Laravel SelectRaw vs DB:Raw

database laravel laravel-5 sql-injection
12,278

As per Laravel's documentation:

Note: The Laravel query builder uses PDO parameter binding to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.

Share:
12,278
vijaykumar
Author by

vijaykumar

Hi, I’m Vijay kumar Reddy. I’m a web developer living in Bengaluru, India. I am a fan of technology, web development, and programming. I’m also interested in movies and swimming.

Updated on June 04, 2022

Comments

  • vijaykumar
    vijaykumar almost 2 years

    First:

     DB::table('someTable')
->selectRaw('count(*), min(some_field) as someMin, max(another_field) as someMax')
->get();

    Second:

    DB::table('someTable')->select(
array(
        DB::raw('min(some_field) as someMin'),
        DB::raw('max(another_field) as someMax'),
        DB::raw('COUNT(*) as `count`')
    )
)->get()

    The above two query result is same , but my question is there any possible security issues(SQL injections) with these two queries if i use user inputs directly in where conditions.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

"Array to string conversion" errorr Laravel - Trying to save array to database
How to extract all rows which is duplicates in laravel?
Laravel how to get current Time and Date value
Save data into database in Laravel 5
Database not configured laravel during migration
Laravel 5 How to configure the Queue database driver to connect to a non-default database?
Laravel Queue, Beanstalkd vs Database, what are the differences?
Call to undefined method Illuminate\Database\Eloquent\Relations\BelongsTo::type()
Laravel how to save HTML to database and then retrieve it
Laravel 5 SQLSTATE[42S22]: Column not found: 1054 Unknown column 'user_id' in 'field list'