protected function Connection::filterComment

Sanitize a query comment string.

Ensure a query comment does not include strings such as "* /" that might terminate the comment early. This avoids SQL injection attacks via the query comment. The comment strings in this example are separated by a space to avoid PHP parse errors.

For example, the comment:

db_update('example')
  ->condition('id', $id)
  ->fields(array(
  'field2' => 10,
))
  ->comment('Exploit * / DROP TABLE node; --')
  ->execute();

Would result in the following SQL statement being generated:

"/ * Exploit * / DROP TABLE node; -- * / UPDATE example SET field2=...";

Unless the comment is sanitised first, the SQL server would drop the node table and ignore the rest of the SQL statement.

Parameters

$comment: A query comment string.

Return value

A sanitized version of the query comment string.

1 call to Connection::filterComment()

Connection::makeComment in drupal/core/lib/Drupal/Core/Database/Connection.php: Flatten an array of query comments into a single comment string.

File

drupal/core/lib/Drupal/Core/Database/Connection.php, line 467: Definition of Drupal\Core\Database\Connection

Class

Connection: Base Database API class.

Namespace

Drupal\Core\Database

Code

protected function filterComment($comment = '') {
  return preg_replace('/(\\/\\*\\s*)|(\\s*\\*\\/)/', '', $comment);
}

Main menu

Search Drupal 9.x

API Navigation

protected function Connection::filterComment

Parameters

Return value

File

Class

Namespace

Code

Main menu

You are here

Search Drupal 9.x

API Navigation

protected function Connection::filterComment

Parameters

Return value

File

Class

Namespace

Code