From cfdca11ad915ed9e30620fd4f267a1f59401181d Mon Sep 17 00:00:00 2001 From: tobiasKaminsky Date: Thu, 13 Oct 2022 09:04:27 +0200 Subject: [PATCH 1/3] Filter out backup user status (those beginning with _ as userId) --- apps/user_status/lib/Dashboard/UserStatusWidget.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/user_status/lib/Dashboard/UserStatusWidget.php b/apps/user_status/lib/Dashboard/UserStatusWidget.php index 5a89040dfa5..50cca725a55 100644 --- a/apps/user_status/lib/Dashboard/UserStatusWidget.php +++ b/apps/user_status/lib/Dashboard/UserStatusWidget.php @@ -152,7 +152,8 @@ class UserStatusWidget implements IAPIWidget, IIconWidget, IOptionWidget { $this->service->findAllRecentStatusChanges($limit + 1, 0), static function (UserStatus $status) use ($userId, $since): bool { return $status->getUserId() !== $userId - && ($since === null || $status->getStatusTimestamp() > (int) $since); + && ($since === null || $status->getStatusTimestamp() > (int) $since) + && !str_starts_with($status->getUserId(), "_"); } ), 0, From 8c95e46744e03a528a2944cce40e6e189b1c1d0a Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 13 Oct 2022 13:44:37 +0200 Subject: [PATCH 2/3] Do the filtering on the DB instead Signed-off-by: Carl Schwan --- apps/user_status/lib/Dashboard/UserStatusWidget.php | 3 +-- apps/user_status/lib/Db/UserStatusMapper.php | 13 +++++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/apps/user_status/lib/Dashboard/UserStatusWidget.php b/apps/user_status/lib/Dashboard/UserStatusWidget.php index 50cca725a55..5a89040dfa5 100644 --- a/apps/user_status/lib/Dashboard/UserStatusWidget.php +++ b/apps/user_status/lib/Dashboard/UserStatusWidget.php @@ -152,8 +152,7 @@ class UserStatusWidget implements IAPIWidget, IIconWidget, IOptionWidget { $this->service->findAllRecentStatusChanges($limit + 1, 0), static function (UserStatus $status) use ($userId, $since): bool { return $status->getUserId() !== $userId - && ($since === null || $status->getStatusTimestamp() > (int) $since) - && !str_starts_with($status->getUserId(), "_"); + && ($since === null || $status->getStatusTimestamp() > (int) $since); } ), 0, diff --git a/apps/user_status/lib/Db/UserStatusMapper.php b/apps/user_status/lib/Db/UserStatusMapper.php index 4f48ea46818..cb7ad5392db 100644 --- a/apps/user_status/lib/Db/UserStatusMapper.php +++ b/apps/user_status/lib/Db/UserStatusMapper.php @@ -76,10 +76,15 @@ class UserStatusMapper extends QBMapper { ->select('*') ->from($this->tableName) ->orderBy('status_timestamp', 'DESC') - ->where($qb->expr()->notIn('status', $qb->createNamedParameter([IUserStatus::ONLINE, IUserStatus::AWAY, IUserStatus::OFFLINE], IQueryBuilder::PARAM_STR_ARRAY))) - ->orWhere($qb->expr()->isNotNull('message_id')) - ->orWhere($qb->expr()->isNotNull('custom_icon')) - ->orWhere($qb->expr()->isNotNull('custom_message')); + ->where($qb->expr()->andX( + $qb->expr()->orX( + $qb->expr()->notIn('status', $qb->createNamedParameter([IUserStatus::ONLINE, IUserStatus::AWAY, IUserStatus::OFFLINE], IQueryBuilder::PARAM_STR_ARRAY)), + $qb->expr()->isNotNull('message_id'), + $qb->expr()->isNotNull('custom_icon'), + $qb->expr()->isNotNull('custom_message'), + ), + $qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%')) + )); if ($limit !== null) { $qb->setMaxResults($limit); From f8453df98e7a6c802238ba73e5a7adc7000a9095 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 13 Oct 2022 18:50:36 +0200 Subject: [PATCH 3/3] Properly escape underscore in db query Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Carl Schwan --- apps/user_status/lib/Db/UserStatusMapper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/user_status/lib/Db/UserStatusMapper.php b/apps/user_status/lib/Db/UserStatusMapper.php index cb7ad5392db..d40c6a29860 100644 --- a/apps/user_status/lib/Db/UserStatusMapper.php +++ b/apps/user_status/lib/Db/UserStatusMapper.php @@ -83,7 +83,7 @@ class UserStatusMapper extends QBMapper { $qb->expr()->isNotNull('custom_icon'), $qb->expr()->isNotNull('custom_message'), ), - $qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%')) + $qb->expr()->notLike('user_id', $qb->createNamedParameter($this->db->escapeLikeParameter('_') . '%')) )); if ($limit !== null) {