这里至少把\也替换了 - Githubissues

deepziyu / yii2-swoole

full solutions making yii2-framework run on swoole with coroutine.

BSD 3-Clause "New" or "Revised" License

87 stars 16 forks source link

这里至少把\也替换了 #6

Closed gouchaoer closed 6 years ago

gouchaoer commented 6 years ago

https://github.com/deepziyu/yii2-swoole/blob/5cb8162a35d5a34b5b2bd447b875e4943a464c8a/db/MysqlPoolPdo.php#L188

https://stackoverflow.com/questions/11597025/is-this-use-of-str-replace-sufficient-to-prevent-sql-injection-attacks

deepziyu commented 6 years ago

这个不打算修复了，等 mysql::prepare 出来。 Rango-韩天峰 2017/11/14 12:21:08 下个版本增加 channel，mysql prepare，user coroutinr

deepziyu commented 6 years ago

已经修复，fix it