laravel how to properly esacpe inet_aton insertion?
Question
so for example to save user ip into db:
$ip = Request::getClientIp();
...
$post->user_ip = DB::raw("inet_aton('$ip')");
$post->save()
I don't really like this code how to properly escape the $ip variable?
Edit: I am looking for a way of binding the variable instead of directly using him like:
DB::insert('insert into users (ip) values (?)', [$ip]);
to protect from sql injection
1 answers
solution1
2 ACCPTED 2017-07-02 12:20:00
From Laravel docs :
You may also access the raw, underlying PDO instance using the getPdo method on a connection instance:
$pdo = DB::connection()->getPdo();
So, in your case:
$ip = Request::getClientIp();
$ip = DB::connection()->getPdo()->quote($ip); // the escaping part
$post->user_ip = DB::raw("inet_aton($ip)");
$post->save();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
How to Save IP address By INET_ATON in CakePHP 2.x?
INET_ATON() and INET_NTOA() in PHP?
How do i check if a php variable($stat_ip) containing an ip address(inet_aton) lies in the range of two ip's(inet_aton format)
how to check if a php variable containing an ip address, lies in the range of two ip addresses in inet_aton format
How to do wildcard search for IP addresses using INET_ATON in MySQL?
Invalid query, syntax to use near 'INET_ATON ('IP')'
PHP MySQL: INET_ATON does not save data?
INET_ATON in where statement doctrine2 querybuilder zend2
Is ip2long() in PHP equal to INET_ATON() function in MySQL?
PHP PDO usage with MySQL BETWEEN and INET_ATON()
Related Tags