Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Petr Fronin2016-03-15 18:52:53
Yii
Petr Fronin, 2016-03-15 18:52:53

Yii2 how to escape data written to the database?

Example:

$message = new Messages();
$message->message = $this->message;
$message->save()

$this->message; - data entered by the user

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
D
Dmitry Bay, 2016-03-15
@amar_std

1) When writing data to the database using AR , the lines are escaped. Those. you won't have sql injection there.
You can clear tags in two ways:
1) when displayed in a view, for example:
2) Clear using Htmlpurify, in the beforeSave method, for example:

$this->content = HtmlPurifier::process($this->content) ;

Report
D
Dmitry Voronkov, 2016-03-15
@DmitryVoronkov

Do whatever you want with the data, with the help of validators (I just didn't understand what you meant by "escaping").

Report
A
Alexander Makarov, 2016-03-15
@SamDark

No way. Use parameters (prepared statements).

Similar questions
R
Roma2017-11-24 10:39:49
PTR records on ipv6 hetzner? 3Reply
A
AlexAll2021-05-01 20:47:28
How to format date in Unix in ModelSearch yii2? 0Reply
L
LittleFatNinja2017-06-03 00:30:07
How to set up a validator for the uniqueness of a pair in Yii2 (for example, first name + last name)? 1Reply
E
EVOSandru62015-06-23 09:01:50
Why doesn't the model find the table? 1Reply
M
Main2017-06-04 12:09:20
How to properly display the path to the video from the database? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question