Does Doctrine Prevent Auto SQL Injection? Is the following code safe?
$user = new Model_User(); $user->name = $_POST['username']; $user->save();
Regarding SQL injection, I think there will be no problems. But you can also make sure that the username is well-formed (maybe, for example, <script>//do somthing bad</script>and that the script will be executed, for example, when this username is displayed on the site)
<script>//do somthing bad</script>
SQL- Doctrine ( PDO), ( Doctrine , ), , . PHP Filter, . , , FILTER_SANITIZE_STRING "-, ".
Source: https://habr.com/ru/post/1781638/More articles:Pair Matching Algorithm - algorithmVisual representation of sets - setForce activity to a story stack - androidAnnotate EnumMap Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ Π°Π½Π½ΠΎΡΠ°ΡΠΈΠΉ Hibernate - javaWebClient shutdown after loading - c #Π‘Π΄Π΅Π»Π°ΡΡ JFace TableViewer ΠΈΠ·ΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ΠΌ ΡΠ°Π·ΠΌΠ΅ΡΠ° Ρ Π΅Π³ΠΎ ΠΎΠΊΡΡΠΆΠ°ΡΡΠΈΠΌ ΠΊΠΎΠΌΠΏΠΎΠ·ΠΈΡΠΎΠΌ? - javaHow to set dynamic foreground property for combox? - c #how to extract zip file in client system using javascript - javascriptWhat language / structure do you recommend me for implementing the CMS solution? - frameworksΠΠ±Π½Π°ΡΡΠΆΠ΅Π½ΠΈΠ΅, Π΅ΡΠ»ΠΈ ΠΊΠΎΠΌΠΏΡΡΡΠ΅Ρ Π½Π΅ ΡΠ°Π±ΠΎΡΠ°Π΅Ρ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π²Π·Π°ΠΈΠΌΠΎΠ΄Π΅ΠΉΡΡΠ²ΠΈΡ Ρ ΠΌΡΡΡΡ ΠΈ ΠΊΠ»Π°Π²ΠΈΠ°ΡΡΡΠΎΠΉ - c++All Articles