From 77433946646bf56295e1f60298fe7913dd8319c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BCrk?= <stefan@buerk.tech>
Date: Mon, 10 Jul 2023 07:16:16 +0200
Subject: [PATCH] [BUGFIX] Prevent reaching the placeholder limit in
 `indexed_search`
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The main query execution builds a QueryBuilder instance out of
different sub information. Additionally, several hooks can be
used to influence the created query. On top of this, different
type of search queries are possible.

This change avoid consuming a lot of placeholder for list based
`in()` expressions by using a corresponding QueryBuilder method
suitable for the value type. This means that no placeholder are
used any longer for list expressions.

Note: Max query size may still be exceeded if the lists would
      getting bigger. This can be adjusted by database server
      administrators, but will lead to another exception for
      really large value lists.

Resolves: #86859
Releases: main, 12.4, 11.5
Change-Id: Ic0ac51c13cb74a058d71152ad626c484f696b176
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80080
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bï¿½rk <stefan@buerk.tech>
Reviewed-by: Stefan Bï¿½rk <stefan@buerk.tech>
---
 .../Domain/Repository/IndexSearchRepository.php      | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/typo3/sysext/indexed_search/Classes/Domain/Repository/IndexSearchRepository.php b/typo3/sysext/indexed_search/Classes/Domain/Repository/IndexSearchRepository.php
index 38fcd6189a7f..64962445294a 100644
--- a/typo3/sysext/indexed_search/Classes/Domain/Repository/IndexSearchRepository.php
+++ b/typo3/sysext/indexed_search/Classes/Domain/Repository/IndexSearchRepository.php
@@ -500,7 +500,7 @@ class IndexSearchRepository
             $queryBuilder->andWhere(
                 $queryBuilder->expr()->in(
                     'ISEC.page_id',
-                    $queryBuilder->createNamedParameter($idList, Connection::PARAM_INT_ARRAY)
+                    $queryBuilder->quoteArrayBasedValueListToIntegerList($idList)
                 )
             );
         }
@@ -965,9 +965,8 @@ class IndexSearchRepository
             ->where(
                 $queryBuilder->expr()->in(
                     'IP.phash',
-                    $queryBuilder->createNamedParameter(
-                        GeneralUtility::intExplode(',', $list, true),
-                        Connection::PARAM_INT_ARRAY
+                    $queryBuilder->quoteArrayBasedValueListToIntegerList(
+                        GeneralUtility::intExplode(',', $list, true)
                     )
                 ),
                 QueryHelper::stripLogicalOperatorPrefix($this->mediaTypeWhere()),
@@ -1044,10 +1043,7 @@ class IndexSearchRepository
             $queryBuilder->andWhere(
                 $queryBuilder->expr()->in(
                     'ISEC.page_id',
-                    $queryBuilder->createNamedParameter(
-                        array_unique(GeneralUtility::intExplode(',', implode(',', $pageIdList), true)),
-                        Connection::PARAM_INT_ARRAY
-                    )
+                    $queryBuilder->quoteArrayBasedValueListToIntegerList($pageIdList)
                 )
             );
         }
-- 
GitLab