Look at this very basic php code:
<?php$mng = new MongoDB\Driver\Manager("mongodb://localhost:27017");$query = new MongoDB\Driver\Query(['login' => $_GET['login'], 'pwd' => $_GET['pwd']]);$rows = $mng->executeQuery("ma_bdd.utilisateurs", $query);foreach ($rows as $row){ echo $row->login."\n";}?>This code is just trying to authenticate a user.But, has you can see, there is a security hole: It is possible to inject operators in $_GET values.
Is there a way to work with preparated statements like i used to do with pdo for mysql ?
Thanks