Answers for "\PDO::ATTR_EMULATE_PREPARES => true Security issue"

PHP
0

\PDO::ATTR_EMULATE_PREPARES => true Security issue

The option

'options'   => [
                \PDO::ATTR_EMULATE_PREPARES => true
            ]
will resolve the issue, However, beside the security issues it generates, it also effect all select queries that you perform on the DB in the way that it force/convert every returned type from the DB to be string instead of the real type (integer/ float)

How does it effect you?

if you have a validation layer above the result of the query, you can't perform something like (

if (is_int($model->id))
) which will return 0 always, because it's string not an integer anymore.
Posted by: Guest on July-01-2021

Code answers related to "\PDO::ATTR_EMULATE_PREPARES => true Security issue"

Browse Popular Code Answers by Language