Level 3
You don't pass any data you could get from an user and laravel have a protection against injection. Noway this whereRaw cause an sql injection.
Aug 28, 2017
1
Level 20
Raw query eloquent
I have two time columns on a table, timeFrom and timeTo, and I am trying to get all rows where current time is between timeFrom and timeTo using this query which is working
$query->whereRaw('curtime() between timeFrom and timeTo');
I was wondering if there is a better way not using whereRaw on query because of sql injection!
Please or to participate in this conversation.