Does it secure already or i must use htmspecialchars on $id = $httpRequest->getQuery('id'); for example? Like
htmlspecialchars($httpRequest->getQuery('id')) ;
I will pass get and POST variables into db queries.
I'm using pdo prepare. This is my question.. Its already everything secure to be passed in db or not?
Does it secure already or i must use htmspecialchars on $id = $httpRequest->getQuery('id'); for example? Like
htmlspecialchars($httpRequest->getQuery('id')) ;
I will pass get and POST variables into db queries.
I'm using pdo prepare. This is my question.. Its already everything secure to be passed in db or not?