Demos · Guide · Class Reference · Wiki · Extensions · Live Chat

Yii Framework Forum: findByAttributes and SQL Injections - Yii Framework Forum

Jump to content

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

findByAttributes and SQL Injections Rate Topic:

#1 jvc

Newbie

Group: Members
Posts: 5
Joined: 15-June 10

Posted 25 June 2010 - 09:47 AM

Hi,

i am wondering if it is safe to use:

$this->findByAttributes(array('var1' => $var1, 'var2' => $var2));

Are the parameters internally bound or do i have to use CDbCriteria to be safe of SQL Injections?

Thanks in advance.

0

Back to top of the page up there ^

#2 Mike

Elite Member

Group: Members
Posts: 2,993
Joined: 06-October 08
Location:Upper Palatinate

Posted 25 June 2010 - 10:08 AM

Short answer: It's safe, they are bound.

1

Back to top of the page up there ^

#3 jvc

Newbie

Group: Members
Posts: 5
Joined: 15-June 10

Posted 25 June 2010 - 10:11 AM

Thanks!

0

Back to top of the page up there ^

Share this topic:

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

Time Now: May 24 2013 02:56 AM

Community Forum Software by IP.Board