Skip to content

Commit a49b322

Browse files
mattamonmattamon
authored
[Bug]: Use parameters for joins in Customer Segment (#549)
* Use parameters for joins * Use array_keys * Set param type * Use non deprecated version
1 parent 0998ce4 commit a49b322

File tree

1 file changed

+16
-4
lines changed

1 file changed

+16
-4
lines changed

src/CustomerList/Filter/CustomerSegment.php

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,12 @@
1818
use CustomerManagementFrameworkBundle\Listing\Filter\AbstractFilter;
1919
use CustomerManagementFrameworkBundle\Listing\Filter\OnCreateQueryFilterInterface;
2020
use CustomerManagementFrameworkBundle\Service\MariaDb;
21+
use Doctrine\DBAL\ArrayParameterType;
22+
use Doctrine\DBAL\Connection;
23+
use Doctrine\DBAL\ParameterType;
2124
use Doctrine\DBAL\Query\QueryBuilder;
25+
use Exception;
26+
use InvalidArgumentException;
2227
use Pimcore\Model\DataObject;
2328
use Pimcore\Model\DataObject\Listing as CoreListing;
2429

@@ -119,7 +124,7 @@ protected function addCustomerSegment(DataObject\CustomerSegment $segment)
119124
{
120125
if ($segment->getGroup() && null !== $this->segmentGroup) {
121126
if ($segment->getGroup()->getId() !== $this->segmentGroup->getId()) {
122-
throw new \InvalidArgumentException('Segment does not belong to the defined segment group');
127+
throw new InvalidArgumentException('Segment does not belong to the defined segment group');
123128
}
124129
}
125130

@@ -187,6 +192,7 @@ protected function applyAndQuery(CoreListing\Concrete $listing, QueryBuilder $qu
187192
*
188193
* @param string $joinName
189194
* @param int|array $conditionValue
195+
* @throws Exception
190196
*/
191197
protected function addJoin(
192198
CoreListing\Concrete $listing,
@@ -212,21 +218,25 @@ protected function addJoin(
212218
);
213219

214220
$condition = $baseCondition;
215-
221+
$valuePlaceholder = $joinName . '_value';
222+
$parameterType = ParameterType::INTEGER;
216223
if ($this->type === self::OPERATOR_OR) {
217224
// must match any of the passed IDs
218225
$condition .= sprintf(
219226
' AND %1$s.dest_id IN (%2$s)',
220227
$joinName,
221-
implode(',', $conditionValue)
228+
':' . $valuePlaceholder
222229
);
230+
$value = array_keys($conditionValue);
231+
$parameterType = ArrayParameterType::INTEGER;
223232
} else {
224233
// runs an extra join for every ID - all joins must match
225234
$condition .= sprintf(
226235
' AND %1$s.dest_id = %2$s',
227236
$joinName,
228-
$conditionValue
237+
':' . $valuePlaceholder
229238
);
239+
$value = $conditionValue;
230240
}
231241

232242
$queryBuilder->join(
@@ -235,5 +245,7 @@ protected function addJoin(
235245
$joinName,
236246
$condition
237247
);
248+
249+
$queryBuilder->setParameter($valuePlaceholder, $value, $parameterType);
238250
}
239251
}

0 commit comments

Comments
 (0)