fix: _escapeString() should accept Stringable

codeigniter4 · Apr 9, 2024 · db17a77 · db17a77
1 parent 0d1c6b9
commit db17a77
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 8 deletions.
diff --git a/system/Database/BaseConnection.php b/system/Database/BaseConnection.php
@@ -17,6 +17,7 @@
 use CodeIgniter\Database\Exceptions\DatabaseException;
 use CodeIgniter\Events\Events;
 use stdClass;
+use Stringable;
 use Throwable;
 
 /**
@@ -1328,8 +1329,8 @@ public function escape($str)
     /**
      * Escape String
      *
-     * @param list<string>|string $str  Input string
-     * @param bool                $like Whether or not the string will be used in a LIKE condition
+     * @param list<string|Stringable>|string|Stringable $str  Input string
+     * @param bool                                      $like Whether the string will be used in a LIKE condition
      *
      * @return list<string>|string
      */
@@ -1371,7 +1372,7 @@ public function escapeString($str, bool $like = false)
      * Calls the individual driver for platform
      * specific escaping for LIKE conditions
      *
-     * @param list<string>|string $str
+     * @param list<string|Stringable>|string|Stringable $str
      *
      * @return list<string>|string
      */
@@ -1385,7 +1386,7 @@ public function escapeLikeString($str)
      *
      * Will likely be overridden in child classes.
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         return str_replace("'", "''", remove_invisible_characters($str, false));
     }

diff --git a/system/Database/MySQLi/Connection.php b/system/Database/MySQLi/Connection.php
@@ -20,6 +20,7 @@
 use mysqli_result;
 use mysqli_sql_exception;
 use stdClass;
+use Stringable;
 use Throwable;
 
 /**
@@ -342,7 +343,7 @@ public function affectedRows(): int
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID) {
             $this->initialize();

diff --git a/system/Database/Postgre/Connection.php b/system/Database/Postgre/Connection.php
@@ -20,6 +20,7 @@
 use PgSql\Connection as PgSqlConnection;
 use PgSql\Result as PgSqlResult;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for Postgre
@@ -253,7 +254,7 @@ public function escape($str)
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID) {
             $this->initialize();

diff --git a/system/Database/SQLSRV/Connection.php b/system/Database/SQLSRV/Connection.php
@@ -16,6 +16,7 @@
 use CodeIgniter\Database\BaseConnection;
 use CodeIgniter\Database\Exceptions\DatabaseException;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for SQLSRV
@@ -182,7 +183,7 @@ protected function _close()
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         return str_replace("'", "''", remove_invisible_characters($str, false));
     }

diff --git a/system/Database/SQLite3/Connection.php b/system/Database/SQLite3/Connection.php
@@ -19,6 +19,7 @@
 use SQLite3;
 use SQLite3Result;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for SQLite3
@@ -171,7 +172,7 @@ public function affectedRows(): int
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID instanceof SQLite3) {
             $this->initialize();