Skip to content

Commit de9884f

Browse files
MauricioFauthMauricioFauth
committed
Replace escapeString with quoteString in ImportController
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
1 parent e56633e commit de9884f

2 files changed

Lines changed: 5 additions & 11 deletions

File tree

libraries/classes/Controllers/Import/ImportController.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -139,10 +139,11 @@ public function __invoke(ServerRequest $request): void
139139
if (! empty($GLOBALS['sql_query'])) {
140140
// apply values for parameters
141141
if (! empty($_POST['parameterized']) && ! empty($_POST['parameters']) && is_array($_POST['parameters'])) {
142+
/** @var array<string, string> $parameters */
142143
$parameters = $_POST['parameters'];
143144
foreach ($parameters as $parameter => $replacementValue) {
144145
if (! is_numeric($replacementValue)) {
145-
$replacementValue = '\'' . $this->dbi->escapeString($replacementValue) . '\'';
146+
$replacementValue = $this->dbi->quoteString($replacementValue);
146147
}
147148

148149
$quoted = preg_quote($parameter, '/');

psalm-baseline.xml

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -2207,9 +2207,6 @@
22072207
</UnusedVariable>
22082208
</file>
22092209
<file src="libraries/classes/Controllers/Import/ImportController.php">
2210-
<DeprecatedMethod occurrences="1">
2211-
<code>escapeString</code>
2212-
</DeprecatedMethod>
22132210
<DocblockTypeContradiction occurrences="1">
22142211
<code>$import_plugin == null</code>
22152212
</DocblockTypeContradiction>
@@ -2272,26 +2269,23 @@
22722269
<MixedMethodCall occurrences="1">
22732270
<code>close</code>
22742271
</MixedMethodCall>
2275-
<PossiblyInvalidArgument occurrences="10">
2272+
<PossiblyInvalidArgument occurrences="8">
22762273
<code>$GLOBALS['format']</code>
22772274
<code>$GLOBALS['local_import_file']</code>
22782275
<code>$_POST['bkm_label']</code>
22792276
<code>$_POST['bkm_label']</code>
22802277
<code>$_POST['bookmark_variable']</code>
22812278
<code>$_POST['sql_query']</code>
22822279
<code>$_POST['sql_query']</code>
2283-
<code>$parameter</code>
2284-
<code>$replacement</code>
22852280
<code>$skip &lt; $GLOBALS['read_limit'] ? $skip : $GLOBALS['read_limit']</code>
22862281
</PossiblyInvalidArgument>
2287-
<PossiblyInvalidCast occurrences="7">
2282+
<PossiblyInvalidCast occurrences="6">
22882283
<code>$GLOBALS['format']</code>
22892284
<code>$GLOBALS['local_import_file']</code>
22902285
<code>$_POST['bkm_label']</code>
22912286
<code>$_POST['bkm_label']</code>
22922287
<code>$_POST['sql_query']</code>
22932288
<code>$_POST['sql_query']</code>
2294-
<code>$replacement</code>
22952289
</PossiblyInvalidCast>
22962290
<PossiblyInvalidOperand occurrences="3">
22972291
<code>$GLOBALS['charset_of_file']</code>
@@ -9867,8 +9861,7 @@
98679861
</PossiblyNullArgument>
98689862
</file>
98699863
<file src="libraries/classes/Plugins/Export/ExportSql.php">
9870-
<DeprecatedMethod occurrences="10">
9871-
<code>escapeString</code>
9864+
<DeprecatedMethod occurrences="9">
98729865
<code>escapeString</code>
98739866
<code>escapeString</code>
98749867
<code>escapeString</code>

0 commit comments

Comments
 (0)