danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-02 17:52:45 +01:00
Code Issues Projects Releases Wiki Activity
e87617e598
psalm/docs/running_psalm/issues/TaintedSql.md
Matt Brown db566c7c4d
Improve documentation for taints a little 
Ref #4590
2021-01-29 11:46:13 +01:00

377 B
Raw Blame History

TaintedSql

Emitted when user-controlled input can be passed into to a SQL command.

<?php

class A {
    public function deleteUser(PDO $pdo) : void {
        $userId = self::getUserId();
        $pdo->exec("delete from users where user_id = " . $userId);
    }

    public static function getUserId() : string {
        return (string) $_GET["user_id"];
    }
}