function OrderByTest::testFieldEscaping
Same name in other branches
- 8.9.x core/tests/Drupal/Tests/Core/Database/OrderByTest.php \Drupal\Tests\Core\Database\OrderByTest::testFieldEscaping()
- 10 core/tests/Drupal/Tests/Core/Database/OrderByTest.php \Drupal\Tests\Core\Database\OrderByTest::testFieldEscaping()
- 11.x core/tests/Drupal/Tests/Core/Database/OrderByTest.php \Drupal\Tests\Core\Database\OrderByTest::testFieldEscaping()
Tests that fields passed for ordering get escaped properly.
File
-
core/
tests/ Drupal/ Tests/ Core/ Database/ OrderByTest.php, line 45
Class
- OrderByTest
- Tests the orderBy() method of select queries.
Namespace
Drupal\Tests\Core\DatabaseCode
public function testFieldEscaping() {
$this->query
->orderBy('x; DROP table node; --');
$sql = $this->query
->__toString();
$this->assertStringEndsWith('ORDER BY xDROPtablenode ASC', $sql, 'Order by field is escaped correctly.');
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.