chore(db): Apply query prepared statements

apps/dav/lib/CalDAV/Reminder/Backend.php

@@ -18,22 +18,16 @@
  */
 class Backend {
 
- /** @var IDBConnection */
- protected $db;
-
- /** @var ITimeFactory */
- private $timeFactory;
-
  /**
  * Backend constructor.
  *
  * @param IDBConnection $db
  * @param ITimeFactory $timeFactory
  */
- public function __construct(IDBConnection $db,
- ITimeFactory $timeFactory) {
- $this->db = $db;
-  $this->timeFactory = $timeFactory;
+ public function __construct(
+ protected IDBConnection $db,
+ protected ITimeFactory $timeFactory,
+ ) {
  }
 
  /**
@@ -50,7 +44,7 @@ public function getRemindersToProcess():array {
  ->join('cr', 'calendarobjects', 'co', $query->expr()->eq('cr.object_id', 'co.id'))
  ->join('cr', 'calendars', 'c', $query->expr()->eq('cr.calendar_id', 'c.id'))
  ->groupBy('cr.event_hash', 'cr.notification_date', 'cr.type', 'cr.id', 'cr.calendar_id', 'cr.object_id', 'cr.is_recurring', 'cr.uid', 'cr.recurrence_id', 'cr.is_recurrence_exception', 'cr.alarm_hash', 'cr.is_relative', 'cr.is_repeat_based', 'co.calendardata', 'c.displayname', 'c.principaluri');
- $stmt = $query->execute();
+ $stmt = $query->executeQuery();
 
  return array_map(
  [$this, 'fixRowTyping'],
@@ -69,7 +63,7 @@ public function getAllScheduledRemindersForEvent(int $objectId):array {
  $query->select('*')
  ->from('calendar_reminders')
  ->where($query->expr()->eq('object_id', $query->createNamedParameter($objectId)));
- $stmt = $query->execute();
+ $stmt = $query->executeQuery();
 
  return array_map(
  [$this, 'fixRowTyping'],
@@ -122,7 +116,7 @@ public function insertReminder(int $calendarId,
  'notification_date' => $query->createNamedParameter($notificationDate),
  'is_repeat_based' => $query->createNamedParameter($isRepeatBased ? 1 : 0),
  ])
- ->execute();
+ ->executeStatement();
 
  return $query->getLastInsertId();
  }
@@ -139,7 +133,7 @@ public function updateReminder(int $reminderId,
  $query->update('calendar_reminders')
  ->set('notification_date', $query->createNamedParameter($newNotificationDate))
  ->where($query->expr()->eq('id', $query->createNamedParameter($reminderId)))
- ->execute();
+ ->executeStatement();
  }
 
  /**
@@ -153,7 +147,7 @@ public function removeReminder(int $reminderId):void {
 
  $query->delete('calendar_reminders')
  ->where($query->expr()->eq('id', $query->createNamedParameter($reminderId)))
- ->execute();
+ ->executeStatement();
  }
 
  /**
@@ -166,7 +160,7 @@ public function cleanRemindersForEvent(int $objectId):void {
 
  $query->delete('calendar_reminders')
  ->where($query->expr()->eq('object_id', $query->createNamedParameter($objectId)))
- ->execute();
+ ->executeStatement();
  }
 
  /**
@@ -180,7 +174,7 @@ public function cleanRemindersForCalendar(int $calendarId):void {
 
  $query->delete('calendar_reminders')
  ->where($query->expr()->eq('calendar_id', $query->createNamedParameter($calendarId)))
- ->execute();
+ ->executeStatement();
  }
 
  /**

apps/dav/lib/Command/RemoveInvalidShares.php

@@ -38,7 +38,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
  $query = $this->connection->getQueryBuilder();
  $result = $query->selectDistinct('principaluri')
  ->from('dav_shares')
- ->execute();
+ ->executeQuery();
 
  while ($row = $result->fetch()) {
  $principaluri = $row['principaluri'];
@@ -59,6 +59,6 @@ private function deleteSharesForPrincipal($principaluri): void {
  $delete = $this->connection->getQueryBuilder();
  $delete->delete('dav_shares')
  ->where($delete->expr()->eq('principaluri', $delete->createNamedParameter($principaluri)));
- $delete->execute();
+ $delete->executeStatement();
  }
 }

apps/dav/lib/Db/DirectMapper.php

@@ -45,6 +45,6 @@ public function deleteExpired(int $expiration) {
  $qb->expr()->lt('expiration', $qb->createNamedParameter($expiration))
  );
 
- $qb->execute();
+ $qb->executeStatement();
  }
 }

apps/dav/lib/Migration/CalDAVRemoveEmptyValue.php

@@ -15,18 +15,11 @@
 
 class CalDAVRemoveEmptyValue implements IRepairStep {
 
- /** @var IDBConnection */
- private $db;
-
- /** @var CalDavBackend */
- private $calDavBackend;
-
- private LoggerInterface $logger;
-
- public function __construct(IDBConnection $db, CalDavBackend $calDavBackend, LoggerInterface $logger) {
- $this->db = $db;
- $this->calDavBackend = $calDavBackend;
- $this->logger = $logger;
+ public function __construct(
+ private IDBConnection $db,
+ private CalDavBackend $calDavBackend,
+ private LoggerInterface $logger,
+ ) {
  }
 
  public function getName() {
@@ -80,7 +73,7 @@ protected function getInvalidObjects($pattern) {
  $query = $this->db->getQueryBuilder();
  $query->select($query->func()->count('*', 'num_entries'))
  ->from('calendarobjects');
- $result = $query->execute();
+ $result = $query->executeQuery();
  $count = $result->fetchOne();
  $result->closeCursor();
 
@@ -92,7 +85,7 @@ protected function getInvalidObjects($pattern) {
  ->setMaxResults($chunkSize);
  for ($chunk = 0; $chunk < $numChunks; $chunk++) {
  $query->setFirstResult($chunk * $chunkSize);
- $result = $query->execute();
+ $result = $query->executeQuery();
 
  while ($row = $result->fetch()) {
  if (mb_strpos($row['calendardata'], $pattern) !== false) {
@@ -117,7 +110,7 @@ protected function getInvalidObjects($pattern) {
  IQueryBuilder::PARAM_STR
  ));
 
- $result = $query->execute();
+ $result = $query->executeQuery();
  $rows = $result->fetchAll();
  $result->closeCursor();
 

apps/dav/lib/Migration/FixBirthdayCalendarComponent.php

@@ -1,4 +1,5 @@
 <?php
+
 /**
  * SPDX-FileCopyrightText: 2016 ownCloud GmbH.
  * SPDX-License-Identifier: AGPL-3.0-only
@@ -12,16 +13,9 @@
 
 class FixBirthdayCalendarComponent implements IRepairStep {
 
- /** @var IDBConnection */
- private $connection;
-
- /**
- * FixBirthdayCalendarComponent constructor.
- *
- * @param IDBConnection $connection
- */
- public function __construct(IDBConnection $connection) {
- $this->connection = $connection;
+ public function __construct(
+ private IDBConnection $connection,
+ ) {
  }
 
  /**
@@ -39,7 +33,7 @@ public function run(IOutput $output) {
  $updated = $query->update('calendars')
  ->set('components', $query->createNamedParameter('VEVENT'))
  ->where($query->expr()->eq('uri', $query->createNamedParameter(BirthdayService::BIRTHDAY_CALENDAR_URI)))
- ->execute();
+ ->executeStatement();
 
  $output->info("$updated birthday calendars updated.");
  }

apps/dav/lib/Migration/RefreshWebcalJobRegistrar.php

@@ -16,21 +16,16 @@
 
 class RefreshWebcalJobRegistrar implements IRepairStep {
 
- /** @var IDBConnection */
- private $connection;
-
- /** @var IJobList */
- private $jobList;
-
  /**
  * FixBirthdayCalendarComponent constructor.
  *
  * @param IDBConnection $connection
  * @param IJobList $jobList
  */
- public function __construct(IDBConnection $connection, IJobList $jobList) {
- $this->connection = $connection;
- $this->jobList = $jobList;
+ public function __construct(
+ private IDBConnection $connection,
+ private IJobList $jobList,
+ ) {
  }
 
  /**

apps/dav/lib/Migration/RemoveClassifiedEventActivity.php

@@ -15,11 +15,9 @@
 
 class RemoveClassifiedEventActivity implements IRepairStep {
 
- /** @var IDBConnection */
- private $connection;
-
- public function __construct(IDBConnection $connection) {
- $this->connection = $connection;
+ public function __construct(
+ private IDBConnection $connection,
+ ) {
  }
 
  /**
@@ -58,7 +56,7 @@ protected function removePrivateEventActivity(): int {
  ->from('calendarobjects', 'o')
  ->leftJoin('o', 'calendars', 'c', $query->expr()->eq('c.id', 'o.calendarid'))
  ->where($query->expr()->eq('o.classification', $query->createNamedParameter(CalDavBackend::CLASSIFICATION_PRIVATE)));
- $result = $query->execute();
+ $result = $query->executeQuery();
 
  while ($row = $result->fetch()) {
  if ($row['principaluri'] === null) {
@@ -69,7 +67,7 @@ protected function removePrivateEventActivity(): int {
  ->setParameter('type', 'calendar')
  ->setParameter('calendar_id', $row['calendarid'])
  ->setParameter('event_uid', '%' . $this->connection->escapeLikeParameter('{"id":"' . $row['uid'] . '"') . '%');
- $deletedEvents += $delete->execute();
+ $deletedEvents += $delete->executeStatement();
  }
  $result->closeCursor();
 
@@ -92,7 +90,7 @@ protected function removeConfidentialUncensoredEventActivity(): int {
  ->from('calendarobjects', 'o')
  ->leftJoin('o', 'calendars', 'c', $query->expr()->eq('c.id', 'o.calendarid'))
  ->where($query->expr()->eq('o.classification', $query->createNamedParameter(CalDavBackend::CLASSIFICATION_CONFIDENTIAL)));
- $result = $query->execute();
+ $result = $query->executeQuery();
 
  while ($row = $result->fetch()) {
  if ($row['principaluri'] === null) {
@@ -104,7 +102,7 @@ protected function removeConfidentialUncensoredEventActivity(): int {
  ->setParameter('calendar_id', $row['calendarid'])
  ->setParameter('event_uid', '%' . $this->connection->escapeLikeParameter('{"id":"' . $row['uid'] . '"') . '%')
  ->setParameter('filtered_name', '%' . $this->connection->escapeLikeParameter('{"id":"' . $row['uid'] . '","name":"Busy"') . '%');
- $deletedEvents += $delete->execute();
+ $deletedEvents += $delete->executeStatement();
  }
  $result->closeCursor();
 

apps/dav/lib/Migration/RemoveOrphanEventsAndContacts.php

@@ -16,11 +16,9 @@
 
 class RemoveOrphanEventsAndContacts implements IRepairStep {
 
- /** @var IDBConnection */
- private $connection;
-
- public function __construct(IDBConnection $connection) {
- $this->connection = $connection;
+ public function __construct(
+ private IDBConnection $connection,
+ ) {
  }
 
  /**
@@ -67,7 +65,7 @@ protected function removeOrphanChildren($childTable, $parentTable, $parentId): i
  $qb->andWhere($qb->expr()->eq('c.calendartype', $qb->createNamedParameter($calendarType, IQueryBuilder::PARAM_INT), IQueryBuilder::PARAM_INT));
  }
 
- $result = $qb->execute();
+ $result = $qb->executeQuery();
 
  $orphanItems = [];
  while ($row = $result->fetch()) {
@@ -82,7 +80,7 @@ protected function removeOrphanChildren($childTable, $parentTable, $parentId): i
  $orphanItemsBatch = array_chunk($orphanItems, 200);
  foreach ($orphanItemsBatch as $items) {
  $qb->setParameter('ids', $items, IQueryBuilder::PARAM_INT_ARRAY);
- $qb->execute();
+ $qb->executeStatement();
  }
  }
 

apps/federatedfilesharing/lib/OCM/CloudFederationProviderFiles.php

@@ -450,7 +450,7 @@ private function unshare($id, array $notification) {
  )
  );
 
- $result = $qb->execute();
+ $result = $qb->executeQuery();
  $share = $result->fetch();
  $result->closeCursor();
 
@@ -470,13 +470,13 @@ private function unshare($id, array $notification) {
  )
  );
 
- $qb->execute();
+ $qb->executeStatement();
 
  // delete all child in case of a group share
  $qb = $this->connection->getQueryBuilder();
  $qb->delete('share_external')
  ->where($qb->expr()->eq('parent', $qb->createNamedParameter((int)$share['id'])));
- $qb->execute();
+ $qb->executeStatement();
 
  $ownerDisplayName = $this->getUserDisplayName($owner->getId());
 
@@ -624,7 +624,7 @@ protected function updatePermissionsInDatabase(IShare $share, $permissions) {
  $query->update('share')
  ->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
  ->set('permissions', $query->createNamedParameter($permissions))
- ->execute();
+ ->executeStatement();
  }
 
 

apps/files_sharing/lib/Migration/SetAcceptedStatus.php

@@ -17,16 +17,10 @@
 
 class SetAcceptedStatus implements IRepairStep {
 
- /** @var IDBConnection */
- private $connection;
-
- /** @var IConfig */
- private $config;
-
-
- public function __construct(IDBConnection $connection, IConfig $config) {
- $this->connection = $connection;
- $this->config = $config;
+ public function __construct(
+ private IDBConnection $connection,
+ private IConfig $config,
+ ) {
  }
 
  /**
@@ -52,7 +46,7 @@ public function run(IOutput $output): void {
  ->update('share')
  ->set('accepted', $query->createNamedParameter(IShare::STATUS_ACCEPTED))
  ->where($query->expr()->in('share_type', $query->createNamedParameter([IShare::TYPE_USER, IShare::TYPE_GROUP, IShare::TYPE_USERGROUP], IQueryBuilder::PARAM_INT_ARRAY)));
- $query->execute();
+ $query->executeStatement();
  }
 
  protected function shouldRun() {