From 9611a05f35beb9e08aede5f1e16bd935c4faee34 Mon Sep 17 00:00:00 2001 From: lukinovec Date: Fri, 1 May 2026 09:34:11 +0200 Subject: [PATCH] Skip null parameters, throw for other non-string parameters --- src/Database/Concerns/ValidatesDatabaseParameters.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/Database/Concerns/ValidatesDatabaseParameters.php b/src/Database/Concerns/ValidatesDatabaseParameters.php index 90807e4b..26580fa5 100644 --- a/src/Database/Concerns/ValidatesDatabaseParameters.php +++ b/src/Database/Concerns/ValidatesDatabaseParameters.php @@ -67,13 +67,17 @@ trait ValidatesDatabaseParameters $allowedCharacters ??= static::allowedParameterCharacters(); foreach ((array) $parameters as $parameter) { - if (! is_string($parameter)) { + if (is_null($parameter)) { // Skip if there's nothing to validate // (e.g. when $tenant->database()->getUsername() of an // improperly created tenant is null and it gets passed). continue; } + if (! is_string($parameter)) { + throw new InvalidArgumentException("Parameter has to be a string."); + } + foreach (str_split($parameter) as $character) { if (! str_contains($allowedCharacters, $character)) { throw new InvalidArgumentException("Forbidden character '{$character}' in parameter.");