConstraints = []; |
||
12 | |||
13 | /** @var bool */ |
||
14 | protected $addRelationConstraint = true; |
||
15 | |||
16 | public function __construct(bool $addRelationConstraint = true) |
||
17 | { |
||
18 | $this->addRelationConstraint = $addRelationConstraint; |
||
19 | } |
||
20 | |||
21 | public function __invoke(Builder $query, $value, string $property) |
||
22 | { |
||
23 | if ($this->addRelationConstraint) { |
||
24 | if ($this->isRelationProperty($query, $property)) { |
||
25 | $this->withRelationConstraint($query, $value, $property); |
||
26 | |||
27 | return; |
||
28 | } |
||
29 | } |
||
30 | |||
31 | if (is_array($value)) { |
||
32 | $query->whereIn($property, $value); |
||
33 | |||
34 | return; |
||
35 | } |
||
36 | |||
37 | $query->where($property, '=', $value); |
||
38 | } |
||
39 | |||
40 | protected function isRelationProperty(Builder $query, string $property): bool |
||
41 | { |
||
42 | if (! Str::contains($property, '.')) { |
||
43 | return false; |
||
44 | } |
||
45 | |||
46 | if (in_array($property, $this->relationConstraints)) { |
||
47 | return false; |
||
48 | } |
||
49 | |||
50 | if (Str::startsWith($property, $query->getModel()->getTable().'.')) { |
||
51 | return false; |
||
52 | } |
||
53 | |||
54 | return true; |
||
55 | } |
||
56 | |||
57 | protected function withRelationConstraint(Builder $query, $value, string $property) |
||
58 | { |
||
59 | [$relation, $property] = collect(explode('.', $property)) |
||
0 ignored issues
–
show
|
|||
60 | ->pipe(function (Collection $parts) { |
||
61 | return [ |
||
62 | $parts->except(count($parts) - 1)->map([Str::class, 'camel'])->implode('.'), |
||
63 | $parts->last(), |
||
64 | ]; |
||
65 | }); |
||
66 | |||
67 | $query->whereHas($relation, function (Builder $query) use ($value, $relation, $property) { |
||
68 | $this->relationConstraints[] = $property = $query->getModel()->getTable().'.'.$property; |
||
69 | |||
70 | $this->__invoke($query, $value, $property); |
||
71 | }); |
||
72 | } |
||
73 | } |
||
74 |
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.