Support the ongoing development of Laravel.io →
ottz0
posted 9 years ago
Security Database Eloquent
Last updated 2 years ago.
0
kokokurak
replied 9 years ago
Solution

You don't need to escape it. This is one of the reasons those helper methods are there - to take care of safe value binding. You only need to worry about escaping when you execute query manually or use DB::raw() method.

0
donaldrecord
replied 9 years ago

Correct. If you ever get a DB Query exception in Laravel, you can generally see the escaping that the framework does for you.

Last updated 9 years ago.
0
kokokurak
replied 9 years ago

There is also one very useful method to check the queries that actually have been run:

DB::getQueryLog()

When I want to know what was the real query, I do this immediately after running a query:

die(last(DB::getQueryLog())['query']);
Last updated 9 years ago.
0
donaldrecord
replied 9 years ago

If that wasn't the solution, I don't know if one exists. hahaha. Awesome little tidbit right there.

0

Sign in to participate in this thread!

Eventy

Your banner here too?

ottz0 ottz0 Joined 15 Nov 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise