Is it mandatory to use the function DB::raw
when you are running a query and you are not using the fluent query builder in Laravel?
eg
$result = DB::select("SELECT * FROM users");
$result2 = DB::select(DB::raw("SELECT * FROM users"));
I get the same result in both cases. So why is it necessary to use DB::raw
?
DB::raw()
is used to make arbitrary SQL commands which aren't parsed any further by the query builder. They therefore can create a vector for attack via SQL injection.
Check this ref. link, with more details: http://fideloper.com/laravel-raw-queries
Example of DB::raw
and DB::select
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.