This topic is locked

Preventing SQL injection

8/25/2021 12:11:25 PM
PHPRunner General questions
smez author

According to:

...I should use DB::PrepareSQL when adding records using my own code (see point 11 in the blog post above).

If I use the Database API: Insert function e.g.:

$data = array();
$data["make"] = "Toyota";
$data["model"] = "RAV4";
$data["price"] = 16000;
DB::Insert("cars", $data );

...will this also protect my code from SQL injection?