How to safely add records to mysql from laravel 5.4?

S

SvizzZzy2017-04-22 14:03:09

Laravel

SvizzZzy, 2017-04-22 14:03:09

Question for Laravel experts.
In particular, I'm interested in this one:

public function store(Request $request)
    {
 Model::create($request->all()); 
    }

Well, that is, everything that is in the POST request flies to the database, except that it passes through the protected $fillable to check the required fields and that's it.
Is it safe in terms of sql injection or is it better to use other options for adding data to tables in the database?
And then such code looks suspiciously like that, without checks, it’s too simple or something :)

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

J

JhaoDa, 2017-04-22
@SvizzZzy

Those. do you admit that the documentation shows potentially dangerous ways? Like, "what is it," right?
Short answer: yes, it's safe.
And I strongly advise you to read about PDO to understand the internal mechanisms of working with the database, because Laravel, surprisingly, uses it, and is generally written in PHP. And you, apparently, missed the stage of studying PHP ...