From 1a8e2fe538994b21525216aff2b0109eadaa8023 Mon Sep 17 00:00:00 2001
From: djklim87 <klim@manticoresearch.com>
Date: Mon, 23 Mar 2026 20:11:44 +0100
Subject: [PATCH] Expose SQL escape trait to core

---
 src/Lib/SqlEscapingTrait.php                | 45 +++++++++++++++++++++
 test/BuddyCore/Lib/SqlEscapingTraitTest.php | 39 ++++++++++++++++++
 test/src/Lib/SqlEscapingTraitTestClass.php  | 18 +++++++++
 3 files changed, 102 insertions(+)
 create mode 100644 src/Lib/SqlEscapingTrait.php
 create mode 100644 test/BuddyCore/Lib/SqlEscapingTraitTest.php
 create mode 100644 test/src/Lib/SqlEscapingTraitTestClass.php

diff --git a/src/Lib/SqlEscapingTrait.php b/src/Lib/SqlEscapingTrait.php
new file mode 100644
index 0000000..6c6f347
--- /dev/null
+++ b/src/Lib/SqlEscapingTrait.php
@@ -0,0 +1,45 @@
+<?php declare(strict_types=1);
+
+/*
+  Copyright (c) 2026, Manticore Software LTD (https://manticoresearch.com)
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License version 2 or any later
+  version. You should have received a copy of the GPL license along with this
+  program; if you did not, you can find it at http://www.gnu.org/
+*/
+
+namespace Manticoresearch\Buddy\Core\Lib;
+
+trait SqlEscapingTrait {
+	protected static function escapeSqlString(string $value): string {
+		return strtr(
+			$value,
+			[
+				'\\' => '\\\\',
+				"\0" => '\\0',
+				"\n" => '\\n',
+				"\r" => '\\r',
+				"'" => "\\'",
+				'"' => '\\"',
+				"\x1a" => '\\Z',
+			]
+		);
+	}
+
+	protected static function quoteSqlString(string $value): string {
+		return "'" . self::escapeSqlString($value) . "'";
+	}
+
+	protected function sqlEscape(string $value): string {
+		return self::escapeSqlString($value);
+	}
+
+	protected function quote(string $value): string {
+		return self::quoteSqlString($value);
+	}
+
+	protected function escapeString(string $value): string {
+		return self::escapeSqlString($value);
+	}
+}
diff --git a/test/BuddyCore/Lib/SqlEscapingTraitTest.php b/test/BuddyCore/Lib/SqlEscapingTraitTest.php
new file mode 100644
index 0000000..d5e98b7
--- /dev/null
+++ b/test/BuddyCore/Lib/SqlEscapingTraitTest.php
@@ -0,0 +1,39 @@
+<?php declare(strict_types=1);
+
+/*
+  Copyright (c) 2026, Manticore Software LTD (https://manticoresearch.com)
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License version 2 or any later
+  version. You should have received a copy of the GPL license along with this
+  program; if you did not, you can find it at http://www.gnu.org/
+*/
+
+use Manticoresearch\Buddy\CoreTest\Lib\SqlEscapingTraitTestClass;
+use PHPUnit\Framework\TestCase;
+
+class SqlEscapingTraitTest extends TestCase {
+	private SqlEscapingTraitTestClass $testClass;
+
+	public function testSqlEscapeSpecialCharacters(): void {
+		$reflection = new ReflectionClass($this->testClass);
+		$method = $reflection->getMethod('sqlEscape');
+		$method->setAccessible(true);
+
+		$result = $method->invoke($this->testClass, "line1\nline2\r\"quoted\"\\slash\0\x1a'");
+		$this->assertEquals('line1\\nline2\\r\\"quoted\\"\\\\slash\\0\\Z\\\'', $result);
+	}
+
+	public function testQuoteWrapsEscapedString(): void {
+		$reflection = new ReflectionClass($this->testClass);
+		$method = $reflection->getMethod('quote');
+		$method->setAccessible(true);
+
+		$result = $method->invoke($this->testClass, "O'Reilly");
+		$this->assertEquals("'O\\'Reilly'", $result);
+	}
+
+	protected function setUp(): void {
+		$this->testClass = new SqlEscapingTraitTestClass();
+	}
+}
diff --git a/test/src/Lib/SqlEscapingTraitTestClass.php b/test/src/Lib/SqlEscapingTraitTestClass.php
new file mode 100644
index 0000000..2322195
--- /dev/null
+++ b/test/src/Lib/SqlEscapingTraitTestClass.php
@@ -0,0 +1,18 @@
+<?php declare(strict_types=1);
+
+/*
+  Copyright (c) 2026, Manticore Software LTD (https://manticoresearch.com)
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License version 2 or any later
+  version. You should have received a copy of the GPL license along with this
+  program; if you did not, you can find it at http://www.gnu.org/
+*/
+
+namespace Manticoresearch\Buddy\CoreTest\Lib;
+
+use Manticoresearch\Buddy\Core\Lib\SqlEscapingTrait;
+
+class SqlEscapingTraitTestClass {
+	use SqlEscapingTrait;
+}