Issue with Doctrine 1.x: How to Delete Important Data

Issue with Doctrine 1.x

Issue with Doctrine 1.x: How to Delete Important Data

Oct 5, 2016 – 1 min read

Description

A couple of months ago I had a bug issue with Doctrine 1.x which completely smashed my brain! If you use WhereIn() and pass an empty array as a second parameter the condition will be always “true”. Take a look at the code below:


$ids = array();
$q = Doctrine_Core::getTable('VeryImportantTable')
              ->createQuery('r')
              ->delete()
              ->whereIn('r.id', $ids)
$q->execute();

It turns out that when we pass an empty array, Doctrine 1.x thinks about it as “all records in table VeryImportantTable” which in our case means “delete all records from table VeryImportantTable”.

That seams to be a huge bug issue because if we miss to check the content of the array we may accidentally delete very important information from our database. A simple workaround might be:


if(!empty($ids)){
  //than delete
}

// or

if(count($ids)){
  //than delete
}

Pay attention when writing code and using Doctrine 1.x. Special thanks to my business partner Lyubomir Slavilov. We found the issue during our work.

If you need assistance with Symfony and Doctrine, contact me.

Tags:
,
No Comments

Post A Comment