Using prepared statements via the fetchAll method with Sanitize::clean
is the way to go
HTH
Tarique
On Fri, Aug 31, 2012 at 1:44 AM, Mariano C. <mariano.calandra@gmail.com> wrote:
> I have a really complex query, so much table (and... so much nested model).
> I feel more comfortable, using raw SQL query rather than cakePHP query
> syntax.
> As far as I know, I should prefear cake syntax, cause it is almost immune to
> attack.
>
> There's a way to join the security of cake approach with the practicalness
> of raw SQL approach?
>
> --
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to cake-php@googlegroups.com.
> To unsubscribe from this group, send email to
> cake-php+unsubscribe@googlegroups.com.
> Visit this group at http://groups.google.com/group/cake-php?hl=en-US.
>
>
--
=============================================================
PHP for E-Biz: http://sanisoft.com
=============================================================
--
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en-US.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment