Skip to content

Y
yii2
Commit d05a373b by Alexander Makarov
Options

Merge pull request #6519 from pana1990/patch-1

fix mistake small [skip ci]
parents 996856c0 0f0d9020
Showing with 1 addition and 1 deletion
docs/guide/security-best-practices.md
...@@ -56,7 +56,7 @@ SELECT * FROM user WHERE username = ''; DROP TABLE user; --' ...@@ -56,7 +56,7 @@ SELECT * FROM user WHERE username = ''; DROP TABLE user; --'
This is valid query that will search for users with empty username and then will drop `user` table most probably This is valid query that will search for users with empty username and then will drop `user` table most probably
resulting in broken website and data loss (you've set up regular backups, right?). resulting in broken website and data loss (you've set up regular backups, right?).
In Yii most of database querying happens via [Active Record](db-active-record.md) which properly uses PDO perpared In Yii most of database querying happens via [Active Record](db-active-record.md) which properly uses PDO prepared
statements internally. In case of prepared statements it's not possible to manipulate query as was demonstrated above. statements internally. In case of prepared statements it's not possible to manipulate query as was demonstrated above.
Still, sometimes you need [raw queries](db-dao.md) or [query builder](db-query-builder.md). In this case you should use Still, sometimes you need [raw queries](db-dao.md) or [query builder](db-query-builder.md). In this case you should use
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment