Menu
I have the following query:
DB::select("SELECT * FROM mod_dns_records WHERE (scheduled = 'N' AND scheduleTime = 0 AND domainId = {$id}) OR (deleteRow = 'Y' AND domainId = {$id})");
However, this is not safe against SQL injection. Could someone help me to make this safe, or tell me how to rebuild this with the ORM.
Thanks!
572
This would be the query as you had it
$result = DB::table('mod_dns_records')
->where('scheduled', 'N')
->where('scheduleTime', 0)
->where('domainId', $id)
->orWhere('deleteRow', 'Y')
->where('domainId', $id)
->get();
However I noticed it can be optimized a bit since the domainId condition exists in both groups:
$result = DB::table('mod_dns_records')
->where('domainId', $id)
->where(function($q){
$q->where('scheduled', 'N');
$q->where('scheduleTime', 0);
$q->orWhere('deleteRow', 'Y');
})
->get();
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
