Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Security scans indicate the possibility of security risks due to improper usage of functions like fetchObject() in db_query.
migrate/uri_map_redirect.php
// This is a tall table mapping legacy URLs to source_id and migration_name.
// If you can already know the migration name and source_id based on the URI,
// then the first lookup is not needed.
$uri_table = variable_get('migrate_source_uri_table', 'migrate_source_uri_map');
if ($uri_map = db_query("SELECT migration_name, source_id FROM $uri_table WHERE source_uri = :source_uri", array(':source_uri' => $source_uri))->fetchObject()) {
// Hurray, we do recognize this URI.
// Consult migrate_map_x table to determine corresponding Drupal nid/tid/cid/etc.
$map_table = 'migrate_map_' . drupal_strtolower($uri_map->migration_name);
migrate/includes/base.inc
static public function getInstance($machine_name, $class_name = NULL, array $arguments = array()) {
$migrations = &drupal_static(__FUNCTION__, array());
// Otherwise might miss cache hit on case difference
$machine_name_key = drupal_strtolower($machine_name);
if (!isset($migrations[$machine_name_key])) {
// See if we know about this migration
$row = db_select('migrate_status', 'ms')
->fields('ms', array('class_name', 'group_name', 'arguments'))
->condition('machine_name', $machine_name)
->execute()
->fetchObject();
if ($row) {
$class_name = $row->class_name;
migrate/includes/group.inc
static public function getInstance($name, $dependencies = array()) {
if (empty(self::$groupList[$name])) {
$row = db_select('migrate_group', 'mg')
->fields('mg')
->condition('name', $name)
->execute()
->fetchObject();
if ($row) {
$arguments = unserialize($row->arguments);
Comments