Feat/um 154 add event data rewrite queries (#1739)

* Cherry pick prisma query protection. * Re-write CH queries to use query params. * Fix query. * Fix modal. Re-add form css.
2026-02-20 04:25:39 +01:00 · 2023-01-12 21:17:57 -08:00 · 2023-01-12 21:17:57 -08:00 · 0409a7d261
commit 0409a7d261
parent 4c202741c2
19 changed files with 257 additions and 185 deletions
--- a/queries/analytics/pageview/getPageviewStats.ts
+++ b/queries/analytics/pageview/getPageviewStats.ts
@ -45,8 +45,8 @@ async function relationalQuery(
    filters = {},
    sessionKey = 'session_id',
  } = data;
-  const { getDateQuery, parseFilters, rawQuery } = prisma;
-  const params = [startDate, endDate];
+  const { toUuid, getDateQuery, parseFilters, rawQuery } = prisma;
+  const params: any = [websiteId, startDate, endDate];
  const { filterQuery, joinSession } = parseFilters(filters, params);

  return rawQuery(
@ -54,8 +54,8 @@ async function relationalQuery(
        count(${count !== '*' ? `${count}${sessionKey}` : count}) y
      from website_event
        ${joinSession}
-      where website.website_id='${websiteId}'
-        and pageview.created_at between $1 and $2
+      where website_event.website_id = $1${toUuid()}
+        and website_event.created_at between $2 and $3
        and event_type = ${EVENT_TYPE.pageView}
        ${filterQuery}
      group by 1`,
@ -78,7 +78,7 @@ async function clickhouseQuery(
  const { startDate, endDate, timezone = 'UTC', unit = 'day', count = '*', filters = {} } = data;
  const { parseFilters, rawQuery, getDateStringQuery, getDateQuery, getBetweenDates } = clickhouse;
  const website = await cache.fetchWebsite(websiteId);
-  const params = [websiteId, website?.revId || 0];
+  const params = { websiteId, revId: website?.revId || 0 };
  const { filterQuery } = parseFilters(filters, params);

  return rawQuery(
@ -90,8 +90,8 @@ async function clickhouseQuery(
        ${getDateQuery('created_at', unit, timezone)} t,
        count(${count !== '*' ? 'distinct session_id' : count}) y
      from event
-      where website_id = $1      
-        and rev_id = $2  
+      where website_id = {websiteId:UUID}
+        and rev_id = {revId:UInt32}
        and event_type = ${EVENT_TYPE.pageView}
        and ${getBetweenDates('created_at', startDate, endDate)}
        ${filterQuery}