diff --git a/system/Database/BaseConnection.php b/system/Database/BaseConnection.php index e0bd7bb51217..46c3020ec4cf 100644 --- a/system/Database/BaseConnection.php +++ b/system/Database/BaseConnection.php @@ -17,6 +17,7 @@ use CodeIgniter\Database\Exceptions\DatabaseException; use CodeIgniter\Events\Events; use stdClass; +use Stringable; use Throwable; /** @@ -1328,8 +1329,8 @@ public function escape($str) /** * Escape String * - * @param list|string $str Input string - * @param bool $like Whether or not the string will be used in a LIKE condition + * @param list|string|Stringable $str Input string + * @param bool $like Whether the string will be used in a LIKE condition * * @return list|string */ @@ -1371,7 +1372,7 @@ public function escapeString($str, bool $like = false) * Calls the individual driver for platform * specific escaping for LIKE conditions * - * @param list|string $str + * @param list|string|Stringable $str * * @return list|string */ @@ -1385,7 +1386,7 @@ public function escapeLikeString($str) * * Will likely be overridden in child classes. */ - protected function _escapeString(string $str): string + protected function _escapeString(string|Stringable $str): string { return str_replace("'", "''", remove_invisible_characters($str, false)); } diff --git a/system/Database/MySQLi/Connection.php b/system/Database/MySQLi/Connection.php index c2ef98adb0b3..1dd73ae8dee1 100644 --- a/system/Database/MySQLi/Connection.php +++ b/system/Database/MySQLi/Connection.php @@ -20,6 +20,7 @@ use mysqli_result; use mysqli_sql_exception; use stdClass; +use Stringable; use Throwable; /** @@ -342,7 +343,7 @@ public function affectedRows(): int /** * Platform-dependant string escape */ - protected function _escapeString(string $str): string + protected function _escapeString(string|Stringable $str): string { if (! $this->connID) { $this->initialize(); diff --git a/system/Database/Postgre/Connection.php b/system/Database/Postgre/Connection.php index 45e30eb65365..a4ac7c9aa92f 100644 --- a/system/Database/Postgre/Connection.php +++ b/system/Database/Postgre/Connection.php @@ -20,6 +20,7 @@ use PgSql\Connection as PgSqlConnection; use PgSql\Result as PgSqlResult; use stdClass; +use Stringable; /** * Connection for Postgre @@ -253,7 +254,7 @@ public function escape($str) /** * Platform-dependant string escape */ - protected function _escapeString(string $str): string + protected function _escapeString(string|Stringable $str): string { if (! $this->connID) { $this->initialize(); diff --git a/system/Database/SQLSRV/Connection.php b/system/Database/SQLSRV/Connection.php index 411470d8e34c..e994eee30886 100755 --- a/system/Database/SQLSRV/Connection.php +++ b/system/Database/SQLSRV/Connection.php @@ -16,6 +16,7 @@ use CodeIgniter\Database\BaseConnection; use CodeIgniter\Database\Exceptions\DatabaseException; use stdClass; +use Stringable; /** * Connection for SQLSRV @@ -182,7 +183,7 @@ protected function _close() /** * Platform-dependant string escape */ - protected function _escapeString(string $str): string + protected function _escapeString(string|Stringable $str): string { return str_replace("'", "''", remove_invisible_characters($str, false)); } diff --git a/system/Database/SQLite3/Connection.php b/system/Database/SQLite3/Connection.php index d15c64213952..1e447a65d9ab 100644 --- a/system/Database/SQLite3/Connection.php +++ b/system/Database/SQLite3/Connection.php @@ -19,6 +19,7 @@ use SQLite3; use SQLite3Result; use stdClass; +use Stringable; /** * Connection for SQLite3 @@ -171,7 +172,7 @@ public function affectedRows(): int /** * Platform-dependant string escape */ - protected function _escapeString(string $str): string + protected function _escapeString(string|Stringable $str): string { if (! $this->connID instanceof SQLite3) { $this->initialize(); diff --git a/user_guide_src/source/changelogs/v4.5.1.rst b/user_guide_src/source/changelogs/v4.5.1.rst index 9f00193bcf6c..d83900d8522b 100644 --- a/user_guide_src/source/changelogs/v4.5.1.rst +++ b/user_guide_src/source/changelogs/v4.5.1.rst @@ -14,6 +14,10 @@ Release Date: Unreleased BREAKING ******** +- **QueryBuilder:** Fixed a bug where ``BaseBuilder::_escapeString()`` did not + accept ``Stringable``. Therefore, the parameter type of that method has been + changed from ``string`` to ``string|Stringable``. + *************** Message Changes *************** diff --git a/user_guide_src/source/installation/upgrade_451.rst b/user_guide_src/source/installation/upgrade_451.rst index 3fc97dc3cffe..9ac3e02d3b09 100644 --- a/user_guide_src/source/installation/upgrade_451.rst +++ b/user_guide_src/source/installation/upgrade_451.rst @@ -20,6 +20,10 @@ Mandatory File Changes Breaking Changes **************** +- **QueryBuilder:** Due to a bug fix, the parameter type of ``BaseBuilder::_escapeString()`` + has been changed from ``string`` to ``string|Stringable``. If you are extending + this method, update the method parameter type. + ********************* Breaking Enhancements *********************