From 37e5983aca8f52213893301d129942abcadb0f98 Mon Sep 17 00:00:00 2001 From: Alexei Sorokin Date: Wed, 11 Sep 2019 13:12:41 +0300 Subject: [PATCH] [DATABASE] Columns not in GROUP BY must not be queried --- .../lib/siteconfirmreminderhandler.php | 57 +++++++++--------- plugins/Poll/classes/Poll.php | 60 +++++++++---------- plugins/SearchSub/SearchSubPlugin.php | 2 + scripts/remove_duplicate_file_urls.php | 42 ++++++------- 4 files changed, 78 insertions(+), 83 deletions(-) diff --git a/plugins/EmailReminder/lib/siteconfirmreminderhandler.php b/plugins/EmailReminder/lib/siteconfirmreminderhandler.php index df83ea3e3c..59531950d4 100644 --- a/plugins/EmailReminder/lib/siteconfirmreminderhandler.php +++ b/plugins/EmailReminder/lib/siteconfirmreminderhandler.php @@ -1,45 +1,38 @@ . + /* - * StatusNet - the distributed open-source microblogging tool - * * Handler for reminder queue items which send reminder emails to all users * we would like to complete a given process (e.g.: registration). * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - * * @category Email - * @package StatusNet + * @package GNUsocial * @author Zach Copley * @copyright 2011 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 - * @link http://status.net/ + * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later */ -if (!defined('STATUSNET')) { - exit(1); -} +defined('GNUSOCIAL') || die(); /** * Handler for reminder queue items which send reminder emails to all users * we would like to complete a given process (e.g.: registration) * - * @category Email - * @package StatusNet - * @author Zach Copley * @copyright 2011 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 - * @link http://status.net/ + * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later */ class SiteConfirmReminderHandler extends QueueHandler { @@ -52,7 +45,7 @@ class SiteConfirmReminderHandler extends QueueHandler * * @return string */ - function transport() + public function transport() { return 'siterem'; } @@ -63,14 +56,14 @@ class SiteConfirmReminderHandler extends QueueHandler * @param array $remitem type of reminder to send and any special options * @return boolean true on success, false on failure */ - function handle($remitem) : bool + public function handle($remitem): bool { list($type, $opts) = $remitem; $qm = QueueManager::get(); try { - switch($type) { + switch ($type) { case UserConfirmRegReminderHandler::REGISTER_REMINDER: $confirm = new Confirm_address(); $confirm->address_type = $type; @@ -87,7 +80,11 @@ class SiteConfirmReminderHandler extends QueueHandler case UserInviteReminderHandler::INVITE_REMINDER: $invitation = new Invitation(); // Only send one reminder (the latest one), regardless of how many invitations a user has - $sql = 'SELECT * FROM (SELECT * FROM invitation WHERE registered_user_id IS NULL ORDER BY created DESC) invitees GROUP BY invitees.address'; + $sql = 'SELECT * FROM invitation ' . + 'WHERE (address, created) IN ' . + '(SELECT address, MAX(created) FROM invitation GROUP BY address) AND ' . + 'registered_user_id IS NULL ' . + 'ORDER BY created DESC'; $invitation->query($sql); while ($invitation->fetch()) { try { diff --git a/plugins/Poll/classes/Poll.php b/plugins/Poll/classes/Poll.php index 6a97a52441..2a3c679dde 100644 --- a/plugins/Poll/classes/Poll.php +++ b/plugins/Poll/classes/Poll.php @@ -1,46 +1,38 @@ . + /** * Data class to mark notices as bookmarks * - * PHP version 5 - * - * @category PollPlugin - * @package StatusNet - * @author Brion Vibber - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://status.net/ - * - * StatusNet - the distributed open-source microblogging tool - * Copyright (C) 2011, StatusNet, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * @category PollPlugin + * @package GNUsocial + * @author Brion Vibber + * @copyright 2011 StatusNet, Inc. + * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later */ -if (!defined('STATUSNET')) { - exit(1); -} +defined('GNUSOCIAL') || die(); /** * For storing the poll options and such * - * @category PollPlugin - * @package StatusNet - * @author Brion Vibber - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://status.net/ + * @copyright 2011 StatusNet, Inc. + * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later * - * @see DB_DataObject + * @see DB_DataObject */ class Poll extends Managed_DataObject { @@ -136,7 +128,9 @@ class Poll extends Managed_DataObject $pr = new Poll_response(); $pr->poll_id = $this->id; $pr->groupBy('selection'); - $pr->selectAdd('count(profile_id) as votes'); + $pr->selectAdd(); + $pr->selectAdd('selection'); + $pr->selectAdd('COUNT(profile_id) AS votes'); $pr->find(); $raw = array(); diff --git a/plugins/SearchSub/SearchSubPlugin.php b/plugins/SearchSub/SearchSubPlugin.php index ad5acd4221..86da11a0ed 100644 --- a/plugins/SearchSub/SearchSubPlugin.php +++ b/plugins/SearchSub/SearchSubPlugin.php @@ -110,6 +110,8 @@ class SearchSubPlugin extends Plugin // with a lot of searches! $sub = new SearchSub(); $sub->groupBy('search'); + $sub->selectAdd(); + $sub->selectAdd('search'); $sub->find(); while ($sub->fetch()) { $search = $sub->search; diff --git a/scripts/remove_duplicate_file_urls.php b/scripts/remove_duplicate_file_urls.php index 9754820d98..5a36bc9d68 100755 --- a/scripts/remove_duplicate_file_urls.php +++ b/scripts/remove_duplicate_file_urls.php @@ -1,21 +1,23 @@ #!/usr/bin/env php . +// This file is part of GNU social - https://www.gnu.org/software/social +// +// GNU social is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// GNU social is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with GNU social. If not, see . + +/** + * @copyright 2008, 2009 StatusNet, Inc. + * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later */ define('INSTALLDIR', dirname(__DIR__)); @@ -44,7 +46,7 @@ if (!have_option('y', 'yes')) { } $file = new File(); -$file->query('SELECT id, url, COUNT(*) AS c FROM file GROUP BY url HAVING c > 1'); +$file->query('SELECT url FROM file GROUP BY url HAVING COUNT(*) > 1'); print "\nFound {$file->N} URLs with duplicate entries in file table"; while ($file->fetch()) { // We've got a URL that is duplicated in the file table @@ -54,7 +56,7 @@ while ($file->fetch()) { print "\nDeleting duplicate entries in file table for URL: {$file->url} ["; // Leave one of the URLs in the database by using ->find(true) // and only deleting starting with this fetch. - while($dupfile->fetch()) { + while ($dupfile->fetch()) { print "."; $dupfile->delete(); } @@ -65,7 +67,7 @@ while ($file->fetch()) { } $file = new File_redirection(); -$file->query('SELECT file_id, url, COUNT(*) AS c FROM file_redirection GROUP BY url HAVING c > 1'); +$file->query('SELECT url FROM file_redirection GROUP BY url HAVING COUNT(*) > 1'); print "\nFound {$file->N} URLs with duplicate entries in file_redirection table"; while ($file->fetch()) { // We've got a URL that is duplicated in the file_redirection table @@ -75,7 +77,7 @@ while ($file->fetch()) { print "\nDeleting duplicate entries in file table for URL: {$file->url} ["; // Leave one of the URLs in the database by using ->find(true) // and only deleting starting with this fetch. - while($dupfile->fetch()) { + while ($dupfile->fetch()) { print "."; $dupfile->delete(); }