From a623639ee190779cb0c46d0c21fbe2606224d8b1 Mon Sep 17 00:00:00 2001 From: Joseph Estefane Date: Mon, 2 Mar 2020 23:33:39 -0500 Subject: [PATCH 1/5] Port of v2.1.0 (Resolves SQL injection vulnerability: PR #51) --- composer.json | 3 +- src/Eloquent/BaseBuilder.php | 17 +++ src/Eloquent/Builder.php | 2 +- src/Eloquent/SpatialExpression.php | 18 +++ src/Eloquent/SpatialTrait.php | 59 ++++++++- .../UnknownSpatialRelationFunction.php | 7 ++ src/MysqlConnection.php | 1 + tests/Integration/SpatialTest.php | 8 ++ tests/Unit/Eloquent/BuilderTest.php | 32 ++--- tests/Unit/Eloquent/SpatialTraitTest.php | 115 +++++++++++++----- 10 files changed, 204 insertions(+), 58 deletions(-) create mode 100644 src/Eloquent/BaseBuilder.php create mode 100644 src/Eloquent/SpatialExpression.php create mode 100644 src/Exceptions/UnknownSpatialRelationFunction.php diff --git a/composer.json b/composer.json index 0026da46..5c7f0ac7 100644 --- a/composer.json +++ b/composer.json @@ -41,7 +41,8 @@ "laravel": { "providers": [ "Grimzy\\LaravelMysqlSpatial\\SpatialServiceProvider" - ] + ], + "require": "5.5.*" } } } diff --git a/src/Eloquent/BaseBuilder.php b/src/Eloquent/BaseBuilder.php new file mode 100644 index 00000000..33c0f21c --- /dev/null +++ b/src/Eloquent/BaseBuilder.php @@ -0,0 +1,17 @@ +getSpatialValue() : $binding; + }, $bindings); + + return parent::cleanBindings($bindings); + } +} diff --git a/src/Eloquent/Builder.php b/src/Eloquent/Builder.php index ed0a15c9..6230ed17 100755 --- a/src/Eloquent/Builder.php +++ b/src/Eloquent/Builder.php @@ -20,6 +20,6 @@ public function update(array $values) protected function asWKT(GeometryInterface $geometry) { - return $this->getQuery()->raw("GeomFromText('".$geometry->toWKT()."')"); + return new SpatialExpression($geometry); } } diff --git a/src/Eloquent/SpatialExpression.php b/src/Eloquent/SpatialExpression.php new file mode 100644 index 00000000..7bc88178 --- /dev/null +++ b/src/Eloquent/SpatialExpression.php @@ -0,0 +1,18 @@ +value->toWkt(); + } +} diff --git a/src/Eloquent/SpatialTrait.php b/src/Eloquent/SpatialTrait.php index 649e2602..7076a864 100755 --- a/src/Eloquent/SpatialTrait.php +++ b/src/Eloquent/SpatialTrait.php @@ -3,6 +3,7 @@ namespace Grimzy\LaravelMysqlSpatial\Eloquent; use Grimzy\LaravelMysqlSpatial\Exceptions\SpatialFieldsNotDefinedException; +use Grimzy\LaravelMysqlSpatial\Exceptions\UnknownSpatialRelationFunction; use Grimzy\LaravelMysqlSpatial\Types\Geometry; use Grimzy\LaravelMysqlSpatial\Types\GeometryInterface; use Illuminate\Database\Eloquent\Builder as EloquentBuilder; @@ -37,6 +38,17 @@ trait SpatialTrait public $geometries = []; + protected $stRelations = [ + 'within', + 'crosses', + 'contains', + 'disjoint', + 'equals', + 'intersects', + 'overlaps', + 'touches', + ]; + /** * Create a new Eloquent query builder for the model. * @@ -49,12 +61,21 @@ public function newEloquentBuilder($query) return new Builder($query); } + protected function newBaseQueryBuilder() + { + $connection = $this->getConnection(); + + return new BaseBuilder( + $connection, $connection->getQueryGrammar(), $connection->getPostProcessor() + ); + } + protected function performInsert(EloquentBuilder $query, array $options = []) { foreach ($this->attributes as $key => $value) { if ($value instanceof GeometryInterface) { $this->geometries[$key] = $value; //Preserve the geometry objects prior to the insert - $this->attributes[$key] = $this->getConnection()->raw(sprintf("GeomFromText('%s')", $value->toWKT())); + $this->attributes[$key] = new SpatialExpression($value); } } @@ -89,12 +110,27 @@ public function getSpatialFields() } } + public function isColumnAllowed($geometryColumn) + { + if (!in_array($geometryColumn, $this->getSpatialFields())) { + throw new SpatialFieldsNotDefinedException(); + } + return true; + } + public function scopeDistance($query, $geometryColumn, $geometry, $distance, $exclude_self = false) { - $query->whereRaw("st_distance(`{$geometryColumn}`, GeomFromText('{$geometry->toWkt()}')) <= {$distance}"); + $this->isColumnAllowed($geometryColumn); + + $query->whereRaw("st_distance(`$geometryColumn`, ST_GeomFromText(?)) <= ?", [ + $geometry->toWkt(), + $distance, + ]); if ($exclude_self) { - $query->whereRaw("st_distance(`{$geometryColumn}`, GeomFromText('{$geometry->toWkt()}')) != 0"); + $query->whereRaw("st_distance(`$geometryColumn`, ST_GeomFromText(?)) != 0", [ + $geometry->toWkt(), + ]); } return $query; @@ -102,17 +138,30 @@ public function scopeDistance($query, $geometryColumn, $geometry, $distance, $ex public function scopeDistanceValue($query, $geometryColumn, $geometry) { + $this->isColumnAllowed($geometryColumn); + $columns = $query->getQuery()->columns; if (!$columns) { $query->select('*'); } - $query->selectRaw("st_distance(`{$geometryColumn}`, GeomFromText('{$geometry->toWkt()}')) as distance"); + + $query->selectRaw("st_distance(`$geometryColumn`, ST_GeomFromText(?)) as distance", [ + $geometry->toWkt(), + ]); } public function scopeComparison($query, $geometryColumn, $geometry, $relationship) { - $query->whereRaw("st_{$relationship}(`{$geometryColumn}`, GeomFromText('{$geometry->toWkt()}'))"); + $this->isColumnAllowed($geometryColumn); + + if (!in_array($relationship, $this->stRelations)) { + throw new UnknownSpatialRelationFunction($relationship); + } + + $query->whereRaw("st_{$relationship}(`$geometryColumn`, ST_GeomFromText(?))", [ + $geometry->toWkt(), + ]); return $query; } diff --git a/src/Exceptions/UnknownSpatialRelationFunction.php b/src/Exceptions/UnknownSpatialRelationFunction.php new file mode 100644 index 00000000..58733348 --- /dev/null +++ b/src/Exceptions/UnknownSpatialRelationFunction.php @@ -0,0 +1,7 @@ +getDoctrineSchemaManager()->getDatabasePlatform(); foreach ($geometries as $type) { diff --git a/tests/Integration/SpatialTest.php b/tests/Integration/SpatialTest.php index b2206f3b..1d1eb2a5 100644 --- a/tests/Integration/SpatialTest.php +++ b/tests/Integration/SpatialTest.php @@ -29,6 +29,14 @@ public function createApplication() $app['config']->set('database.connections.mysql.database', 'spatial_test'); $app['config']->set('database.connections.mysql.username', 'root'); $app['config']->set('database.connections.mysql.password', ''); + $app['config']->set('database.connections.mysql.modes', [ + 'ONLY_FULL_GROUP_BY', + 'STRICT_TRANS_TABLES', + 'NO_ZERO_IN_DATE', + 'NO_ZERO_DATE', + 'ERROR_FOR_DIVISION_BY_ZERO', + 'NO_ENGINE_SUBSTITUTION', + ]); return $app; } diff --git a/tests/Unit/Eloquent/BuilderTest.php b/tests/Unit/Eloquent/BuilderTest.php index d770026f..b77c6c4e 100644 --- a/tests/Unit/Eloquent/BuilderTest.php +++ b/tests/Unit/Eloquent/BuilderTest.php @@ -4,6 +4,7 @@ use BaseTestCase; use Grimzy\LaravelMysqlSpatial\Eloquent\Builder; +use Grimzy\LaravelMysqlSpatial\Eloquent\SpatialExpression; use Grimzy\LaravelMysqlSpatial\Eloquent\SpatialTrait; use Grimzy\LaravelMysqlSpatial\MysqlConnection; use Grimzy\LaravelMysqlSpatial\Types\LineString; @@ -36,50 +37,39 @@ protected function setUp() public function testUpdatePoint() { - $this->queryBuilder - ->shouldReceive('raw') - ->with("GeomFromText('POINT(2 1)')") - ->once(); - + $point = new Point(1, 2); $this->queryBuilder ->shouldReceive('update') + ->with(['point' => new SpatialExpression($point)]) ->once(); - $this->builder->update(['point' => new Point(1, 2)]); + $this->builder->update(['point' => $point]); } public function testUpdateLinestring() { - $this->queryBuilder - ->shouldReceive('raw') - ->with("GeomFromText('LINESTRING(0 0,1 1,2 2)')") - ->once(); + $linestring = new LineString([new Point(0, 0), new Point(1, 1), new Point(2, 2)]); $this->queryBuilder ->shouldReceive('update') + ->with(['linestring' => new SpatialExpression($linestring)]) ->once(); - $linestring = new LineString([new Point(0, 0), new Point(1, 1), new Point(2, 2)]); - $this->builder->update(['linestring' => $linestring]); } public function testUpdatePolygon() { - $this->queryBuilder - ->shouldReceive('raw') - ->with("GeomFromText('POLYGON((0 0,1 0),(1 0,1 1),(1 1,0 0))')") - ->once(); - - $this->queryBuilder - ->shouldReceive('update') - ->once(); - $linestrings[] = new LineString([new Point(0, 0), new Point(0, 1)]); $linestrings[] = new LineString([new Point(0, 1), new Point(1, 1)]); $linestrings[] = new LineString([new Point(1, 1), new Point(0, 0)]); $polygon = new Polygon($linestrings); + $this->queryBuilder + ->shouldReceive('update') + ->with(['polygon' => new SpatialExpression($polygon)]) + ->once(); + $this->builder->update(['polygon' => $polygon]); } } diff --git a/tests/Unit/Eloquent/SpatialTraitTest.php b/tests/Unit/Eloquent/SpatialTraitTest.php index d53e02e7..f70b8cbb 100644 --- a/tests/Unit/Eloquent/SpatialTraitTest.php +++ b/tests/Unit/Eloquent/SpatialTraitTest.php @@ -37,14 +37,15 @@ public function testInsertUpdatePointHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('POINT(2 1)')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`point`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->point = new Point(1, 2); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('POINT(2 1)')", $this->queries[1]); + $this->assertContains('update `test_models` set `point` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); } public function testInsertUpdateLineStringHasCorrectSql() @@ -58,14 +59,16 @@ public function testInsertUpdateLineStringHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('LINESTRING(2 1,3 2)')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`linestring`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->linestring = new \Grimzy\LaravelMysqlSpatial\Types\LineString([$point1, $point2]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('LINESTRING(2 1,3 2)')", $this->queries[1]); + $this->assertContains('update `test_models` set `linestring` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testInsertUpdatePolygonHasCorrectSql() @@ -83,13 +86,15 @@ public function testInsertUpdatePolygonHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('POLYGON((2 1,3 2),(2 3,1 2))')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`polygon`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->polygon = new \Grimzy\LaravelMysqlSpatial\Types\Polygon([$linestring1, $linestring2]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('POLYGON((2 1,3 2),(2 3,1 2))')", $this->queries[1]); + $this->assertContains('update `test_models` set `polygon` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testInsertUpdateMultiPointHasCorrectSql() @@ -103,14 +108,16 @@ public function testInsertUpdateMultiPointHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('MULTIPOINT((2 1),(3 2))')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`multipoint`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->multipoint = new \Grimzy\LaravelMysqlSpatial\Types\MultiPoint([$point1, $point2]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('MULTIPOINT((2 1),(3 2))')", $this->queries[1]); + $this->assertContains('update `test_models` set `multipoint` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testInsertUpdateMultiLineStringHasCorrectSql() @@ -128,13 +135,15 @@ public function testInsertUpdateMultiLineStringHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('MULTILINESTRING((2 1,3 2),(2 3,1 2))')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`multilinestring`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->multilinestring = new \Grimzy\LaravelMysqlSpatial\Types\MultiLineString([$linestring1, $linestring2]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('MULTILINESTRING((2 1,3 2),(2 3,1 2))')", $this->queries[1]); + $this->assertContains('update `test_models` set `multilinestring` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testInsertUpdateMultiPolygonHasCorrectSql() @@ -161,13 +170,15 @@ public function testInsertUpdateMultiPolygonHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('MULTIPOLYGON(((2 1,3 2),(2 3,1 2)),((5 4,6 5),(5 6,4 5)))')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`multipolygon`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->multipolygon = new \Grimzy\LaravelMysqlSpatial\Types\MultiPolygon([$polygon1, $polygon2]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('MULTIPOLYGON(((2 1,3 2),(2 3,1 2)),((5 4,6 5),(5 6,4 5)))')", $this->queries[1]); + $this->assertContains('update `test_models` set `multipolygon` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testInsertUpdateGeometryCollectionHasCorrectSql() @@ -183,13 +194,15 @@ public function testInsertUpdateGeometryCollectionHasCorrectSql() $this->model->save(); $this->assertStringStartsWith('insert', $this->queries[0]); - $this->assertContains("GeomFromText('GEOMETRYCOLLECTION(POINT(2 1),LINESTRING(3 2,3 3))')", $this->queries[0]); + $this->assertContains('insert into `test_models` (`geometrycollection`) values (ST_GeomFromText(?))', $this->queries[0]); + // TODO: assert bindings in query $this->assertTrue($this->model->exists); $this->model->geometrycollection = new \Grimzy\LaravelMysqlSpatial\Types\GeometryCollection([$point1, $linestring1]); $this->model->save(); $this->assertStringStartsWith('update', $this->queries[1]); - $this->assertContains("GeomFromText('GEOMETRYCOLLECTION(POINT(2 1),LINESTRING(3 2,3 3))')", $this->queries[1]); + $this->assertContains('update `test_models` set `geometrycollection` = ST_GeomFromText(?) where `id` = ?', $this->queries[1]); + // TODO: assert bindings in query } public function testSettingRawAttributes() @@ -215,7 +228,11 @@ public function testScopeDistance() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_distance(`point`, GeomFromText('POINT(2 1)')) <= 10", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertEquals('st_distance(`point`, ST_GeomFromText(?)) <= ?', $q->wheres[0]['sql']); + $this->assertEquals('POINT(2 1)', $bindings[0]); + $this->assertEquals(10, $bindings[1]); } public function testScopeDistanceExcludingSelf() @@ -226,8 +243,13 @@ public function testScopeDistanceExcludingSelf() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_distance(`point`, GeomFromText('POINT(2 1)')) <= 10", $q->wheres[0]['sql']); - $this->assertContains("st_distance(`point`, GeomFromText('POINT(2 1)')) != 0", $q->wheres[1]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertEquals('st_distance(`point`, ST_GeomFromText(?)) <= ?', $q->wheres[0]['sql']); + $this->assertEquals('st_distance(`point`, ST_GeomFromText(?)) != 0', $q->wheres[1]['sql']); + $this->assertEquals('POINT(2 1)', $bindings[0]); + $this->assertEquals(10, $bindings[1]); + $this->assertEquals('POINT(2 1)', $bindings[2]); } public function testScopeDistanceValue() @@ -238,9 +260,12 @@ public function testScopeDistanceValue() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->columns); - $this->assertContains('*', $q->columns[0]); + $bindings = $q->getRawBindings()['select']; + $this->assertNotEmpty($bindings); + $this->assertEquals('*', $q->columns[0]); $this->assertInstanceOf(\Illuminate\Database\Query\Expression::class, $q->columns[1]); - $this->assertContains("st_distance(`point`, GeomFromText('POINT(2 1)')) as distance", $q->columns[1]->getValue()); + $this->assertEquals('st_distance(`point`, ST_GeomFromText(?)) as distance', $q->columns[1]->getValue()); + $this->assertEquals('POINT(2 1)', $bindings[0]); } public function testScopeDistanceValueWithSelect() @@ -251,9 +276,12 @@ public function testScopeDistanceValueWithSelect() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->columns); - $this->assertContains('some_column', $q->columns[0]); + $bindings = $q->getRawBindings()['select']; + $this->assertNotEmpty($bindings); + $this->assertEquals('some_column', $q->columns[0]); $this->assertInstanceOf(\Illuminate\Database\Query\Expression::class, $q->columns[1]); - $this->assertContains("st_distance(`point`, GeomFromText('POINT(2 1)')) as distance", $q->columns[1]->getValue()); + $this->assertEquals('st_distance(`point`, ST_GeomFromText(?)) as distance', $q->columns[1]->getValue()); + $this->assertEquals('POINT(2 1)', $bindings[0]); } private function buildTestPolygon() @@ -278,7 +306,10 @@ public function testScopeComparison() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_within(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_within(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeWithin() @@ -288,7 +319,10 @@ public function testScopeWithin() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_within(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_within(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeCrosses() @@ -298,7 +332,10 @@ public function testScopeCrosses() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_crosses(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_crosses(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeContains() @@ -308,7 +345,10 @@ public function testScopeContains() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_contains(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_contains(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeDisjoint() @@ -318,7 +358,10 @@ public function testScopeDisjoint() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_disjoint(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_disjoint(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeEquals() @@ -328,7 +371,10 @@ public function testScopeEquals() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_equals(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_equals(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeIntersects() @@ -338,7 +384,10 @@ public function testScopeIntersects() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_intersects(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_intersects(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeOverlaps() @@ -348,7 +397,10 @@ public function testScopeOverlaps() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_overlaps(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_overlaps(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } public function testScopeDoesTouch() @@ -358,7 +410,10 @@ public function testScopeDoesTouch() $this->assertInstanceOf(\Grimzy\LaravelMysqlSpatial\Eloquent\Builder::class, $query); $q = $query->getQuery(); $this->assertNotEmpty($q->wheres); - $this->assertContains("st_touches(`point`, GeomFromText('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))'))", $q->wheres[0]['sql']); + $bindings = $q->getRawBindings()['where']; + $this->assertNotEmpty($bindings); + $this->assertContains('st_touches(`point`, ST_GeomFromText(?))', $q->wheres[0]['sql']); + $this->assertEquals('POLYGON((1 1,2 1),(2 1,2 2),(2 2,1 1))', $bindings[0]); } } From 097836979dce39b89267ce57378c15d682d3e2a3 Mon Sep 17 00:00:00 2001 From: Joseph Estefane Date: Tue, 3 Mar 2020 04:34:00 +0000 Subject: [PATCH 2/5] Apply fixes from StyleCI [ci skip] [skip ci] --- src/Eloquent/SpatialTrait.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Eloquent/SpatialTrait.php b/src/Eloquent/SpatialTrait.php index 7076a864..5ef5c222 100755 --- a/src/Eloquent/SpatialTrait.php +++ b/src/Eloquent/SpatialTrait.php @@ -115,6 +115,7 @@ public function isColumnAllowed($geometryColumn) if (!in_array($geometryColumn, $this->getSpatialFields())) { throw new SpatialFieldsNotDefinedException(); } + return true; } From 925dc5f15c64ddee2cac0dc2855f0d0c370d513d Mon Sep 17 00:00:00 2001 From: Joseph Estefane Date: Mon, 2 Mar 2020 23:38:16 -0500 Subject: [PATCH 3/5] Removed mistakenly added conf in composer.json --- composer.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 5c7f0ac7..0026da46 100644 --- a/composer.json +++ b/composer.json @@ -41,8 +41,7 @@ "laravel": { "providers": [ "Grimzy\\LaravelMysqlSpatial\\SpatialServiceProvider" - ], - "require": "5.5.*" + ] } } } From 60b27954b7d85fe22a328ab5b4a3f6cbf6f39a31 Mon Sep 17 00:00:00 2001 From: Joseph Estefane Date: Mon, 2 Mar 2020 23:57:32 -0500 Subject: [PATCH 4/5] Updated build (added PHP 7.2 and 7.3) --- .travis.yml | 4 +++- composer.json | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index e39c3e0a..96ae5a57 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,6 +5,8 @@ php: - '5.6' - '7.0' - '7.1' + - '7.2' + - '7.3' env: - MYSQL_VERSION=5.6 @@ -17,7 +19,7 @@ services: - docker before_install: - - echo "memory_limit=2G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini + - echo "memory_limit=23G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini - sudo /etc/init.d/mysql stop - make start_db V=$MYSQL_VERSION diff --git a/composer.json b/composer.json index 0026da46..8e345e42 100644 --- a/composer.json +++ b/composer.json @@ -11,14 +11,14 @@ ], "require": { "php": ">=5.5.9", - "illuminate/database": "^5.2|^6.0", + "illuminate/database": "^5.2||^6.0", "geo-io/wkb-parser": "^1.0", "jmikola/geojson": "^1.0" }, "require-dev": { "phpunit/phpunit": "~4.8||~5.7", "mockery/mockery": "^0.9.9", - "laravel/laravel": "^5.2|^6.0", + "laravel/laravel": "^5.2||^6.0", "codeclimate/php-test-reporter": "dev-master", "doctrine/dbal": "^2.5", "laravel/browser-kit-testing": "^2.0" From 205e20192765ff78cf6d0afb565f4f26fdd4d519 Mon Sep 17 00:00:00 2001 From: Joseph Estefane Date: Tue, 3 Mar 2020 00:01:08 -0500 Subject: [PATCH 5/5] :laughing: :laughing: :laughing: --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 96ae5a57..5b5e88d9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,7 +19,7 @@ services: - docker before_install: - - echo "memory_limit=23G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini + - echo "memory_limit=3G" >> ~/.phpenv/versions/$(phpenv version-name)/etc/conf.d/travis.ini - sudo /etc/init.d/mysql stop - make start_db V=$MYSQL_VERSION