DEV Community

Cover image for Laravel 9 - use bindings in your raw queries
Sandro Jhuliano Cagara
Sandro Jhuliano Cagara

Posted on

1

Laravel 9 - use bindings in your raw queries

#laravel #programming #php #backend

You can pass an array of bindings to most raw query methods to avoid SQL injection.

This is vulnerable to SQL injection

$fullname = request('full_name');

User::whereRaw("CONCAT(first_name, last_name) = $fullName")->get();
Enter fullscreen mode Exit fullscreen mode

Use bindings

User::whereRaw("CONCAT(first_name, last_name) = ?", [request('full_name')])->get();
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

profile
Coherence
 Promoted

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Read next

mikeyoung44 profile image

AI System Fills Missing Parts in Casual Photos to Create Complete 3D Scenes

Mike Young -

mikeyoung44 profile image

New AI System Can Detect and Explain Deepfake Voices with 90% Accuracy

Mike Young -

cloudnative_eng profile image

UV Package Manager: Better Python Dependency Management

Cloud Native Engineer -

mikeyoung44 profile image

Study: Medium-Sized AI Models Match Larger Ones for Multi-Language Translation When Properly Prompted

Mike Young -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay