danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-30 04:39:00 +01:00
Code Issues Projects Releases Wiki Activity

#10030 Add PDOStatement::bindValuebindValue() and PDOStatement::bindParam() as sources for TaintedSql

Browse Source
This commit is contained in:
cgocast 2023-07-21 15:27:47 +02:00
parent 9c814c8a69
commit 719496b46e
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
stubs/extensions/pdo.phpstub
View File

@ -150,6 +150,16 @@ class PDOStatement implements Traversable
* @return false|T
*/
public function fetchObject($class = \stdclass::class, array $ctorArgs = array()) {}
/**
* @psalm-taint-sink sql $value
*/
public function bindValue(string|int $param, mixed $value, int $type = PDO::PARAM_STR): bool {}
/**
* @psalm-taint-sink sql $var
*/
public function bindParam(string|int $param, mixed &$var, int $type = PDO::PARAM_STR, int $maxLength = 0, mixed $driverOptions = null): bool {}
}
class PDOException extends RuntimeException {