guncebektas / lenkorm

A simple and smart SQL query builder for PDO
13 stars 3 forks source link

XSS/sql injection attack #6

Open bonezy76 opened 8 years ago

bonezy76 commented 8 years ago

please can this class handle issue of xss attack and sql injection ?

matthewkooshad commented 7 years ago

for sql injection, it seems when writing a where clause, you need to do as such: where('slide_id = '.security($_GET['slide_id'])); the class uses the security function for you; take a look to see the usage.