cover more unresolvable-query cases (#165)

staabm · clxmstaab · web-flow · commit 7a91f9ce7b3f · 2022-01-20T11:09:00.000Z
Co-authored-by: Markus Staab &lt;m.staab@complex-it.de&gt;
diff --git a/src/Rules/PdoStatementExecuteMethodRule.php b/src/Rules/PdoStatementExecuteMethodRule.php
@@ -12,6 +12,7 @@
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleError;
 use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\MixedType;
 use staabm\PHPStanDba\PdoReflection\PdoStatementReflection;
 use staabm\PHPStanDba\QueryReflection\PlaceholderValidation;
 use staabm\PHPStanDba\QueryReflection\QueryReflection;
@@ -63,6 +64,9 @@ private function checkErrors(MethodReflection $methodReflection, MethodCall $met
         if (null === $queryExpr) {
             return [];
         }
+        if ($scope->getType($queryExpr) instanceof MixedType) {
+            return [];
+        }
 
         $args = $methodCall->getArgs();
         if (\count($args) < 1) {
@@ -78,13 +82,19 @@ private function checkErrors(MethodReflection $methodReflection, MethodCall $met
             }
         }
 
-        $errors = [];
-        $placeholderReflection = new PlaceholderValidation();
-        foreach ($queryReflection->resolveQueryStrings($queryExpr, $scope) as $queryString) {
-            foreach ($placeholderReflection->checkErrors($queryString, $parameters) as $error) {
-                // make error messages unique
-                $errors[$error] = $error;
+        try {
+            $errors = [];
+            $placeholderReflection = new PlaceholderValidation();
+            foreach ($queryReflection->resolveQueryStrings($queryExpr, $scope) as $queryString) {
+                foreach ($placeholderReflection->checkErrors($queryString, $parameters) as $error) {
+                    // make error messages unique
+                    $errors[$error] = $error;
+                }
             }
+        } catch (UnresolvableQueryException $exception) {
+            return [
+                RuleErrorBuilder::message($exception->asRuleMessage())->tip(UnresolvableQueryException::RULE_TIP)->line($methodCall->getLine())->build(),
+            ];
         }
 
         $ruleErrors = [];
diff --git a/src/Rules/SyntaxErrorInPreparedStatementMethodRule.php b/src/Rules/SyntaxErrorInPreparedStatementMethodRule.php
@@ -13,6 +13,7 @@
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleError;
 use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\MixedType;
 use PHPStan\Type\ObjectType;
 use staabm\PHPStanDba\QueryReflection\PlaceholderValidation;
 use staabm\PHPStanDba\QueryReflection\QueryReflection;
@@ -95,9 +96,13 @@ private function checkErrors(CallLike $callLike, Scope $scope): array
         }
 
         $queryExpr = $args[0]->value;
-        $parameterTypes = $scope->getType($args[1]->value);
+
+        if ($scope->getType($queryExpr) instanceof MixedType) {
+            return [];
+        }
 
         $queryReflection = new QueryReflection();
+        $parameterTypes = $scope->getType($args[1]->value);
         try {
             $parameters = $queryReflection->resolveParameters($parameterTypes) ?? [];
         } catch (UnresolvableQueryException $exception) {
@@ -108,25 +113,31 @@ private function checkErrors(CallLike $callLike, Scope $scope): array
 
         $errors = [];
         $placeholderReflection = new PlaceholderValidation();
-        foreach ($queryReflection->resolvePreparedQueryStrings($queryExpr, $parameterTypes, $scope) as $queryString) {
-            $queryError = $queryReflection->validateQueryString($queryString);
-            if (null !== $queryError) {
-                $error = $queryError->asRuleMessage();
-                $errors[$error] = $error;
+        try {
+            foreach ($queryReflection->resolvePreparedQueryStrings($queryExpr, $parameterTypes, $scope) as $queryString) {
+                $queryError = $queryReflection->validateQueryString($queryString);
+                if (null !== $queryError) {
+                    $error = $queryError->asRuleMessage();
+                    $errors[$error] = $error;
+                }
             }
-        }
 
-        foreach ($queryReflection->resolveQueryStrings($queryExpr, $scope) as $queryString) {
-            foreach ($placeholderReflection->checkErrors($queryString, $parameters) as $error) {
-                $errors[$error] = $error;
+            foreach ($queryReflection->resolveQueryStrings($queryExpr, $scope) as $queryString) {
+                foreach ($placeholderReflection->checkErrors($queryString, $parameters) as $error) {
+                    $errors[$error] = $error;
+                }
             }
-        }
 
-        $ruleErrors = [];
-        foreach ($errors as $error) {
-            $ruleErrors[] = RuleErrorBuilder::message($error)->line($callLike->getLine())->build();
-        }
+            $ruleErrors = [];
+            foreach ($errors as $error) {
+                $ruleErrors[] = RuleErrorBuilder::message($error)->line($callLike->getLine())->build();
+            }
 
-        return $ruleErrors;
+            return $ruleErrors;
+        } catch (UnresolvableQueryException $exception) {
+            return [
+                RuleErrorBuilder::message($exception->asRuleMessage())->tip(UnresolvableQueryException::RULE_TIP)->line($callLike->getLine())->build(),
+            ];
+        }
     }
 }
diff --git a/src/Rules/SyntaxErrorInQueryFunctionRule.php b/src/Rules/SyntaxErrorInQueryFunctionRule.php
@@ -10,6 +10,7 @@
 use PHPStan\Reflection\ReflectionProvider;
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\MixedType;
 use staabm\PHPStanDba\QueryReflection\QueryReflection;
 use staabm\PHPStanDba\Tests\SyntaxErrorInQueryFunctionRuleTest;
 use staabm\PHPStanDba\UnresolvableQueryException;
@@ -77,6 +78,10 @@ public function processNode(Node $node, Scope $scope): array
             return [];
         }
 
+        if ($scope->getType($args[$queryArgPosition]->value) instanceof MixedType) {
+            return [];
+        }
+
         $queryReflection = new QueryReflection();
         try {
             foreach ($queryReflection->resolveQueryStrings($args[$queryArgPosition]->value, $scope) as $queryString) {
diff --git a/src/Rules/SyntaxErrorInQueryMethodRule.php b/src/Rules/SyntaxErrorInQueryMethodRule.php
@@ -9,6 +9,7 @@
 use PHPStan\Analyser\Scope;
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\MixedType;
 use staabm\PHPStanDba\QueryReflection\QueryReflection;
 use staabm\PHPStanDba\UnresolvableQueryException;
 
@@ -69,6 +70,10 @@ public function processNode(Node $node, Scope $scope): array
             return [];
         }
 
+        if ($scope->getType($args[$queryArgPosition]->value) instanceof MixedType) {
+            return [];
+        }
+
         try {
             $queryReflection = new QueryReflection();
             $queryStrings = $queryReflection->resolveQueryStrings($args[$queryArgPosition]->value, $scope);
diff --git a/tests/data/unresolvable-pdo-statement.php b/tests/data/unresolvable-pdo-statement.php
@@ -12,4 +12,12 @@ public function mixedParam(PDO $pdo, $mixed)
         $stmt = $pdo->prepare($query);
         $stmt->execute([':gesperrt' => $mixed]);
     }
+
+    public function noErrorOnMixedQuery(PDO $pdo, $mixed)
+    {
+        // we should not report a error here, as this is like a call somewhere in between software layers
+        // which don't know anything about the actual query
+        $stmt = $pdo->prepare($mixed);
+        $stmt->execute([]);
+    }
 }
diff --git a/tests/data/unresolvable-query-in-function.php b/tests/data/unresolvable-query-in-function.php
@@ -16,4 +16,11 @@ public function mixedParam2(DbCredentials $dbCredentials, $mixed)
         $query = 'SELECT email adaid WHERE gesperrt freigabe1u1 FROM ada gesperrt='.$mixed;
         \Deployer\runMysqlQuery($query, $dbCredentials);
     }
+
+    public function noErrorOnMixedQuery(DbCredentials $dbCredentials, $mixed)
+    {
+        // we should not report a error here, as this is like a call somewhere in between software layers
+        // which don't know anything about the actual query
+        \Deployer\runMysqlQuery($mixed, $dbCredentials);
+    }
 }
diff --git a/tests/data/unresolvable-query-in-method.php b/tests/data/unresolvable-query-in-method.php
@@ -16,4 +16,11 @@ public function mixedParam2(PDO $pdo, $mixed)
         $query = 'SELECT email FROM ada WHERE gesperrt='.$mixed;
         $pdo->query($query);
     }
+
+    public function noErrorOnMixedQuery(PDO $pdo, $mixed)
+    {
+        // we should not report a error here, as this is like a call somewhere in between software layers
+        // which don't know anything about the actual query
+        $pdo->query($mixed);
+    }
 }
diff --git a/tests/data/unresolvable-statement.php b/tests/data/unresolvable-statement.php
@@ -12,4 +12,11 @@ public function mixedParam(Connection $connection, $mixed)
             'gesperrt' => $mixed,
         ]);
     }
+
+    public function noErrorOnMixedQuery(Connection $connection, $mixed)
+    {
+        // we should not report a error here, as this is like a call somewhere in between software layers
+        // which don't know anything about the actual query
+        $connection->preparedQuery($mixed, []);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -12,4 +12,12 @@ public function mixedParam(PDO $pdo, $mixed)`
`12`	`12`	`$stmt = $pdo->prepare($query);`
`13`	`13`	`$stmt->execute([':gesperrt' => $mixed]);`
`14`	`14`	`}`
	`15`	`+`
	`16`	`+ public function noErrorOnMixedQuery(PDO $pdo, $mixed)`
	`17`	`+ {`
	`18`	`+ // we should not report a error here, as this is like a call somewhere in between software layers`
	`19`	`+ // which don't know anything about the actual query`
	`20`	`+ $stmt = $pdo->prepare($mixed);`
	`21`	`+ $stmt->execute([]);`
	`22`	`+ }`
`15`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -16,4 +16,11 @@ public function mixedParam2(DbCredentials $dbCredentials, $mixed)`
`16`	`16`	`$query = 'SELECT email adaid WHERE gesperrt freigabe1u1 FROM ada gesperrt='.$mixed;`
`17`	`17`	`\Deployer\runMysqlQuery($query, $dbCredentials);`
`18`	`18`	`}`
	`19`	`+`
	`20`	`+ public function noErrorOnMixedQuery(DbCredentials $dbCredentials, $mixed)`
	`21`	`+ {`
	`22`	`+ // we should not report a error here, as this is like a call somewhere in between software layers`
	`23`	`+ // which don't know anything about the actual query`
	`24`	`+ \Deployer\runMysqlQuery($mixed, $dbCredentials);`
	`25`	`+ }`
`19`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,4 +12,11 @@ public function mixedParam(Connection $connection, $mixed)`
`12`	`12`	`'gesperrt' => $mixed,`
`13`	`13`	`]);`
`14`	`14`	`}`
	`15`	`+`
	`16`	`+ public function noErrorOnMixedQuery(Connection $connection, $mixed)`
	`17`	`+ {`
	`18`	`+ // we should not report a error here, as this is like a call somewhere in between software layers`
	`19`	`+ // which don't know anything about the actual query`
	`20`	`+ $connection->preparedQuery($mixed, []);`
	`21`	`+ }`
`15`	`22`	`}`