Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Sharomet2015-07-30 13:40:20
PHP
Alexander Sharomet, 2015-07-30 13:40:20

Can such a record protect against sql injections and other PDO evil spirits?

Hello.
Recently I started to study PDO and found such information that in such a record it is unnecessary to shield the POST request from all evil spirits and injections. Is this true?

$sth=$this->db->prepare("SELECT id FROM users WHERE login=:login AND password=MD5(:password)");
$sth->execute(array(
  ':login'=>$_POST['login'],
  ':password'=>$_POST['password']
));

In this example, I don't check post login, is that correct?
Thank you!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey Ivanov, 2015-07-30
@sharomet

PDO does everything for you . This has already happened.

Similar questions
S
sabanovvv2014-04-27 17:27:52
How to create a traffic situation constructor? 4Reply
S
Steve2022-01-20 23:47:23
How to hide the real path to css? 3Reply
D
Danil Tunev2018-11-22 04:48:49
How to see assembler input parameters? 4Reply
P
Pavel2014-05-18 14:34:20
How to set up Chrome DevTools Autosave on windows? 4Reply
A
Albert Zurabyan2016-06-24 14:55:21
How to hide some object ids from a site from a SQL query? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question