protected function DatabaseConnection::filterComment
7.x database.inc | protected DatabaseConnection::filterComment($comment = '') |
Sanitize a query comment string.
Ensure a query comment does not include strings such as "* /" that might terminate the comment early. This avoids SQL injection attacks via the query comment. The comment strings in this example are separated by a space to avoid PHP parse errors.
For example, the comment:
db_update('example')
->condition('id', $id)
->fields(array('field2' => 10))
->comment('Exploit * / DROP TABLE node; --')
->execute()
Would result in the following SQL statement being generated:
"/ * Exploit * / DROP TABLE node; -- * / UPDATE example SET field2=..."
Unless the comment is sanitised first, the SQL server would drop the node table and ignore the rest of the SQL statement.
Parameters
$comment: A query comment string.
Return value
A sanitized version of the query comment string.
1 call to DatabaseConnection::filterComment()
- DatabaseConnection::makeComment in drupal-7.x/
includes/ database/ database.inc - Flatten an array of query comments into a single comment string.
File
- drupal-7.x/
includes/ database/ database.inc, line 626 - Core systems for the database layer.
Class
- DatabaseConnection
- Base Database API class.
Code
protected function filterComment($comment = '') {
return preg_replace('/(\/\*\s*)|(\s*\*\/)/', '', $comment);
}