DEVHIDE
Login Or Sign up

Cakephp 3.0 Sql Injection Protection

1.7k Views Asked by At

how to protect my code of Cakephp 3.0 against sql injection. Cook book just give me the idea that we should use column name or user data directly but dont know how to do it??

cakephp cakephp-3.0 sql-injection
Original Q&A
2

There are 2 best solutions below

2
On

Not entirely true @doonot: You can expose yourself, if you're using some of the more "advanced" parts of the ORM:

While the ORM and database abstraction layers prevent most SQL injections issues, it is still possible to leave yourself vulnerable through improper use. When using the expression builder, column names must not contain user data:

Source: CakePHP Cookbook section on "SQL Injection Prevention"

0
On

CakePHP already comes with SQL injection prevention if you are using the default ORM provided by them:

CakePHP comes with built-in tools for input validation, CSRF protection, Form tampering protection, SQL injection prevention, and XSS prevention, helping you keep your application safe & secure..

Source: CakePHP.org

Related Questions in CAKEPHP

Related Questions in CAKEPHP-3.0

Related Questions in SQL-INJECTION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.