@@ -255,9 +255,6 @@ private function createSafeRegex(string $value, string $pattern = '%s', string $
255255 {
256256 $ escapedpreg_quote ($ value'/ ' );
257257
258- // Additional MongoDB-specific escaping for $ and \ to prevent injection
259- $ escapedstr_replace (['\\' , '$ ' ], ['\\\\' , '\\$ ' ], $ escaped
260-
261258 // Validate that the pattern doesn't contain injection vectors
262259 if (preg_match ('/\$[a-z]+/i ' , $ escaped
263260 throw new DatabaseException ('Invalid regex pattern: potential injection detected ' );
@@ -2203,23 +2200,27 @@ protected function replaceChars(string $from, string $to, array $array): array
22032200 'collection '
22042201 ];
22052202
2206- // Process in-place with references to avoid array copies
2207- foreach ($ arrayas $ k$ v
2203+ // First pass: recursively process array values and collect keys to rename
2204+ $ keysToRename
2205+ foreach ($ arrayas $ k$ v
22082206 if (is_array ($ v
2209- $ v $ this replaceChars ($ from$ to$ v
2207+ $ array [ $ k ] = $ this replaceChars ($ from$ to$ v
22102208 }
22112209
22122210 // Handle key replacement for filtered attributes
22132211 $ clean_keystr_replace ($ from"" , $ k
22142212 if (in_array ($ clean_key$ filter
2215- $ new_keystr_replace ($ from$ to$ k
2216- if ($ new_key$ k
2217- $ array$ new_key$ v
2218- unset($ array$ k
2213+ $ newKeystr_replace ($ from$ to$ k
2214+ if ($ newKey$ k
2215+ $ keysToRename$ k$ newKey
22192216 }
22202217 }
22212218 }
2222- unset($ v// Break reference
2219+
2220+ foreach ($ keysToRenameas $ oldKey$ newKey
2221+ $ array$ newKey$ array$ oldKey
2222+ unset($ array$ oldKey
2223+ }
22232224
22242225 // Handle special attribute mappings
22252226 if ($ from'_ ' ) {
@@ -3084,6 +3085,4 @@ public function getTenantQuery(string $collection, string $alias = ''): string
30843085 {
30853086 return '' ;
30863087 }
3087-
3088-
30893088}
0 commit comments