New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add mysqli::query as a taint sink #4155
Comments
Hey @craigfrancis, can you reproduce the issue on https://psalm.dev ? |
I found these snippets: https://psalm.dev/r/a92254e11d<?php // --taint-analysis
$mysqli = new mysqli('localhost', 'test', '???', 'test');
$result = mysqli_query($mysqli, 'SELECT * FROM user WHERE id = ' . $_GET['id']);
?>
https://psalm.dev/r/fcf2f09014<?php // --taint-analysis
$mysqli = new mysqli('localhost', 'test', '???', 'test');
$result = $mysqli->query('SELECT * FROM user WHERE id = ' . $_GET['id']);
?>
|
@craigfrancis you should be able to PR this, making a change to |
craigfrancis
added a commit
to craigfrancis/psalm
that referenced
this issue
Sep 8, 2020
muglug
pushed a commit
that referenced
this issue
Sep 8, 2020
muglug
pushed a commit
that referenced
this issue
Sep 10, 2020
danog
pushed a commit
to danog/psalm
that referenced
this issue
Jan 29, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While this issue is detected:
This one is not:
The text was updated successfully, but these errors were encountered: