Replace drush_escapeshellarg() uses in Sqlbase (#3819)

Author: weitzman

includes/environment.inc

@@ -31,6 +31,8 @@ function _drush_convert_path($path) {
 /**
  * Build a drush command suitable for use for Drush to call itself.
  * Used in backend_invoke.
+ *
+ * @deprecated.
  */
 function drush_build_drush_command($drush_path = NULL, $php = NULL, $os = NULL, $remote_command = FALSE, $environment_variables = []) {
   $os = _drush_get_os($os);
@@ -136,6 +138,8 @@ function drush_bit_bucket() {
  *   WIN* (e.g. WINNT)
  *   CYGWIN
  *   MINGW* (e.g. MINGW32)
+ *
+ * @deprecated. Use \Consolidation\SiteProcess\Util\Escape.
  */
 function _drush_get_os($os = NULL) {
   // In most cases, $os will be NULL and PHP_OS will be returned. However, if an
@@ -170,11 +174,16 @@ function drush_is_local_host($host) {
 
 /**
  * Determine whether current OS is a Windows variant.
+ *
+ * @deprecated. Use \Consolidation\SiteProcess\Util\Escape.
  */
 function drush_is_windows($os = NULL) {
   return strtoupper(substr(_drush_get_os($os), 0, 3)) === 'WIN';
 }
 
+/**
+ * @deprecated. Use \Consolidation\SiteProcess\Util\Escape.
+ */
 function drush_escapeshellarg($arg, $os = NULL, $raw = FALSE) {
   // Short-circuit escaping for simple params (keep stuff readable)
   if (preg_match('|^[a-zA-Z0-9.:/_-]*$|', $arg)) {
@@ -194,7 +203,9 @@ function drush_escapeshellarg($arg, $os = NULL, $raw = FALSE) {
  * This is intended to work the same way that escapeshellarg() does on
  * Linux.  If we need to escape a string that will be used remotely on
  * a Linux system, then we need our own implementation of escapeshellarg,
- * because the Windows version behaves differently.
+ * because the Windows version behaves differently
+ *
+ * @deprecated. Use \Consolidation\SiteProcess\Util\Escape.
  */
 function _drush_escapeshellarg_linux($arg, $raw = FALSE) {
   // For single quotes existing in the string, we will "exit"
@@ -222,6 +233,8 @@ function _drush_escapeshellarg_linux($arg, $raw = FALSE) {
 
 /**
  * Windows version of escapeshellarg().
+ *
+ * @deprecated. Use \Consolidation\SiteProcess\Util\Escape.
  */
 function _drush_escapeshellarg_windows($arg, $raw = FALSE) {
   // Double up existing backslashes

src/Sql/SqlBase.php

@@ -2,12 +2,14 @@
 
 namespace Drush\Sql;
 
+use Consolidation\SiteProcess\Util\Escape;
+use Consolidation\SiteProcess\Util\Shell;
 use Drupal\Core\Database\Database;
 use Drush\Drush;
-use Drush\Log\LogLevel;
 use Drush\Utils\FsUtils;
 use Robo\Common\ConfigAwareTrait;
 use Robo\Contract\ConfigAwareInterface;
+use Symfony\Component\Filesystem\Filesystem;
 use Symfony\Component\Process\Process;
 use Webmozart\PathUtil\Path;
 
@@ -29,7 +31,10 @@ class SqlBase implements ConfigAwareInterface
     // An options array.
     public $options;
 
-    public $process;
+    /**
+     * @var Process
+     */
+    protected $process;
 
     /**
      * Typically, SqlBase instances are constructed via SqlBase::create($options).
@@ -169,7 +174,7 @@ public function dump()
         }
         if ($file) {
             $file .= $file_suffix;
-            $cmd .= ' > ' . drush_escapeshellarg($file);
+            $cmd .= ' > ' . Escape::shellArg($file);
         }
 
         $process = Drush::process($cmd);
@@ -247,7 +252,7 @@ public function query($query, $input_file = null, $result_file = '')
     /**
      * Execute a SQL query. Always execute regardless of simulate mode.
      *
-     * If you don't want query results to print during --debug then
+     * If you don't want query to print during --debug then
      * provide a $result_file whose value can be drush_bit_bucket().
      *
      * @param string $query
@@ -276,7 +281,7 @@ public function alwaysQuery($query, $input_file = null, $result_file = '')
             }
         }
 
-        // Save $query to a tmp file if needed. We will redirect it in.
+        // Save $query to a tmp file if needed. We redirect it in.
         if (!$input_file) {
             $query = $this->queryPrefix($query);
             $query = $this->queryFormat($query);
@@ -289,12 +294,12 @@ public function alwaysQuery($query, $input_file = null, $result_file = '')
             $this->silent(), // This removes column header and various helpful things in mysql.
             $this->getOption('extra', $this->queryExtra),
             $this->queryFile,
-            drush_escapeshellarg($input_file),
+            Escape::shellArg($input_file),
         ];
         $exec = implode(' ', $parts);
 
         if ($result_file) {
-            $exec .= ' > '. drush_escapeshellarg($result_file);
+            $exec .= ' > '. Escape::shellArg($result_file);
         }
 
         // In --verbose mode, drush_shell_exec() will show the call to mysql/psql/sqlite,
@@ -309,7 +314,8 @@ public function alwaysQuery($query, $input_file = null, $result_file = '')
         $this->setProcess($process);
 
         if ($success && $this->getOption('file-delete')) {
-            drush_delete_dir($input_file);
+            $fs = new Filesystem();
+            $fs->remove($input_file);
         }
 
         return $success;