mirror of
https://github.com/danog/psalm.git
synced 2025-01-06 13:08:40 +01:00
13 lines
252 B
Markdown
13 lines
252 B
Markdown
|
# TaintedSql
|
||
|
|
|
||
|
|
Emitted when user-controlled input can be passed into to a xpath query.
|
||
|
|
|
||
|
|
```php
|
||
|
|
<?php
|
||
|
|
|
||
|
|
function queryExpression(SimpleXMLElement $xml) : array|false|null {
|
||
|
|
$expression = $_GET["expression"];
|
||
|
|
return $xml->xpath($expression);
|
||
|
|
}
|
||
|
|
```
|