Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?
Sign Up

Browse
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
- More
Activity
- All Activity
- Search
- More
Join our Discord!
More
- More

Applications

Do Joomla's "insertObject()" & "updateObject()" prevent injection?

By tqla
December 12, 2010 in Applications

Start new topic

Recommended Posts

Advanced Member

tqla

Posted December 12, 2010

- Share

Posted December 12, 2010

Hello,

Do Joomla's "insertObject()" and updateObject() functions also prevent injection attacks?

Or, do I still need to incorporate "mysql_real_escape_string()"?

I can't find any mention of this in Joomla documentation.

:confused:

Working Example of insertObject():

$data =new stdClass();
$data->UserID = $UserID;
$data->Address1 = $_POST['Address1'];
$data->Address2 = $_POST['Address2'];
$data->City = $_POST['City'];
$data->State = $_POST['State'];
$data->Zip = $_POST['Zip'];
$data->Country = $_POST['Country'];

$db =& JFactory::getDBO();
$db->insertObject('#__my_table', $data, UserID);

Link to comment

https://forums.phpfreaks.com/topic/221356-do-joomlas-insertobject-updateobject-prevent-injection/

Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

×

Browse
- Back
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
Activity
- Back
- All Activity
- Search
Join our Discord!

×

Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.