2 Posts
5 years ago
0
Topic
Hello!
I use a field "Search Query".
In SQL query I use constructs like: "$uri - >getValue ('url_variable')", i.e. I take values of attributes of their URL
Question:
Is there a danger of "SQL-Injection" in this case, maybe it has already been solved at the level of field logic? Is it necessary to provide something in the SQL query itself?
