diff options
| author | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2022-11-12 17:42:09 +0300 |
|---|---|---|
| committer | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2022-11-12 17:42:09 +0300 |
| commit | de9884f56298be5d7985252118f0630a53b1a73b (patch) | |
| tree | 3877e13de4365edb819d565c6b4bed1e99e16523 | |
| parent | e56633effccfe6fa2e3dad8b1153b37f30ddb294 (diff) | |
Replace escapeString with quoteString in ImportController
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
| -rw-r--r-- | libraries/classes/Controllers/Import/ImportController.php | 3 | ||||
| -rw-r--r-- | psalm-baseline.xml | 13 |
2 files changed, 5 insertions, 11 deletions
diff --git a/libraries/classes/Controllers/Import/ImportController.php b/libraries/classes/Controllers/Import/ImportController.php index 2114c92599..6e8c60286f 100644 --- a/libraries/classes/Controllers/Import/ImportController.php +++ b/libraries/classes/Controllers/Import/ImportController.php @@ -139,10 +139,11 @@ final class ImportController extends AbstractController if (! empty($GLOBALS['sql_query'])) { // apply values for parameters if (! empty($_POST['parameterized']) && ! empty($_POST['parameters']) && is_array($_POST['parameters'])) { + /** @var array<string, string> $parameters */ $parameters = $_POST['parameters']; foreach ($parameters as $parameter => $replacementValue) { if (! is_numeric($replacementValue)) { - $replacementValue = '\'' . $this->dbi->escapeString($replacementValue) . '\''; + $replacementValue = $this->dbi->quoteString($replacementValue); } $quoted = preg_quote($parameter, '/'); diff --git a/psalm-baseline.xml b/psalm-baseline.xml index 18e939868a..737d6f85d9 100644 --- a/psalm-baseline.xml +++ b/psalm-baseline.xml @@ -2207,9 +2207,6 @@ </UnusedVariable> </file> <file src="libraries/classes/Controllers/Import/ImportController.php"> - <DeprecatedMethod occurrences="1"> - <code>escapeString</code> - </DeprecatedMethod> <DocblockTypeContradiction occurrences="1"> <code>$import_plugin == null</code> </DocblockTypeContradiction> @@ -2272,7 +2269,7 @@ <MixedMethodCall occurrences="1"> <code>close</code> </MixedMethodCall> - <PossiblyInvalidArgument occurrences="10"> + <PossiblyInvalidArgument occurrences="8"> <code>$GLOBALS['format']</code> <code>$GLOBALS['local_import_file']</code> <code>$_POST['bkm_label']</code> @@ -2280,18 +2277,15 @@ <code>$_POST['bookmark_variable']</code> <code>$_POST['sql_query']</code> <code>$_POST['sql_query']</code> - <code>$parameter</code> - <code>$replacement</code> <code>$skip < $GLOBALS['read_limit'] ? $skip : $GLOBALS['read_limit']</code> </PossiblyInvalidArgument> - <PossiblyInvalidCast occurrences="7"> + <PossiblyInvalidCast occurrences="6"> <code>$GLOBALS['format']</code> <code>$GLOBALS['local_import_file']</code> <code>$_POST['bkm_label']</code> <code>$_POST['bkm_label']</code> <code>$_POST['sql_query']</code> <code>$_POST['sql_query']</code> - <code>$replacement</code> </PossiblyInvalidCast> <PossiblyInvalidOperand occurrences="3"> <code>$GLOBALS['charset_of_file']</code> @@ -9867,8 +9861,7 @@ </PossiblyNullArgument> </file> <file src="libraries/classes/Plugins/Export/ExportSql.php"> - <DeprecatedMethod occurrences="10"> - <code>escapeString</code> + <DeprecatedMethod occurrences="9"> <code>escapeString</code> <code>escapeString</code> <code>escapeString</code> |