avoiding MySQL injections with the Zend_Db class

后端 未结 7 2018
一生所求
一生所求 2020-12-02 21:31

I currently use Zend_Db to manage my queries. I\'ve written already code that preforms queries like the one below:

$handle->select()->from(\'user_id\')
              


        
相关标签:
7条回答
  • 2020-12-02 22:20

    When you need it somewhere else (like in join) or you are unsure if it will be escaped then you can always use $this->getAdapter()->quoteInto('type = ?',1);

    0 讨论(0)
提交回复
热议问题