Support the ongoing development of Laravel.io →
benfa94
posted 10 years ago
Database Eloquent

hi, i need to do this query:

SELECT avg(vote) FROM (SELECT max(timestamp), vote FROM votes_table WHERE object = $id GROUP BY user)

i don't want to do this DB::raw(SELECT max(timestamp), vote FROM votes_table WHERE object = $id GROUP BY user) because it can be make some SQLInjection problem someone has a solution?

Last updated 2 years ago.
0
iansirkit
replied 10 years ago

It can only be injected if you allow $id to be set from outside the environment, and if that is the case just sanitize the input.

I wouldn't worry about any injections with that query.

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

benfa94 benfa94 Joined 28 Aug 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy NativePHP
Fathom
Forge
Envoyer
Beyond Code
BairesDev
N-iX
Litslink

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) Bluesky Bluesky GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2025 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise