How to fix query builder error sql injection in laravel 5.5.*

136 views Asked by At

I am using laravel 5.5. * And I'm testing with vega scanner and getting SQL injection error. How to fix this problem.?

this is the complete error specification

1

There are 1 answers

0
sromeu On

From my understanding, you are inserting directly in the database whatever comes from your request parameters, as the error says it is an "input validation error".

This is happening because you are not validating those inputs, in Laravel you can create validators, so that whenever you want to insert something, the values from the request are validated. If they are not validated, you can return a different response or prevent the controller from inserting data.

Here is the official documentation of Laravel, and it is really well explained. (I have browsed for your version, even though you can check the documentation for the latest version).

Hope I was able to help you.