I am facing a strange problem trying to execute a simple request using laravel-doctrine/orm v1.2.5 on Lumen v5.2.7. with an Oracle database.
When I create a query with the query builder containing more than 2 parameters, I get no results, even though I am expecting a result set.
$conn = $this->getEntityManager()->getConnection();
$queryBuilder = $conn->createQueryBuilder();
$queryBuilder->select('*')
->from('SYNCHS')
->where('SYNCHS.CLIENT_ID = :clientId')
->andWhere('SYNCHS.TOP_CLIENT_ID = :topClientId')
->andWhere('SYNCHS.ID = :synchId');
$queryBuilder->setParameter('clientId', $clientId)
->setParameter('topClientId', $topClientId)
->setParameter('synchId', $synchId);
echo $queryBuilder->getSQL();
var_dump($queryBuilder->getParameters());
$stmt = $queryBuilder->execute();
var_dump($stmt);
$results = $stmt->fetchAll();
dd($results);
If I comment any one of the where/addwhere clause, I end up with the expected result set, but if I have more than 2 parameters bound in the query, it returns nothing (of course it should return something with the passed parameters).
For every scenari:
I can see all my parameters are bound in the query builder var_dump($queryBuilder->getParameters());
Copy paste of the echo $queryBuilder->getSQL(); in Toad (oracle) setting the parameters with the values displayed by the var_dump($queryBuilder->getParameters()); give me 1 row (expected result). So I am sure that my query is correct.
I've looked for hours on google but no relevant result appeared for this problem. Thanks
Related
I am facing Second Order SQL Injection in the Spring-Hibernate application after scanning through the Checkmarx tool, I have gone through multiple questions in StackOverflow and in other platforms as well but did not get the right finding.
could you please look into the below code snip,
public String getOrderId(order_name){
String returnId= null;
Query query = entityManager.createNativeQuery("select order_id from order where order_name=?");
List<String> dataset = query.setParameter(1,order_name).getResultList();
if(dataset!=null){
returnId = dataset. Get(0);
}
return returnId;
}
In this above method, while calling getResultList(), getting a high vulnerability issue that, this method returns data flows through the code without being properly sanitized or validated, and eventually used in further database query in the method.
Earlier code was like this,
public String getOrderId(order_name){
String returnId= null;
String q = "select order_id from order where order_name="+order_name;
Query query = entityManager.createNativeQuery(q);
and directly it was used as a string append in query, which I have modified with set parameter,
Query query = entityManager.createNativeQuery("select order_id from order where order_name=?");
List<String> dataset = query.setParameter(1,order_name).getResultList();
but still after getting data from query.getResultSet(), it is asking for sanitizing and validating the data before use in further database query method.
and this return data is being used in further query like select * from return_Data where clause. (properly used in where clause to set parameter to avoid SQL injection).
and in the above query is used in another method where we pass return_Data as input to it.
could you please help here to know what checks and validation can be added to overcome this type of issue. Thanks in advance for prompt response.
I have the code which is working perfectly fine.
$amenityCategoryMapping1 = AmenityCategoryMapping::where('property_id', $property->id)
->orderBy('amenity_name','asc')
->orderBy('updated_at','desc')
->pluck('category_id', 'amenity_name')->toArray();
$amenityCategoryMapping2 = AmenityCategoryMapping::where('company_id', $property->company_id)
->orderBy('amenity_name','asc')
->orderBy('updated_at','desc')
->pluck('category_id', 'amenity_name')->toArray();
$amenityCategoryMapping3 = AmenityCategoryMapping::whereNull('property_id')
->orderBy('amenity_name','asc')
->orderBy('updated_at','desc')
->pluck('category_id', 'amenity_name')->toArray();
$amenityCategoryMapping = array_merge($amenityCategoryMapping3, $amenityCategoryMapping2, $amenityCategoryMapping1 );
However, currently I am executing 3 different query to extract data from the same table just using different parameters. Is there any way to minimize this query requests and still receiving the same results?
Currently, while plucking if two array has the same key then I am replacing amenityCategoryMapping3 by amenityCategoryMapping2 and that by amenityCategoryMapping1. That is more priority should be given to amenityCategoryMapping1
Try using orWhere function
$amenityCategoryMapping1 = AmenityCategoryMapping::where('property_id', $property->id)
->orWhere('company_id', $property->company_id)
->orWhereNull('property_id')
->orderBy('amenity_name','asc')
->orderBy('updated_at','desc')
->pluck('category_id', 'amenity_name')->toArray();
I am working with multiple databases in single project. When I run simple raw query to get another database table count but it always return zero instead of actual counts. Even I have more than 1 million records in table.
I run raw query in following formats but result is zero
$dbconn = \DB::connection("archive_db");
$dbconn->table('activities_archived')->count()
$sql = "SELECT COUNT(*) as total FROM activities_archived";
$result = \DB::connection("archive_db")->select(\DB::raw($sql));
Event I have set the database connections strict option to false but still facing same issue.
Now I am totaly stuck that why this issue is coming
$someModel->setConnection('mysql2');
$something = $someModel->count();
return $something;
For table cmdb_rel_ci, I want to retrieve unique parent.sys_class_name with count for "type=In Rack::Rack contains". I am doing practice in out of the box instance.
At table level URL is as below:
URL
I want to retrieve result from above URL with my below script.
var count = new GlideAggregate('cmdb_rel_ci');
count.addQuery('type','e76b8c7b0a0a0aa70082c9f7c2f9dc64');// sys_id of type In Rack::Rack contains e76b8c7b0a0a0aa70082c9f7c2f9dc64
count.addAggregate('COUNT', 'parent.sys_class_name');
count.query();
while(count.next()){
var parentClassName = count.parent.sys_class_name.toString();
var parentClassNameCount = count.getAggregate('COUNT','parent.sys_class_name');
gs.log(parentClassName + " : " + parentClassNameCount );
}
The issue is I am getting parentClassName empty.
Try this instead:
var parentClassName = count.getValue("parent.sys_class_name")
Since it's a GlideAggregate query (instead of GlideRecord), the query being issued isn't returning all of the fields on the target table. With GlideRecord, dot-walking through a reference field (e.g. parent.sys_class_name) automatically resolves that referenced record to provide access to its field values. This is made possible by the fact that the driving/original query brought back the value of the parent field. This is not happening with GlideAggregate. The query in this case basically looks like:
SELECT cmdb1.`sys_class_name` AS `parent_sys_class_name`, count(*)
FROM (cmdb_rel_ci cmdb_rel_ci0 LEFT JOIN cmdb cmdb1 ON cmdb_rel_ci0.`parent` = cmdb1.`sys_id` )
WHERE cmdb_rel_ci0.`type` = 'e76b8c7b0a0a0aa70082c9f7c2f9dc64'
GROUP BY cmdb1.`sys_class_name`
ORDER BY cmdb1.`sys_class_name`
So, you actually have access specifically to that dot-walked sys_class_name that's being grouped, but not through the dot-walk. The call to getValue("parent.sys_class_name") is expectedly resolved to the returned column aliased as parent_sys_class_name.
That being said, what you're doing probably should also work, based on user expectations, so you've not done anything incorrect here.
I am working on laravel 5.4. I am trying to get data from database using below query:
$obj = \Illuminate\Support\Facades\DB::table('A')
->join('B', 'A.Intake', '=', 'B.Id')
->join('C', 'B.StreamId', '=', 'C.StreamId')
->select(\Illuminate\Support\Facades\DB::raw('DISTINCT(C.StreamId) As StreamId'))
->where('A.YearId', $yearId);
$streamIds = $obj->get()->toArray();
The above query is returning empty results. I have also debug the query generated by laravel. Below is the raw query generating by laravel on the basis of above conditions:
select DISTINCT(C.StreamId) As StreamId from A
inner join B on A.Intake = B.CentreStreamId
inner join C on B.StreamId = C.StreamId
where A.YearId = '12'
When I run the above raw query directly in my database, then it returns me some records. But when I try to get records in laravel then it returns me empty results.
I am not able to get the issue with the above query. Can someone please tell me why it is returning empty results set? If there is any issue with above query builder syntax then please correct my query.
Thanks in Advance.