Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
FuelPHP SQL security
  • fishermanfisherman
    Hi,

    recently I found an older topic on stackoverflow stating that fuel does just escape your SQL queries when using the ORM. I had in mind that you should be safe with the query builder aswell.

    I checked the docs that seem to support this. But maybe Harro or one of the guys more familiar could clarify when you have to escape and secure your queries manually.



  • HarroHarro
    Not correct, escaping is done in the DB drivers, which ORM uses as well.

    So no, you don't have to escape your queries yourself, obviously unless you hand-code your SQL.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion