Prevent errors with unselected columns in window ranking queries

mneudert · mneudert · commit 31d43a623b3a · 2025-07-22T19:22:06.000+02:00
diff --git a/core/RankingQuery.php b/core/RankingQuery.php
@@ -317,8 +317,10 @@ public function generateRankingQuery(string $innerQuery, bool $withRollup = fals
         $additionalColumnsExpressions = $this->generateAdditionalColumnsExpressions();
 
         if (Schema::getInstance()->supportsWindowFunctions()) {
-            $counterExpressions = $this->generateWindowCounterExpressions($innerQuery, $withRollup);
-            $counterRollupExpressions = $this->generateWindowCounterRollupExpressions($innerQuery, $withRollup);
+            $windowOrderBy = $this->generateWindowOrderByExpression($innerQuery, $withRollup);
+
+            $counterExpressions = $this->generateWindowCounterExpressions($windowOrderBy, $withRollup);
+            $counterRollupExpressions = $this->generateWindowCounterRollupExpressions($withRollup, $windowOrderBy);
             $groupByExpression = $this->generateWindowGroupByExpression($limit, $withRollup);
         } else {
             $counterExpressions = $this->generateVariableCounterExpressions($limit, $withRollup);
@@ -552,18 +554,14 @@ private function generateVariableGroupByExpression(bool $withRollup): string
      *
      * @return array{counter: string, init: string}
      */
-    private function generateWindowCounterExpressions(string $innerQuery, bool $withRollup): array
+    private function generateWindowCounterExpressions(string $windowOrderBy, bool $withRollup): array
     {
         $partitionBy = '';
 
         if ($this->partitionColumn !== false) {
             $partitionBy = "PARTITION BY `{$this->partitionColumn}`";
         }
 
-        $orderByColumns = DbHelper::extractOrderByFromQuery($innerQuery, true)
-            ?? DbHelper::extractGroupByFromQuery($innerQuery, true)
-            ?? $this->generateLabelColumnsString();
-
         $excludeWhens = [];
         $orderByWhens = [];
 
@@ -580,15 +578,15 @@ private function generateWindowCounterExpressions(string $innerQuery, bool $with
         }
 
         if ([] === $orderByWhens) {
-            $orderBy = $orderByColumns;
+            $orderBy = $windowOrderBy;
         } else {
             $orderBy = "
                 CASE
                     " . implode("
                     ", $orderByWhens) . "
                     ELSE 0
                 END,
-                $orderByColumns
+                $windowOrderBy
             ";
         }
 
@@ -619,24 +617,20 @@ private function generateWindowCounterExpressions(string $innerQuery, bool $with
      *
      * @return array{counter: string, init: string}
      */
-    private function generateWindowCounterRollupExpressions(string $innerQuery, bool $withRollup): array
+    private function generateWindowCounterRollupExpressions(bool $withRollup, string $withRollupOrderBy): array
     {
         $counter = '';
 
         if ($withRollup) {
             $rollupColumns = array_keys($this->labelColumns);
 
-            $orderByColumns = DbHelper::extractOrderByFromQuery($innerQuery, true)
-                ?? DbHelper::extractGroupByFromQuery($innerQuery, true)
-                ?? $this->generateLabelColumnsString();
-
             $orderBy = "
                 CASE
                     WHEN `" . implode('` IS NULL AND `', $rollupColumns) . "` IS NULL THEN 1
                     WHEN `" . implode('` IS NULL OR `', $rollupColumns) . "` IS NULL THEN 0
                     ELSE 1
                 END,
-                $orderByColumns
+                $withRollupOrderBy
             ";
 
             $counter = "
@@ -679,6 +673,92 @@ private function generateWindowGroupByExpression(int $limit, bool $withRollup):
         return $groupBy;
     }
 
+    private function generateWindowOrderByExpression(string $innerQuery, bool $withRollup): string
+    {
+        $selectColumns = DbHelper::extractSelectFromQuery($innerQuery);
+
+        if ($withRollup && '*' === $selectColumns) {
+            // special case for wrapped ROLLUP query
+            // we find the real columns one level deeper
+            $outerSelectPos = stripos($innerQuery, 'SELECT');
+            $innerSelectPos = stripos($innerQuery, 'SELECT', $outerSelectPos + strlen('SELECT'));
+            $realInnerQuery = substr($innerQuery, $innerSelectPos);
+            $selectColumns = DbHelper::extractSelectFromQuery($realInnerQuery);
+        }
+
+        if (null === $selectColumns || '*' === $selectColumns) {
+            // order by label columns if we can not find
+            // the named SELECT columns to order by
+            return $this->generateLabelColumnsString();
+        }
+
+        $columns = DbHelper::extractOrderByFromQuery($innerQuery, true);
+        $columns = $this->prepareColumnsForWindowOrderBy($columns, $selectColumns);
+
+        if (null === $columns) {
+            $columns = DbHelper::extractGroupByFromQuery($innerQuery, true);
+
+            if (null === $columns && $withRollup) {
+                // a rollup has the GROUP BY inside the wrapper
+                $outerSelectPos = stripos($innerQuery, 'SELECT');
+                $innerSelectPos = stripos($innerQuery, 'SELECT', $outerSelectPos + strlen('SELECT'));
+                $lastClosingParenthesis = strrpos($innerQuery, ')');
+
+                $realInnerQuery = substr($innerQuery, $innerSelectPos, $lastClosingParenthesis - $innerSelectPos);
+                $columns = DbHelper::extractGroupByFromQuery($realInnerQuery, true);
+            }
+
+            $columns = $this->prepareColumnsForWindowOrderBy($columns, $selectColumns);
+        }
+
+        if (null === $columns) {
+            $columns = $this->generateLabelColumnsString();
+        }
+
+        return $columns;
+    }
+
+    private function prepareColumnsForWindowOrderBy(?string $expr, string $selectColumns): ?string
+    {
+        if (null === $expr) {
+            return null;
+        }
+
+        $exprColumns = explode(',', $expr);
+
+        foreach ($exprColumns as $i => &$exprColumn) {
+            $columnParts = explode(' ', trim($exprColumn));
+
+            if (count($columnParts) > 2) {
+                // the column contains more than just "column ASC"
+                // remove the column for safety, we don't know what we are really dealing with
+                unset($exprColumns[$i]);
+                continue;
+            }
+
+            $column = str_replace('`', '', trim($columnParts[0]));
+
+            if (preg_match('/`?' . $column . '`? AS `?(\w+)`?(?:,|$)/is', $selectColumns, $matches)) {
+                // unalias the column to allow usage in window
+                $column = trim($matches[1]);
+                $columnParts[0] = '`' . $column . '`';
+                $exprColumn = implode(' ', $columnParts);
+            }
+
+            if (!preg_match('/`?' . $column . '`?(?:,|$)/is', $selectColumns)) {
+                // the column was not found as "column," or "column<end of select>" in the SELECT part
+                // we remove it from the window because it otherwise break the query
+                unset($exprColumns[$i]);
+            }
+        }
+
+        if ([] === $exprColumns) {
+            return null;
+        }
+
+        return implode(', ', $exprColumns);
+    }
+
     /**
      * Prepare the inner query for usage in the ranking query.
      */
diff --git a/tests/PHPUnit/Unit/RankingQueryTest.php b/tests/PHPUnit/Unit/RankingQueryTest.php
@@ -643,4 +643,125 @@ public function getPartitionResultTestData(): iterable
             $expectedQuery,
         ];
     }
+
+    /**
+     * @dataProvider getGenerateWindowOrderByStringTestData
+     */
+    public function testGenerateWindowOrderByString(
+        RankingQuery $rankingQuery,
+        string $innerQuery,
+        bool $withRollup,
+        string $expectedOrderBy
+    ): void {
+        $reflection = new \ReflectionClass($rankingQuery);
+        $method = $reflection->getMethod('generateWindowOrderByExpression');
+        $method->setAccessible(true);
+
+        $windowOrderBy = $method->invokeArgs($rankingQuery, [$innerQuery, $withRollup]);
+
+        $this->assertEquals($expectedOrderBy, $windowOrderBy);
+    }
+
+    public function getGenerateWindowOrderByStringTestData(): iterable
+    {
+        $rankingQuery = new RankingQuery(1);
+        $rankingQuery->addLabelColumn('label_1');
+        $rankingQuery->addLabelColumn('label_2');
+
+        $reflection = new \ReflectionClass($rankingQuery);
+        $method = $reflection->getMethod('generateLabelColumnsString');
+        $method->setAccessible(true);
+
+        $labelColumnsString = $method->invokeArgs($rankingQuery, []);
+
+        yield 'SELECT extraction fails' => [
+            $rankingQuery,
+            'SET @counter = 1',
+            false,
+            $labelColumnsString,
+        ];
+
+        yield 'SELECT extraction fails - with rollup' => [
+            $rankingQuery,
+            'SELECT * FROM (SET @counter = 1)',
+            true,
+            $labelColumnsString,
+        ];
+
+        yield 'window matches ORDER BY' => [
+            $rankingQuery,
+            'SELECT column_one, column_two FROM my_table GROUP BY column_two ORDER BY column_one ASC',
+            false,
+            'column_one ASC',
+        ];
+
+        yield 'window matches ORDER BY - rollup' => [
+            $rankingQuery,
+            '
+                SELECT *
+                FROM (
+                    SELECT column_one, column_two
+                    FROM my_table
+                    GROUP BY column_two WITH ROLLUP
+                ) AS rollupQuery
+                ORDER BY column_one ASC
+            ',
+            true,
+            'column_one ASC',
+        ];
+
+        yield 'window matches GROUP BY' => [
+            $rankingQuery,
+            '
+                SELECT column_one, column_two
+                FROM my_table
+                GROUP BY column_one
+            ',
+            false,
+            'column_one',
+        ];
+
+        yield 'window matches GROUP BY - rollup' => [
+            $rankingQuery,
+            '
+                SELECT *
+                FROM (
+                    SELECT column_one, column_two
+                    FROM my_table
+                    GROUP BY column_one WITH ROLLUP
+                ) AS rollupQuery
+            ',
+            true,
+            'column_one',
+        ];
+
+        yield 'unselected column is removed' => [
+            $rankingQuery,
+            'SELECT column_one FROM my_table ORDER BY column_one, column_two',
+            false,
+            'column_one',
+        ];
+
+        yield 'column aliases are resolved' => [
+            $rankingQuery,
+            'SELECT column_one AS column_new FROM my_table ORDER BY column_one',
+            false,
+            '`column_new`',
+        ];
+
+        yield 'column aliases are resolved - rollup' => [
+            $rankingQuery,
+            '
+                SELECT *
+                FROM (
+                    SELECT column_one AS column_new
+                    FROM my_table
+                    GROUP BY column_two WITH ROLLUP
+                ) AS rollupQuery
+                ORDER BY column_new
+            ',
+            true,
+            'column_new',
+        ];
+    }
 }
