prepared statements |
(05-25-2020, 09:07 AM)kilishan Wrote: Can you provide a stack trace or the line number in Query that it happens? Thank you so much for spending the time to help me. So, I have started manually escaping the input, but now that you shared this with me I am now only escaping the the queries that are not made using query builder. And when i need to get data from database to show to user i just use htmlspecialchars() to be able to display quotes and tags. As for the error, here is the line 481 $escapedValue = $binds[$c][1] ? $this->db->escape($binds[$c][0]) : $binds[$c][0]; PHP Code: protected function matchSimpleBinds(string $sql, array $binds, int $bindCount, int $ml): string at lunch time I will remake everything to reproduce the error and get you a stack trace. thank you for your answer, I am now applying changes accordingly. |
Messages In This Thread |
prepared statements - by joseCarlos - 05-19-2020, 03:57 AM
RE: prepared statements - by joseCarlos - 05-25-2020, 02:07 AM
RE: prepared statements - by kilishan - 05-25-2020, 09:07 AM
RE: prepared statements - by joseCarlos - 05-26-2020, 01:44 AM
RE: prepared statements - by joseCarlos - 05-26-2020, 04:24 AM
|