Menu
I'm using Yii 2 and about to starting working with databases for the first time within it and was wondering if Yii 2 had something else you should use to prepare data for the database such as the standard mysqli_real_escape_string function or should I just use that?
I'm not using prepared statements, I'm accessing the database via their database access objects and wondering how I go about escaping the data I pass to it?
I found the quoteValue method but it's included within what Yii calls Connection represents a connection to a database via PDO. so I wasn't sure if it was the right method to use?
846
As you said, you should use quoteValue.
If your dao component name is db, then you should simply try :
$quoteValue = \Yii::$app->db->quoteValue($value);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
