Support the ongoing development of Laravel.io →
dgowda6
posted 9 years ago
Configuration Security Database
Last updated 2 years ago.
0
ferasallaou
replied 9 years ago

if you are not using raw queries such as

DB::raw()

you don't have to worry, if you are using something like

DB::table()->insert();

then you are safe :)

0
dgowda6
replied 9 years ago

Thanks FerasAllaou,

I never came across raw() and I was implementing the backend connectivity through Eloquent. Could be briefly explain the disadvantages of such methods, also mention if many are so. Also conclude that through Laravel 5.1 can I achieve the secured web application.

0
ferasallaou
replied 9 years ago

using Eloquent is safe because Laravel does everything regarding the security, also in each Eloquent you can define the columns which could be edited and the ones which are not editable

protected $fillable = [
// editable columns goes here
];

otherwise if the column name is not listed, there is no way to insert data to it from the userside, it should be data from the system which you define it yourself ;)

0

Sign in to participate in this thread!

Eventy

Your banner here too?

dgowda6 dgowda6 Joined 29 Jun 2015

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise