TP5: I used the INPUT function to receive parameters, do I need to filter SQL injection again?

Others 2022-04-22 16:07:41 views: 0

TP5: The INPUT function is used to receive parameters. Do I need to filter SQL injection? What actions does the default INPUT function do?

With PDO parameter binding, you basically don't need to consider the problem of sql injection (unless you splicing SQL yourself), you need to consider XSS filtering, which requires setting a global filtering method (the default input method is also based on global filtering parameters. ), the global filter method is not set by default

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325123959&siteId=291194637
Recommended
Ranking
2019 JD pen questions - Choir
Grafana installation & basic configuration
How to solve the high gas fee of Filecoin? The official attitude is bright!
Informatization development 59
Date,DateFormat,Calendar,
Introduction to MySQL - Understanding MySQL
win10 conexão de área de trabalho remota ubuntu20 (RDP)
52. Customize generics on methods
Detailed explanation of CAP, ACID, BASE theory and NWR practice strategy
UnknownHostException:XXX:Name or service not know
Daily
More
2024-08-01(0)
2024-07-31(0)
2024-07-30(0)
2024-07-29(0)
2024-07-28(0)
2024-07-27(0)
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)

Code World

© 2018 codetd.com