protected Connection::filterComment($comment = '')
Sanitize a query comment string.
Ensure a query comment does not include strings such as "* /" that might terminate the comment early. This avoids SQL injection attacks via the query comment. The comment strings in this example are separated by a space to avoid PHP parse errors.
For example, the comment:
1 2 3 4 5 | db_update('example') ->condition('id', $id) ->fields(array('field2' => 10)) ->comment('Exploit * / DROP TABLE node; --') ->execute() |
Would result in the following SQL statement being generated:
1 | "/ * Exploit * / DROP TABLE node. -- * / UPDATE example SET field2=..." |
Unless the comment is sanitised first, the SQL server would drop the node table and ignore the rest of the SQL statement.
Parameters
string $comment: A query comment string.
Return value
string A sanitized version of the query comment string.
File
- core/lib/Drupal/Core/Database/Connection.php, line 533
Class
- Connection
- Base Database API class.
Namespace
Drupal\Core\Database
Code
1 2 3 4 | protected function filterComment($comment = '') { // Change semicolons to period to avoid triggering multi-statement check. return strtr($comment, ['*' => ' * ', ';' => '.']);} |
Please login to continue.