From db17a77e79bfb92fb61f79a5748970c5f75d3475 Mon Sep 17 00:00:00 2001
From: kenjis <kenji.uui@gmail.com>
Date: Tue, 9 Apr 2024 16:42:55 +0900
Subject: [PATCH] fix: _escapeString() should accept Stringable

---
 system/Database/BaseConnection.php     | 9 +++++----
 system/Database/MySQLi/Connection.php  | 3 ++-
 system/Database/Postgre/Connection.php | 3 ++-
 system/Database/SQLSRV/Connection.php  | 3 ++-
 system/Database/SQLite3/Connection.php | 3 ++-
 5 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/system/Database/BaseConnection.php b/system/Database/BaseConnection.php
index e0bd7bb51217..46c3020ec4cf 100644
--- a/system/Database/BaseConnection.php
+++ b/system/Database/BaseConnection.php
@@ -17,6 +17,7 @@
 use CodeIgniter\Database\Exceptions\DatabaseException;
 use CodeIgniter\Events\Events;
 use stdClass;
+use Stringable;
 use Throwable;
 
 /**
@@ -1328,8 +1329,8 @@ public function escape($str)
     /**
      * Escape String
      *
-     * @param list<string>|string $str  Input string
-     * @param bool                $like Whether or not the string will be used in a LIKE condition
+     * @param list<string|Stringable>|string|Stringable $str  Input string
+     * @param bool                                      $like Whether the string will be used in a LIKE condition
      *
      * @return list<string>|string
      */
@@ -1371,7 +1372,7 @@ public function escapeString($str, bool $like = false)
      * Calls the individual driver for platform
      * specific escaping for LIKE conditions
      *
-     * @param list<string>|string $str
+     * @param list<string|Stringable>|string|Stringable $str
      *
      * @return list<string>|string
      */
@@ -1385,7 +1386,7 @@ public function escapeLikeString($str)
      *
      * Will likely be overridden in child classes.
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         return str_replace("'", "''", remove_invisible_characters($str, false));
     }
diff --git a/system/Database/MySQLi/Connection.php b/system/Database/MySQLi/Connection.php
index c2ef98adb0b3..1dd73ae8dee1 100644
--- a/system/Database/MySQLi/Connection.php
+++ b/system/Database/MySQLi/Connection.php
@@ -20,6 +20,7 @@
 use mysqli_result;
 use mysqli_sql_exception;
 use stdClass;
+use Stringable;
 use Throwable;
 
 /**
@@ -342,7 +343,7 @@ public function affectedRows(): int
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID) {
             $this->initialize();
diff --git a/system/Database/Postgre/Connection.php b/system/Database/Postgre/Connection.php
index 45e30eb65365..a4ac7c9aa92f 100644
--- a/system/Database/Postgre/Connection.php
+++ b/system/Database/Postgre/Connection.php
@@ -20,6 +20,7 @@
 use PgSql\Connection as PgSqlConnection;
 use PgSql\Result as PgSqlResult;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for Postgre
@@ -253,7 +254,7 @@ public function escape($str)
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID) {
             $this->initialize();
diff --git a/system/Database/SQLSRV/Connection.php b/system/Database/SQLSRV/Connection.php
index 411470d8e34c..e994eee30886 100755
--- a/system/Database/SQLSRV/Connection.php
+++ b/system/Database/SQLSRV/Connection.php
@@ -16,6 +16,7 @@
 use CodeIgniter\Database\BaseConnection;
 use CodeIgniter\Database\Exceptions\DatabaseException;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for SQLSRV
@@ -182,7 +183,7 @@ protected function _close()
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         return str_replace("'", "''", remove_invisible_characters($str, false));
     }
diff --git a/system/Database/SQLite3/Connection.php b/system/Database/SQLite3/Connection.php
index d15c64213952..1e447a65d9ab 100644
--- a/system/Database/SQLite3/Connection.php
+++ b/system/Database/SQLite3/Connection.php
@@ -19,6 +19,7 @@
 use SQLite3;
 use SQLite3Result;
 use stdClass;
+use Stringable;
 
 /**
  * Connection for SQLite3
@@ -171,7 +172,7 @@ public function affectedRows(): int
     /**
      * Platform-dependant string escape
      */
-    protected function _escapeString(string $str): string
+    protected function _escapeString(string|Stringable $str): string
     {
         if (! $this->connID instanceof SQLite3) {
             $this->initialize();