diff options
-rw-r--r-- | libraries/classes/Controllers/Import/ImportController.php | 3 | ||||
-rw-r--r-- | psalm-baseline.xml | 13 |
2 files changed, 5 insertions, 11 deletions
diff --git a/libraries/classes/Controllers/Import/ImportController.php b/libraries/classes/Controllers/Import/ImportController.php index 2114c92599..6e8c60286f 100644 --- a/libraries/classes/Controllers/Import/ImportController.php +++ b/libraries/classes/Controllers/Import/ImportController.php @@ -139,10 +139,11 @@ final class ImportController extends AbstractController if (! empty($GLOBALS['sql_query'])) { // apply values for parameters if (! empty($_POST['parameterized']) && ! empty($_POST['parameters']) && is_array($_POST['parameters'])) { + /** @var array<string, string> $parameters */ $parameters = $_POST['parameters']; foreach ($parameters as $parameter => $replacementValue) { if (! is_numeric($replacementValue)) { - $replacementValue = '\'' . $this->dbi->escapeString($replacementValue) . '\''; + $replacementValue = $this->dbi->quoteString($replacementValue); } $quoted = preg_quote($parameter, '/'); diff --git a/psalm-baseline.xml b/psalm-baseline.xml index 18e939868a..737d6f85d9 100644 --- a/psalm-baseline.xml +++ b/psalm-baseline.xml @@ -2207,9 +2207,6 @@ </UnusedVariable> </file> <file src="libraries/classes/Controllers/Import/ImportController.php"> - <DeprecatedMethod occurrences="1"> - <code>escapeString</code> - </DeprecatedMethod> <DocblockTypeContradiction occurrences="1"> <code>$import_plugin == null</code> </DocblockTypeContradiction> @@ -2272,7 +2269,7 @@ <MixedMethodCall occurrences="1"> <code>close</code> </MixedMethodCall> - <PossiblyInvalidArgument occurrences="10"> + <PossiblyInvalidArgument occurrences="8"> <code>$GLOBALS['format']</code> <code>$GLOBALS['local_import_file']</code> <code>$_POST['bkm_label']</code> @@ -2280,18 +2277,15 @@ <code>$_POST['bookmark_variable']</code> <code>$_POST['sql_query']</code> <code>$_POST['sql_query']</code> - <code>$parameter</code> - <code>$replacement</code> <code>$skip < $GLOBALS['read_limit'] ? $skip : $GLOBALS['read_limit']</code> </PossiblyInvalidArgument> - <PossiblyInvalidCast occurrences="7"> + <PossiblyInvalidCast occurrences="6"> <code>$GLOBALS['format']</code> <code>$GLOBALS['local_import_file']</code> <code>$_POST['bkm_label']</code> <code>$_POST['bkm_label']</code> <code>$_POST['sql_query']</code> <code>$_POST['sql_query']</code> - <code>$replacement</code> </PossiblyInvalidCast> <PossiblyInvalidOperand occurrences="3"> <code>$GLOBALS['charset_of_file']</code> @@ -9867,8 +9861,7 @@ </PossiblyNullArgument> </file> <file src="libraries/classes/Plugins/Export/ExportSql.php"> - <DeprecatedMethod occurrences="10"> - <code>escapeString</code> + <DeprecatedMethod occurrences="9"> <code>escapeString</code> <code>escapeString</code> <code>escapeString</code> |