Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Sharomet2015-07-30 13:40:20
PHP
Alexander Sharomet, 2015-07-30 13:40:20

Can such a record protect against sql injections and other PDO evil spirits?

Hello.
Recently I started to study PDO and found such information that in such a record it is unnecessary to shield the POST request from all evil spirits and injections. Is this true?

$sth=$this->db->prepare("SELECT id FROM users WHERE login=:login AND password=MD5(:password)");
$sth->execute(array(
  ':login'=>$_POST['login'],
  ':password'=>$_POST['password']
));

In this example, I don't check post login, is that correct?
Thank you!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey Ivanov, 2015-07-30
@sharomet

PDO does everything for you . This has already happened.

Similar questions
S
StayAtHome2015-04-01 12:24:02
How to distinguish a web request from a regular page from a request from the extension itself from a Chrome/Opera extension? 4Reply
S
Sergey Kulandin2015-04-20 12:45:33
Is crossfire radeon 7850+7870 stable? 3Reply
S
Sergey2015-05-13 21:19:17
How and how to split a webm file into several working parts in linux? 2Reply
A
Alexey Segodin2021-04-14 14:18:26
How to make an SSL certificate for a server that does not yet use a domain? 4Reply
R
roadpecker2019-10-13 12:31:42
Is the knowledge of mathematics and physics of 11th grade enough to understand the book "The Art of Circuitry"? 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question