SelectTest.php
Same filename in other branches
Namespace
Drupal\KernelTests\Core\DatabaseFile
-
core/
tests/ Drupal/ KernelTests/ Core/ Database/ SelectTest.php
View source
<?php
declare (strict_types=1);
namespace Drupal\KernelTests\Core\Database;
use Drupal\Core\Database\InvalidQueryException;
use Drupal\Core\Database\Database;
use Drupal\Core\Database\DatabaseExceptionWrapper;
use Drupal\Core\Database\Query\SelectExtender;
/**
* Tests the Select query builder.
*
* @group Database
*/
class SelectTest extends DatabaseTestBase {
/**
* Tests rudimentary SELECT statements.
*/
public function testSimpleSelect() : void {
$query = $this->connection
->select('test');
$query->addField('test', 'name');
$query->addField('test', 'age', 'age');
$num_records = $query->countQuery()
->execute()
->fetchField();
$this->assertEquals(4, $num_records, 'Returned the correct number of rows.');
}
/**
* Tests rudimentary SELECT statement with a COMMENT.
*/
public function testSimpleComment() : void {
$query = $this->connection
->select('test')
->comment('Testing query comments');
$query->addField('test', 'name');
$query->addField('test', 'age', 'age');
$result = $query->execute();
$records = $result->fetchAll();
$query = (string) $query;
$expected = "/* Testing query comments */";
$this->assertCount(4, $records, 'Returned the correct number of rows.');
$this->assertStringContainsString($expected, $query, 'The flattened query contains the comment string.');
}
/**
* Tests query COMMENT system against vulnerabilities.
*/
public function testVulnerableComment() : void {
$query = $this->connection
->select('test')
->comment('Testing query comments */ SELECT nid FROM {node}; --');
$query->addField('test', 'name');
$query->addField('test', 'age', 'age');
$result = $query->execute();
$records = $result->fetchAll();
$query = (string) $query;
$expected = "/* Testing query comments * / SELECT nid FROM {node}. -- */";
// Check the returned number of rows.
$this->assertCount(4, $records);
// Check that the flattened query contains the sanitized comment string.
$this->assertStringContainsString($expected, $query);
$connection = Database::getConnection();
foreach ($this->makeCommentsProvider() as $test_set) {
[
$expected,
$comments,
] = $test_set;
$this->assertEquals($expected, $connection->makeComment($comments));
}
}
/**
* Provides expected and input values for testVulnerableComment().
*/
public function makeCommentsProvider() {
return [
[
'/* */ ',
[
'',
],
],
// Try and close the comment early.
[
'/* Exploit * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
],
],
// Variations on comment closing.
[
'/* Exploit * / * / DROP TABLE node. -- */ ',
[
'Exploit */*/ DROP TABLE node; --',
],
],
[
'/* Exploit * * // DROP TABLE node. -- */ ',
[
'Exploit **// DROP TABLE node; --',
],
],
// Try closing the comment in the second string which is appended.
[
'/* Exploit * / DROP TABLE node. --. Another try * / DROP TABLE node. -- */ ',
[
'Exploit */ DROP TABLE node; --',
'Another try */ DROP TABLE node; --',
],
],
];
}
/**
* Tests basic conditionals on SELECT statements.
*/
public function testSimpleSelectConditional() : void {
$query = $this->connection
->select('test');
$name_field = $query->addField('test', 'name');
$age_field = $query->addField('test', 'age', 'age');
$query->condition('age', 27);
$result = $query->execute();
// Check that the aliases are being created the way we want.
$this->assertEquals('name', $name_field, 'Name field alias is correct.');
$this->assertEquals('age', $age_field, 'Age field alias is correct.');
// Ensure that we got the right record.
$record = $result->fetch();
$this->assertEquals('George', $record->{$name_field}, 'Fetched name is correct.');
$this->assertEquals(27, $record->{$age_field}, 'Fetched age is correct.');
}
/**
* Tests SELECT statements with expressions.
*/
public function testSimpleSelectExpression() : void {
$query = $this->connection
->select('test');
$name_field = $query->addField('test', 'name');
$age_field = $query->addExpression("[age]*2", 'double_age');
$query->condition('age', 27);
$result = $query->execute();
// Check that the aliases are being created the way we want.
$this->assertEquals('name', $name_field, 'Name field alias is correct.');
$this->assertEquals('double_age', $age_field, 'Age field alias is correct.');
// Ensure that we got the right record.
$record = $result->fetch();
$this->assertEquals('George', $record->{$name_field}, 'Fetched name is correct.');
$this->assertEquals(27 * 2, $record->{$age_field}, 'Fetched age expression is correct.');
}
/**
* Tests SELECT statements with multiple expressions.
*/
public function testSimpleSelectExpressionMultiple() : void {
$query = $this->connection
->select('test');
$name_field = $query->addField('test', 'name');
$age_double_field = $query->addExpression("[age]*2");
$age_triple_field = $query->addExpression("[age]*3");
$query->condition('age', 27);
$result = $query->execute();
// Check that the aliases are being created the way we want.
$this->assertEquals('expression', $age_double_field, 'Double age field alias is correct.');
$this->assertEquals('expression_2', $age_triple_field, 'Triple age field alias is correct.');
// Ensure that we got the right record.
$record = $result->fetch();
$this->assertEquals('George', $record->{$name_field}, 'Fetched name is correct.');
$this->assertEquals(27 * 2, $record->{$age_double_field}, 'Fetched double age expression is correct.');
$this->assertEquals(27 * 3, $record->{$age_triple_field}, 'Fetched triple age expression is correct.');
}
/**
* Tests adding multiple fields to a SELECT statement at the same time.
*/
public function testSimpleSelectMultipleFields() : void {
$record = $this->connection
->select('test')
->fields('test', [
'id',
'name',
'age',
'job',
])
->condition('age', 27)
->execute()
->fetchObject();
// Check that all fields we asked for are present.
$this->assertNotNull($record->id, 'ID field is present.');
$this->assertNotNull($record->name, 'Name field is present.');
$this->assertNotNull($record->age, 'Age field is present.');
$this->assertNotNull($record->job, 'Job field is present.');
// Ensure that we got the right record.
// Check that all fields we asked for are present.
$this->assertEquals(2, $record->id, 'ID field has the correct value.');
$this->assertEquals('George', $record->name, 'Name field has the correct value.');
$this->assertEquals(27, $record->age, 'Age field has the correct value.');
$this->assertEquals('Singer', $record->job, 'Job field has the correct value.');
}
/**
* Tests adding all fields from a given table to a SELECT statement.
*/
public function testSimpleSelectAllFields() : void {
$record = $this->connection
->select('test')
->fields('test')
->condition('age', 27)
->execute()
->fetchObject();
// Check that all fields we asked for are present.
$this->assertNotNull($record->id, 'ID field is present.');
$this->assertNotNull($record->name, 'Name field is present.');
$this->assertNotNull($record->age, 'Age field is present.');
$this->assertNotNull($record->job, 'Job field is present.');
// Ensure that we got the right record.
// Check that all fields we asked for are present.
$this->assertEquals(2, $record->id, 'ID field has the correct value.');
$this->assertEquals('George', $record->name, 'Name field has the correct value.');
$this->assertEquals(27, $record->age, 'Age field has the correct value.');
$this->assertEquals('Singer', $record->job, 'Job field has the correct value.');
}
/**
* Tests that a comparison with NULL is always FALSE.
*/
public function testNullCondition() : void {
$this->ensureSampleDataNull();
$names = $this->connection
->select('test_null', 'tn')
->fields('tn', [
'name',
])
->condition('age', NULL)
->execute()
->fetchCol();
$this->assertCount(0, $names, 'No records found when comparing to NULL.');
}
/**
* Tests that we can find a record with a NULL value.
*/
public function testIsNullCondition() : void {
$this->ensureSampleDataNull();
$names = $this->connection
->select('test_null', 'tn')
->fields('tn', [
'name',
])
->isNull('age')
->execute()
->fetchCol();
$this->assertCount(1, $names, 'Correct number of records found with NULL age.');
$this->assertEquals('Ernie', $names[0], 'Correct record returned for NULL age.');
}
/**
* Tests that we can find a record without a NULL value.
*/
public function testIsNotNullCondition() : void {
$this->ensureSampleDataNull();
$names = $this->connection
->select('test_null', 'tn')
->fields('tn', [
'name',
])
->isNotNull('tn.age')
->orderBy('name')
->execute()
->fetchCol();
$this->assertCount(2, $names, 'Correct number of records found withNOT NULL age.');
$this->assertEquals('Gonzo', $names[0], 'Correct record returned for NOT NULL age.');
$this->assertEquals('Kermit', $names[1], 'Correct record returned for NOT NULL age.');
}
/**
* Tests that we can force a query to return an empty result.
*/
public function testAlwaysFalseCondition() : void {
$names = $this->connection
->select('test', 'test')
->fields('test', [
'name',
])
->condition('age', 27)
->execute()
->fetchCol();
$this->assertCount(1, $names);
$this->assertSame($names[0], 'George');
$names = $this->connection
->select('test', 'test')
->fields('test', [
'name',
])
->condition('age', 27)
->alwaysFalse()
->execute()
->fetchCol();
$this->assertCount(0, $names);
}
/**
* Tests that we can force an extended query to return an empty result.
*/
public function testExtenderAlwaysFalseCondition() : void {
$names = $this->connection
->select('test', 'test')
->extend(SelectExtender::class)
->fields('test', [
'name',
])
->condition('age', 27)
->execute()
->fetchCol();
$this->assertCount(1, $names);
$this->assertSame($names[0], 'George');
$names = $this->connection
->select('test', 'test')
->extend(SelectExtender::class)
->fields('test', [
'name',
])
->condition('age', 27)
->alwaysFalse()
->execute()
->fetchCol();
$this->assertCount(0, $names);
}
/**
* Tests that we can UNION multiple Select queries together.
*
* This is semantically equal to UNION DISTINCT, so we don't explicitly test
* that.
*/
public function testUnion() : void {
$query_1 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', [
27,
28,
], 'IN');
$query_2 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', 28);
$query_1->union($query_2);
$names = $query_1->execute()
->fetchCol();
// Ensure we only get 2 records.
$this->assertCount(2, $names, 'UNION correctly discarded duplicates.');
$this->assertEqualsCanonicalizing([
'George',
'Ringo',
], $names);
}
/**
* Tests that we can UNION ALL multiple SELECT queries together.
*/
public function testUnionAll() : void {
$query_1 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', [
27,
28,
], 'IN');
$query_2 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', 28);
$query_1->union($query_2, 'ALL');
$names = $query_1->execute()
->fetchCol();
// Ensure we get all 3 records.
$this->assertCount(3, $names, 'UNION ALL correctly preserved duplicates.');
$this->assertEquals('George', $names[0], 'First query returned correct first name.');
$this->assertEquals('Ringo', $names[1], 'Second query returned correct second name.');
$this->assertEquals('Ringo', $names[2], 'Third query returned correct name.');
}
/**
* Tests that we can get a count query for a UNION Select query.
*/
public function testUnionCount() : void {
$query_1 = $this->connection
->select('test', 't')
->fields('t', [
'name',
'age',
])
->condition('age', [
27,
28,
], 'IN');
$query_2 = $this->connection
->select('test', 't')
->fields('t', [
'name',
'age',
])
->condition('age', 28);
$query_1->union($query_2, 'ALL');
$names = $query_1->execute()
->fetchCol();
$count = (int) $query_1->countQuery()
->execute()
->fetchField();
// Ensure the counts match.
$this->assertSame(count($names), $count, "The count query's result matched the number of rows in the UNION query.");
}
/**
* Tests that we can UNION multiple Select queries together and set the ORDER.
*/
public function testUnionOrder() : void {
// This gives George and Ringo.
$query_1 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', [
27,
28,
], 'IN');
// This gives Paul.
$query_2 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', 26);
$query_1->union($query_2);
$query_1->orderBy('name', 'DESC');
$names = $query_1->execute()
->fetchCol();
// Ensure we get all 3 records.
$this->assertCount(3, $names, 'UNION returned rows from both queries.');
// Ensure that the names are in the correct reverse alphabetical order,
// regardless of which query they came from.
$this->assertEquals('Ringo', $names[0], 'First query returned correct name.');
$this->assertEquals('Paul', $names[1], 'Second query returned correct name.');
$this->assertEquals('George', $names[2], 'Third query returned correct name.');
}
/**
* Tests that we can UNION multiple Select queries together with and a LIMIT.
*/
public function testUnionOrderLimit() : void {
// This gives George and Ringo.
$query_1 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', [
27,
28,
], 'IN');
// This gives Paul.
$query_2 = $this->connection
->select('test', 't')
->fields('t', [
'name',
])
->condition('age', 26);
$query_1->union($query_2);
$query_1->orderBy('name', 'DESC');
$query_1->range(0, 2);
$names = $query_1->execute()
->fetchCol();
// Ensure we get all only 2 of the 3 records.
$this->assertCount(2, $names, 'UNION with a limit returned rows from both queries.');
// Ensure that the names are in the correct reverse alphabetical order,
// regardless of which query they came from.
$this->assertEquals('Ringo', $names[0], 'First query returned correct name.');
$this->assertEquals('Paul', $names[1], 'Second query returned correct name.');
}
/**
* Tests that random ordering of queries works.
*
* We take the approach of testing the Drupal layer only, rather than trying
* to test that the database's random number generator actually produces
* random queries (which is very difficult to do without an unacceptable risk
* of the test failing by accident).
*
* Therefore, in this test we simply run the same query twice and assert that
* the two results are reordered versions of each other (as well as of the
* same query without the random ordering). It is reasonable to assume that
* if we run the same select query twice and the results are in a different
* order each time, the only way this could happen is if we have successfully
* triggered the database's random ordering functionality.
*/
public function testRandomOrder() : void {
// Use 52 items, so the chance that this test fails by accident will be the
// same as the chance that a deck of cards will come out in the same order
// after shuffling it (in other words, nearly impossible).
$number_of_items = 52;
while ($this->connection
->query("SELECT MAX([id]) FROM {test}")
->fetchField() < $number_of_items) {
$this->connection
->insert('test')
->fields([
'name' => $this->randomMachineName(),
])
->execute();
}
// First select the items in order and make sure we get an ordered list.
$expected_ids = range(1, $number_of_items);
$ordered_ids = $this->connection
->select('test', 't')
->fields('t', [
'id',
])
->range(0, $number_of_items)
->orderBy('id')
->execute()
->fetchCol();
$this->assertEquals($expected_ids, $ordered_ids, 'A query without random ordering returns IDs in the correct order.');
// Now perform the same query, but instead choose a random ordering. We
// expect this to contain a differently ordered version of the original
// result.
$randomized_ids = $this->connection
->select('test', 't')
->fields('t', [
'id',
])
->range(0, $number_of_items)
->orderRandom()
->execute()
->fetchCol();
$this->assertNotEquals($ordered_ids, $randomized_ids, 'A query with random ordering returns an unordered set of IDs.');
$sorted_ids = $randomized_ids;
sort($sorted_ids);
$this->assertEquals($ordered_ids, $sorted_ids, 'After sorting the random list, the result matches the original query.');
// Now perform the exact same query again, and make sure the order is
// different.
$randomized_ids_second_set = $this->connection
->select('test', 't')
->fields('t', [
'id',
])
->range(0, $number_of_items)
->orderRandom()
->execute()
->fetchCol();
$this->assertNotEquals($randomized_ids, $randomized_ids_second_set, 'Performing the query with random ordering a second time returns IDs in a different order.');
$sorted_ids_second_set = $randomized_ids_second_set;
sort($sorted_ids_second_set);
$this->assertEquals($sorted_ids, $sorted_ids_second_set, 'After sorting the second random list, the result matches the sorted version of the first random list.');
}
/**
* Data provider for testRegularExpressionCondition().
*
* @return array[]
* Returns data-set elements with:
* - the expected result of the query
* - the table column to do the search on.
* - the regular expression pattern to search for.
* - the regular expression operator 'REGEXP' or 'NOT REGEXP'.
*/
public static function providerRegularExpressionCondition() {
return [
[
[
'John',
],
'name',
'hn$',
'REGEXP',
],
[
[
'Paul',
],
'name',
'^Pau',
'REGEXP',
],
[
[
'George',
'Ringo',
],
'name',
'Ringo|George',
'REGEXP',
],
[
[
'Pete',
],
'job',
'#Drummer',
'REGEXP',
],
[
[],
'job',
'#Singer',
'REGEXP',
],
[
[
'Paul',
'Pete',
],
'age',
'2[6]',
'REGEXP',
],
[
[
'George',
'Paul',
'Pete',
'Ringo',
],
'name',
'hn$',
'NOT REGEXP',
],
[
[
'George',
'John',
'Pete',
'Ringo',
],
'name',
'^Pau',
'NOT REGEXP',
],
[
[
'John',
'Paul',
'Pete',
],
'name',
'Ringo|George',
'NOT REGEXP',
],
[
[
'George',
'John',
'Paul',
'Ringo',
],
'job',
'#Drummer',
'NOT REGEXP',
],
[
[
'George',
'John',
'Paul',
'Pete',
'Ringo',
],
'job',
'#Singer',
'NOT REGEXP',
],
[
[
'George',
'John',
'Ringo',
],
'age',
'2[6]',
'NOT REGEXP',
],
];
}
/**
* Tests that filter by 'REGEXP' and 'NOT REGEXP' works as expected.
*
* @dataProvider providerRegularExpressionCondition
*/
public function testRegularExpressionCondition($expected, $column, $pattern, $operator) : void {
$database = $this->container
->get('database');
$database->insert('test')
->fields([
'name' => 'Pete',
'age' => 26,
'job' => '#Drummer',
])
->execute();
$query = $database->select('test', 't');
$query->addField('t', 'name');
$query->condition("t.{$column}", $pattern, $operator);
$result = $query->execute()
->fetchCol();
sort($result);
$this->assertEquals($expected, $result);
}
/**
* Tests that aliases are renamed when they are duplicates.
*/
public function testSelectDuplicateAlias() : void {
$query = $this->connection
->select('test', 't');
$alias1 = $query->addField('t', 'name', 'the_alias');
$alias2 = $query->addField('t', 'age', 'the_alias');
$this->assertNotSame($alias1, $alias2, 'Duplicate aliases are renamed.');
}
/**
* Tests that an invalid count query throws an exception.
*/
public function testInvalidSelectCount() : void {
$this->expectException(DatabaseExceptionWrapper::class);
// This query will fail because the table does not exist.
$this->connection
->select('some_table_that_does_not_exist', 't')
->fields('t')
->countQuery()
->execute();
}
/**
* Tests thrown exception for IN query conditions with an empty array.
*/
public function testEmptyInCondition() : void {
try {
$this->connection
->select('test', 't')
->fields('t')
->condition('age', [], 'IN')
->execute();
$this->fail('Expected exception not thrown');
} catch (InvalidQueryException $e) {
$this->assertEquals("Query condition 'age IN ()' cannot be empty.", $e->getMessage());
}
try {
$this->connection
->select('test', 't')
->fields('t')
->condition('age', [], 'NOT IN')
->execute();
$this->fail('Expected exception not thrown');
} catch (InvalidQueryException $e) {
$this->assertEquals("Query condition 'age NOT IN ()' cannot be empty.", $e->getMessage());
}
}
/**
* Data provider for testNonArrayOperatorWithArrayValueCondition().
*
* @return array[]
* Array of non array compatible operators and its value in the expected
* exception message.
*/
public static function providerNonArrayOperatorWithArrayValueCondition() {
return [
'=' => [
'=',
'=',
],
'>' => [
'>',
'>',
],
'<' => [
'<',
'<',
],
'>=' => [
'>=',
'>=',
],
'<=' => [
'<=',
'<=',
],
'IS NULL' => [
'IS NULL',
'IS NULL',
],
'IS NOT NULL' => [
'IS NOT NULL',
'IS NOT NULL',
],
'Empty string' => [
'',
'=',
],
'Not set' => [
NULL,
'=',
],
];
}
/**
* Tests thrown exception for non array operator conditions with array value.
*
* @dataProvider providerNonArrayOperatorWithArrayValueCondition
*/
public function testNonArrayOperatorWithArrayValueCondition($operator, $operator_in_exception_message) : void {
$this->expectException(InvalidQueryException::class);
$this->expectExceptionMessage("Query condition 'age " . $operator_in_exception_message . " 26, 27' must have an array compatible operator.");
$this->connection
->select('test', 't')
->fields('t')
->condition('age', [
26,
27,
], $operator)
->execute();
}
/**
* Tests thrown exception for non array operator conditions with array value.
*
* @dataProvider providerNonArrayOperatorWithArrayValueCondition
* @group legacy
*/
public function testNonArrayOperatorWithArrayValueConditionDeprecated($operator, $operator_in_exception_message) : void {
$this->expectDeprecation('Calling Drupal\\Core\\Database\\Query\\Condition::condition() without an array compatible operator is deprecated in drupal:10.1.0 and will be required in drupal:11.0.0. See https://www.drupal.org/node/3350985');
$this->connection
->select('test', 't')
->fields('t')
->condition('age', [
26,
], $operator)
->execute();
}
}
Classes
Title | Deprecated | Summary |
---|---|---|
SelectTest | Tests the Select query builder. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.