Tuesday, November 11, 2014

How do you protect your site from sql injection in zend when using select query?

You have to quote the strings,

$this->getAdapter ()->quote ( );

$select->where ( " = ", );

OR (If you are using the question mark after equal to sign)

$select->where ( " = ? ", );

No comments:

Post a Comment