Yii Framework Forum: findByAttributes and SQL Injections - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

findByAttributes and SQL Injections Rate Topic: -----

#1 User is offline   jvc 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 5
  • Joined: 15-June 10

Posted 25 June 2010 - 09:47 AM

Hi,

i am wondering if it is safe to use:

$this->findByAttributes(array('var1' => $var1, 'var2' => $var2));


Are the parameters internally bound or do i have to use CDbCriteria to be safe of SQL Injections?

Thanks in advance.
0

#2 User is offline   Mike 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 3,013
  • Joined: 06-October 08
  • Location:Upper Palatinate

Posted 25 June 2010 - 10:08 AM

Short answer: It's safe, they are bound.
1

#3 User is offline   jvc 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 5
  • Joined: 15-June 10

Posted 25 June 2010 - 10:11 AM

Thanks!
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users