TechQA.

Zend db (postgres) - avoid sql injection

169 views Asked by At

In MySQL, we may use myql_escape_string. By using Zend DB adapter, what is the equiavalent function for Postgres db?

for example:

  $sql = 'INSERT INTO "TableA" 
          (name, address) VALUES (?,?)';

    $statement = $db->createStatement($sql);
    $statement ->prepare();
    $statement ->execute(array($val1 , $val2));

What is the function providing from Zend to escape string from the input value? Or I should use PHP like:

$statement ->execute(array(pg_escape_string($val1) , pg_escape_string($val2));

to each input value?

php sql postgresql zend-db
Original Q&A
0

There are 0 answers

Related Questions in PHP

Related Questions in SQL

Related Questions in POSTGRESQL

Related Questions in ZEND-DB

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions