@@ -374,7 +374,7 @@ protected function unwind_unsafe_assignments( $stackPtr, $limit = 6 ) {
374374 $ unsafe_ptr$ this check_expression ( $ assignmentPtr
375375 if ( $ unsafe_ptr
376376 $ how'unsafely ' ;
377- $ extra_contextsprintf ( "%s assigned %s at line %d: \n %s " , addcslashes ( $ var"\0\\" ), $ how$ this tokens [ $ assignmentPtr'line ' ], addcslashes ( $ code , "\0\\" ) );
377+ $ extra_contextsprintf ( "%s assigned %s at line %d. " , addcslashes ( $ var"\0\\" ), $ how$ this tokens [ $ assignmentPtr'line ' ] );
378378 foreach ( $ this find_functions_in_expression ( $ assignmentPtras $ func
379379 if ( in_array ( $ func$ this notEscapingFunctions , true ) ) {
380380 $ extra_contextsprintf ( 'Note: %s() is not a safe escaping function. ' , $ func
@@ -789,25 +789,26 @@ public function process_token( $stackPtr ) {
789789 if ( $ unsafe_ptr
790790 $ extra_context$ this unwind_unsafe_assignments ( $ unsafe_ptr
791791 $ unsafe_expression$ this get_unsafe_expression_as_string ( $ unsafe_ptr
792+ $ capped_contextempty ( $ extra_context"\n" . $ extra_context0 ] : '' ;
792793
793794 if ( $ this is_warning_parameter ( $ unsafe_expression
794795 || $ this is_suppressed_line ( $ checkPtrarray ( 'WordPress.DB.PreparedSQL.NotPrepared ' , 'WordPress.DB.PreparedSQL.InterpolatedNotPrepared ' , 'WordPress.DB.DirectDatabaseQuery.DirectQuery ' , 'DB call ' , 'unprepared SQL ' , 'PreparedSQLPlaceholders replacement count ' ) )
795796 || $ this is_warning_expression ( $ methodParam'clean ' ] )
796797 ) {
797798 $ this phpcsFile ->addWarning (
798- 'Unescaped parameter %s used in $wpdb->%s(%s )%s ' ,
799+ 'Unescaped parameter %s used in $wpdb->%s()%s ' ,
799800 $ checkPtr
800801 $ this rule_name ,
801- array ( $ unsafe_expression$ method$ methodParam [ ' clean ' ], rtrim ( "\n" . join ( "\n" , $ extra_context ) ) ),
802+ array ( $ unsafe_expression$ method$ capped_context
802803 $ this expression_severity ,
803804 false
804805 );
805806 } else {
806807 $ this phpcsFile ->addError (
807- 'Unescaped parameter %s used in $wpdb->%s(%s )%s ' ,
808+ 'Unescaped parameter %s used in $wpdb->%s()%s ' ,
808809 $ checkPtr
809810 $ this rule_name ,
810- array ( $ unsafe_expression$ method$ methodParam [ ' clean ' ], rtrim ( "\n" . join ( "\n" , $ extra_context ) ) ),
811+ array ( $ unsafe_expression$ method$ capped_context
811812 $ this expression_severity ,
812813 false
813814 );
@@ -821,13 +822,14 @@ public function process_token( $stackPtr ) {
821822 if ( $ unsafe_ptr
822823 $ extra_context$ this unwind_unsafe_assignments ( $ unsafe_ptr
823824 $ unsafe_expression$ this get_unsafe_expression_as_string ( $ unsafe_ptr
825+ $ capped_contextempty ( $ extra_context"\n" . $ extra_context0 ] : '' ;
824826
825827 if ( $ this is_warning_parameter ( $ unsafe_expression$ this is_suppressed_line ( $ checkPtrarray ( 'WordPress.DB.PreparedSQL.NotPrepared ' , 'WordPress.DB.PreparedSQL.InterpolatedNotPrepared ' , 'WordPress.DB.DirectDatabaseQuery.DirectQuery ' , 'DB call ' , 'unprepared SQL ' , 'PreparedSQLPlaceholders replacement count ' ) ) ) {
826828 $ this phpcsFile ->addWarning (
827829 'Unescaped parameter %s used in %s%s ' ,
828830 $ checkPtr
829831 $ this rule_name ,
830- array ( $ unsafe_expression$ this tokens [ $ checkPtr'content ' ], rtrim ( "\n" . join ( "\n" , $ extra_context ) ) ),
832+ array ( $ unsafe_expression$ this tokens [ $ checkPtr'content ' ], $ capped_context
831833 $ this expression_severity ,
832834 false
833835 );
@@ -836,7 +838,7 @@ public function process_token( $stackPtr ) {
836838 'Unescaped parameter %s used in %s%s ' ,
837839 $ checkPtr
838840 $ this rule_name ,
839- array ( $ unsafe_expression$ this tokens [ $ checkPtr'content ' ], rtrim ( "\n" . join ( "\n" , $ extra_context ) ) ),
841+ array ( $ unsafe_expression$ this tokens [ $ checkPtr'content ' ], $ capped_context
840842 $ this expression_severity ,
841843 false
842844 );
0 commit comments