Skip to content

Commit 2722ea7

Browse files
MauricioFauthMauricioFauth
committed
Replace escapeString with quoteString in AccountLocking class
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
1 parent 5cf1ec8 commit 2722ea7

File tree

3 files changed

+16
-40
lines changed

3 files changed

+16
-40
lines changed

libraries/classes/Server/Privileges/AccountLocking.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -27,9 +27,9 @@ public function lock(string $user, string $host): void
2727
}
2828

2929
$statement = sprintf(
30-
'ALTER USER \'%s\'@\'%s\' ACCOUNT LOCK;',
31-
$this->dbi->escapeString($user),
32-
$this->dbi->escapeString($host)
30+
'ALTER USER %s@%s ACCOUNT LOCK;',
31+
$this->dbi->quoteString($user),
32+
$this->dbi->quoteString($host)
3333
);
3434
if ($this->dbi->tryQuery($statement) !== false) {
3535
return;
@@ -48,9 +48,9 @@ public function unlock(string $user, string $host): void
4848
}
4949

5050
$statement = sprintf(
51-
'ALTER USER \'%s\'@\'%s\' ACCOUNT UNLOCK;',
52-
$this->dbi->escapeString($user),
53-
$this->dbi->escapeString($host)
51+
'ALTER USER %s@%s ACCOUNT UNLOCK;',
52+
$this->dbi->quoteString($user),
53+
$this->dbi->quoteString($host)
5454
);
5555
if ($this->dbi->tryQuery($statement) !== false) {
5656
return;

psalm-baseline.xml

Lines changed: 0 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -14177,14 +14177,6 @@
1417714177
<code><![CDATA[$_POST['max_user_connections']]]></code>
1417814178
</RiskyCast>
1417914179
</file>
14180-
<file src="libraries/classes/Server/Privileges/AccountLocking.php">
14181-
<DeprecatedMethod>
14182-
<code>escapeString</code>
14183-
<code>escapeString</code>
14184-
<code>escapeString</code>
14185-
<code>escapeString</code>
14186-
</DeprecatedMethod>
14187-
</file>
1418814180
<file src="libraries/classes/Server/Select.php">
1418914181
<MixedArgumentTypeCoercion>
1419014182
<code><![CDATA[$server['only_db']]]></code>
@@ -18096,14 +18088,6 @@
1809618088
<code>assertIsArray</code>
1809718089
</RedundantCondition>
1809818090
</file>
18099-
<file src="test/classes/Server/Privileges/AccountLockingTest.php">
18100-
<DeprecatedMethod>
18101-
<code>withConsecutive</code>
18102-
<code>withConsecutive</code>
18103-
<code>withConsecutive</code>
18104-
<code>withConsecutive</code>
18105-
</DeprecatedMethod>
18106-
</file>
1810718091
<file src="test/classes/Server/PrivilegesTest.php">
1810818092
<DeprecatedMethod>
1810918093
<code>escapeString</code>

test/classes/Server/Privileges/AccountLockingTest.php

Lines changed: 10 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,8 @@ public function testLockWithValidAccount(): void
2020
$dbi = $this->createMock(DatabaseInterface::class);
2121
$dbi->expects($this->once())->method('isMariaDB')->willReturn(true);
2222
$dbi->expects($this->once())->method('getVersion')->willReturn(100402);
23-
$dbi->expects($this->exactly(2))
24-
->method('escapeString')
25-
->withConsecutive([$this->equalTo('test.user')], [$this->equalTo('test.host')])
26-
->willReturnOnConsecutiveCalls('test.user', 'test.host');
23+
$dbi->expects($this->exactly(2))->method('quoteString')
24+
->will($this->returnCallback(static fn (string $string) => "'" . $string . "'"));
2725
$dbi->expects($this->once())
2826
->method('tryQuery')
2927
->with($this->equalTo('ALTER USER \'test.user\'@\'test.host\' ACCOUNT LOCK;'))
@@ -39,10 +37,8 @@ public function testLockWithInvalidAccount(): void
3937
$dbi = $this->createMock(DatabaseInterface::class);
4038
$dbi->expects($this->once())->method('isMariaDB')->willReturn(true);
4139
$dbi->expects($this->once())->method('getVersion')->willReturn(100402);
42-
$dbi->expects($this->exactly(2))
43-
->method('escapeString')
44-
->withConsecutive([$this->equalTo('test.user')], [$this->equalTo('test.host')])
45-
->willReturnOnConsecutiveCalls('test.user', 'test.host');
40+
$dbi->expects($this->exactly(2))->method('quoteString')
41+
->will($this->returnCallback(static fn (string $string) => "'" . $string . "'"));
4642
$dbi->expects($this->once())
4743
->method('tryQuery')
4844
->with($this->equalTo('ALTER USER \'test.user\'@\'test.host\' ACCOUNT LOCK;'))
@@ -62,7 +58,7 @@ public function testLockWithUnsupportedServer(): void
6258
$dbi = $this->createMock(DatabaseInterface::class);
6359
$dbi->expects($this->once())->method('isMariaDB')->willReturn(true);
6460
$dbi->expects($this->once())->method('getVersion')->willReturn(100401);
65-
$dbi->expects($this->never())->method('escapeString');
61+
$dbi->expects($this->never())->method('quoteString');
6662
$dbi->expects($this->never())->method('tryQuery');
6763
$dbi->expects($this->never())->method('getError');
6864

@@ -79,10 +75,8 @@ public function testUnlockWithValidAccount(): void
7975
$dbi = $this->createMock(DatabaseInterface::class);
8076
$dbi->expects($this->once())->method('isMariaDB')->willReturn(true);
8177
$dbi->expects($this->once())->method('getVersion')->willReturn(100402);
82-
$dbi->expects($this->exactly(2))
83-
->method('escapeString')
84-
->withConsecutive([$this->equalTo('test.user')], [$this->equalTo('test.host')])
85-
->willReturnOnConsecutiveCalls('test.user', 'test.host');
78+
$dbi->expects($this->exactly(2))->method('quoteString')
79+
->will($this->returnCallback(static fn (string $string) => "'" . $string . "'"));
8680
$dbi->expects($this->once())
8781
->method('tryQuery')
8882
->with($this->equalTo('ALTER USER \'test.user\'@\'test.host\' ACCOUNT UNLOCK;'))
@@ -98,10 +92,8 @@ public function testUnlockWithInvalidAccount(): void
9892
$dbi = $this->createMock(DatabaseInterface::class);
9993
$dbi->expects($this->once())->method('isMariaDB')->willReturn(true);
10094
$dbi->expects($this->once())->method('getVersion')->willReturn(100402);
101-
$dbi->expects($this->exactly(2))
102-
->method('escapeString')
103-
->withConsecutive([$this->equalTo('test.user')], [$this->equalTo('test.host')])
104-
->willReturnOnConsecutiveCalls('test.user', 'test.host');
95+
$dbi->expects($this->exactly(2))->method('quoteString')
96+
->will($this->returnCallback(static fn (string $string) => "'" . $string . "'"));
10597
$dbi->expects($this->once())
10698
->method('tryQuery')
10799
->with($this->equalTo('ALTER USER \'test.user\'@\'test.host\' ACCOUNT UNLOCK;'))
@@ -121,7 +113,7 @@ public function testUnlockWithUnsupportedServer(): void
121113
$dbi = $this->createMock(DatabaseInterface::class);
122114
$dbi->expects($this->once())->method('isMariaDB')->willReturn(false);
123115
$dbi->expects($this->once())->method('getVersion')->willReturn(50705);
124-
$dbi->expects($this->never())->method('escapeString');
116+
$dbi->expects($this->never())->method('quoteString');
125117
$dbi->expects($this->never())->method('tryQuery');
126118
$dbi->expects($this->never())->method('getError');
127119

0 commit comments

Comments
 (0)