Is the eloquent provided by the Laraver framework safe to use?

the puzzling point is what supports the security of eloquent. For example, we can use preprocessing commands to insert some information into the database, but I don"t find preprocessing statement commands in eloquent

.
Jul.06,2021

call toSql () or use Laravel debugger


laravel to print sql running records


whether it's safe or not is also related to you, you need to use model + where (array form) to be safe. It may not be safe for you to write native sql + where strings in it.


eloquent is encapsulated on the PDO extension ORM, preprocessing is done by Pdo_mysql

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1b33011-40e9f.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1b33011-40e9f.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?