🔥 Laravel Tip: Careful using user input as column names
May 10, 2022
If you need to use user input in your columns, remember to whitelist specific column names.
If you allow any input, your query is vulnerable to SQL injection.
Column names can not be `escaped` like values, so you have to check them while building your query.
Please ignore the unchecked "filter_value". The screenshot was already too big 😅
If you allow any input, your query is vulnerable to SQL injection.
Column names can not be `escaped` like values, so you have to check them while building your query.
Please ignore the unchecked "filter_value". The screenshot was already too big 😅
Other tips:
🔥 Laravel Tip: The upsert method
May 2, 2022
🔥 Small tip: foreach + range
Oct 15, 2022
🔥 Laravel Tip: Merging eloquent collections
Sep 9, 2022