Quantcast
Channel: preparated statements with mongodb - Stack Overflow
Browsing latest articles
Browse All 3 View Live

Answer by Andy for preparated statements with mongodb

No, you can't do it with prepared statements because Mongo does not support them.As an alternative, the PHP manual says this:If you are passing $_GET (or $_POST) parameters to your queries, make sure...

View Article


Answer by Nico Haase for preparated statements with mongodb

Why is that a security hole? According to https://derickrethans.nl/mongodb-type-juggling.html, you're fine - there is no SQL query involved that might be vulnerable to the same kind of injection you've...

View Article


preparated statements with mongodb

Look at this very basic php code:<?php$mng = new MongoDB\Driver\Manager("mongodb://localhost:27017");$query = new MongoDB\Driver\Query(['login' => $_GET['login'], 'pwd' => $_GET['pwd']]);$rows...

View Article
Browsing latest articles
Browse All 3 View Live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>