queries/php: add injections for regex and sql injection (#6250)

helix-editor · Mar 10, 2023 · 3907358 · 3907358
1 parent 1661e4b
commit 3907358
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/runtime/queries/php/injections.scm b/runtime/queries/php/injections.scm
@@ -4,3 +4,22 @@
 
 ((comment) @injection.content
  (#set! injection.language "comment"))
+
+((function_call_expression
+ function: (name) @_function
+ arguments: (arguments . (argument (_ (string_value) @injection.content))))
+ (#match? @_function "^preg_")
+ (#set! injection.language "regex"))
+
+((function_call_expression
+ function: (name) @_function
+ arguments: (arguments (_) (argument (_ (string_value) @injection.content))))
+ (#match? @_function "^mysqli_")
+ (#set! injection.language "sql"))
+
+((member_call_expression
+ object: (_)
+ name: (name) @_function
+ arguments: (arguments . (argument (_ (string_value) @injection.content))))
+ (#match? @_function "^(prepare|query)$")
+ (#set! injection.language "sql"))