[10.x] Throw exception when trying to escape array for database connection (#48836)

sidneyprins · taylorotwell · web-flow · commit 0aeececbde74 · 2023-10-30T09:29:38.000-05:00
* Throw error when trying to escape array

* Add tests to test escaping array throwing exception

* Update Connection.php

---------

Co-authored-by: Taylor Otwell &lt;taylor@laravel.com&gt;
diff --git a/src/Illuminate/Database/Connection.php b/src/Illuminate/Database/Connection.php
@@ -1101,6 +1101,8 @@ public function escape($value, $binary = false)
             return (string) $value;
         } elseif (is_bool($value)) {
             return $this->escapeBool($value);
+        } elseif (is_array($value)) {
+            throw new RuntimeException('The database connection does not support escaping arrays.');
         } else {
             if (str_contains($value, "\00")) {
                 throw new RuntimeException('Strings with null bytes cannot be escaped. Use the binary escape option.');
diff --git a/tests/Integration/Database/MySql/EscapeTest.php b/tests/Integration/Database/MySql/EscapeTest.php
@@ -61,4 +61,11 @@ public function testEscapeStringNullByte()
 
         $this->app['db']->escape("I am hiding a \00 byte");
     }
+
+    public function testEscapeArray()
+    {
+        $this->expectException(RuntimeException::class);
+
+        $this->app['db']->escape(['a', 'b']);
+    }
 }
diff --git a/tests/Integration/Database/Postgres/EscapeTest.php b/tests/Integration/Database/Postgres/EscapeTest.php
@@ -61,4 +61,11 @@ public function testEscapeStringNullByte()
 
         $this->app['db']->escape("I am hiding a \00 byte");
     }
+
+    public function testEscapeArray()
+    {
+        $this->expectException(RuntimeException::class);
+
+        $this->app['db']->escape(['a', 'b']);
+    }
 }
diff --git a/tests/Integration/Database/SqlServer/EscapeTest.php b/tests/Integration/Database/SqlServer/EscapeTest.php
@@ -57,4 +57,11 @@ public function testEscapeStringNullByte()
 
         $this->app['db']->escape("I am hiding a \00 byte");
     }
+
+    public function testEscapeArray()
+    {
+        $this->expectException(RuntimeException::class);
+
+        $this->app['db']->escape(['a', 'b']);
+    }
 }
diff --git a/tests/Integration/Database/Sqlite/EscapeTest.php b/tests/Integration/Database/Sqlite/EscapeTest.php
@@ -73,4 +73,11 @@ public function testEscapeStringNullByte()
 
         $this->app['db']->escape("I am hiding a \00 byte");
     }
+
+    public function testEscapeArray()
+    {
+        $this->expectException(RuntimeException::class);
+
+        $this->app['db']->escape(['a', 'b']);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -61,4 +61,11 @@ public function testEscapeStringNullByte()`
`61`	`61`
`62`	`62`	`$this->app['db']->escape("I am hiding a \00 byte");`
`63`	`63`	`}`
	`64`	`+`
	`65`	`+ public function testEscapeArray()`
	`66`	`+ {`
	`67`	`+ $this->expectException(RuntimeException::class);`
	`68`	`+`
	`69`	`+ $this->app['db']->escape(['a', 'b']);`
	`70`	`+ }`
`64`	`71`	`}`
Original file line number	Diff line number	Diff line change
`@@ -57,4 +57,11 @@ public function testEscapeStringNullByte()`
`57`	`57`
`58`	`58`	`$this->app['db']->escape("I am hiding a \00 byte");`
`59`	`59`	`}`
	`60`	`+`
	`61`	`+ public function testEscapeArray()`
	`62`	`+ {`
	`63`	`+ $this->expectException(RuntimeException::class);`
	`64`	`+`
	`65`	`+ $this->app['db']->escape(['a', 'b']);`
	`66`	`+ }`
`60`	`67`	`}`
Original file line number	Diff line number	Diff line change
`@@ -73,4 +73,11 @@ public function testEscapeStringNullByte()`
`73`	`73`
`74`	`74`	`$this->app['db']->escape("I am hiding a \00 byte");`
`75`	`75`	`}`
	`76`	`+`
	`77`	`+ public function testEscapeArray()`
	`78`	`+ {`
	`79`	`+ $this->expectException(RuntimeException::class);`
	`80`	`+`
	`81`	`+ $this->app['db']->escape(['a', 'b']);`
	`82`	`+ }`
`76`	`83`	`}`