• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Tutsplanet

Tutsplanet

Free Technical and Blogging Resources

  • Home
  • Web Hosting
  • Programming
  • Plugins
  • Twitter Trends
  • Tools
  • About Us

Programming TagsLaravel

Raw Queries in Laravel

Jun 1, 2022 Editorial Staff 1 Comment

Share
Tweet
Share
1 Shares

Eloquent is the answer for all kinds of database operations in Laravel. As a matter of fact, which is a great solution for interacting with databases. But if we have complicated business logic/ complex MySQL queries, oftentimes we need to write raw queries in Laravel.

A key concern about the usage of raw queries in Laravel is SQL injection. In the first place, we have Laravel’s query builder to protect us from harmful minds. But if we intentionally opened the door for malicious hands, Laravel has nothing to do.

For example, consider the below query

$yourVar = Input::get("some_variable_from_a_form");

$results = DB::select( DB::raw("SELECT * FROM your_table WHERE your_col = '$yourVar'") );

In the above query, we directly input the form value into our query without sanitizing. This is a dangerous practice and should avoid by all means.

Although this may work, you should use the Laravel way as shown in the below example. In this case, bindings are the perfect tool to avoid SQL injection.

$yourVar = Input::get("some_variable_from_a_form");

$results = DB::select( DB::raw("SELECT * FROM your_table WHERE your_col = :yourVar"), array(
   'yourVar' => $yourVar,
 ));

Before we finish the article, I have to remind you something.

Do not use the select method if your query is performing some execution that does not return results. For example, altering a column of a table. Use the statement method to perform a query execution.

DB::statement( 'ALTER TABLE your_Table CHANGE `data` `data` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL' );

Hope it was an informative article, don’t hesitate to share it with your peers.


Editorial Staff

Editorial Staff at Tutsplanet is a dedicated team to write various tutorials about subjects like Programming, Technology and Operating Systems.

View all posts by Editorial Staff

Reader Interactions

Comments

  1. barfin akraye says

    Jun 2, 2022 at 6:55 am

    nice

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Quick Links

  • Top 21 Website Ideas To Make Money Online in 2021
  • A Simple YouTube Video Downloader Script in PHP
  • The 50 Most Useful jQuery Plugins for Frontend Development
  • Replace “\n” with new line characters, using Notepad++
  • Using Third-Party Libraries in Codeigniter
  • Upload Multiple Images and Store in Database using PHP and MySQL.
  • Hierarchical Tree view Category Example in Laravel
  • Laravel Image Intervention Tutorial With Example
  • How to import sql file in MySQL database using PHP?
  • Free VAT Calculator Online

Subscribe

* indicates required



Search Here

Share

   



Hot topics

  • Replace “\n” with new line characters, using Notepad++ 38 views
  • How to enter new line in Microsoft Teams? 34 views
  • Simple PHP Shopping Cart 18 views
  • Add FTP/SFTP in Visual Studio Code 15 views
  • Open a URL in a new tab using JavaScript 14 views
  • Laravel: Download files to storage from SFTP 12 views
  • Solution: windows photo viewer opens each time save a pic file 12 views
  • A Simple YouTube Video Downloader Script in PHP 11 views
  • Laravel Eloquent Select Column as Alias 11 views
  • How to Create PDF File From HTML Form Using Fpdf? 9 views

Categories

  • Design & Development
  • Drupal
  • Facebook
  • General
  • How To
  • ios
  • Javascript
  • Linux
  • Magento
  • Marketing
  • News
  • PHP
  • Plugins
  • Programming
  • Snippets List
  • Social Media
  • Softwares
  • Themes
  • Tips
  • Wordpress
  • YouTube























Copyright © 2023 · Planet on Genesis Framework · Powered By BunnyCDN . Network wallpapernoon.com