Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Entries::orderBy('id','desc)->where('user_id',Auth::id())->paginate(4); some times this query send what sign after user_id. below
select * from pass_entries where user_id = ? order by id desc limit 4 offset 0
why it is add what sign after 'user_id'= ? & and when? Please help
—Thanks
The ? is a placeholder; whenever you bind data in a Query, it will be parameterized (which helps save you from SQL injection vulnerabilities). Take a look at the PDO docs to understand what is happening.
What is the actual problem you are experiencing?
I'm getting much more queries from the application with this ' ? ' in column value field. this makes the db server unstable and cpu load goes very high. for example: select * from users where mobile = ? limit 1
Is this my application issue or i'm getting unwanted traffic?
You are misinterpreting the information you are seeing @jarjis - the database does not get a ?
@tykus database is getting this exact request "select * from users where mobile = ? limit 1", I found this on mysql show processlist;
The database is getting this exact request "select * from users where mobile = ? limit 1", I found this on mysql show processlist;
@tykus database is getting this exact request "select * from users where mobile = ? limit 1", I found this on mysql show processlist;
The database is getting this exact request "select * from users where mobile = ? limit 1", I found this on mysql show processlist;
@jarjis The following example may help you to understand how MySqli and PDO fetch data.
MySQLi
$stmt = $mysqli->prepare("SELECT id, name, age FROM myTable WHERE name = ?");
$stmt->bind_param("s", $_POST['name']);
$stmt->execute();
$arr = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
if(!$arr) exit('No rows');
var_export($arr);
$stmt->close();
PDO
$stmt = $pdo->prepare("SELECT * FROM myTable WHERE id <= ?");
$stmt->execute([5]);
$arr = $stmt->fetchAll(PDO::FETCH_ASSOC);
if(!$arr) exit('No rows');
var_export($arr);
$stmt = null;
Read more: https://websitebeaver.com/php-pdo-vs-mysqli
@tisuchi sir, I'm getting much more queries from the application with this ' ? ' in column value field. this makes the db server unstable and cpu load goes very high. for example: select * from users where mobile = ? limit 1
Is this my application issue or i'm getting unwanted traffic?
@jarjis What I can suggest you inspect your query locally that it behaves as expected.
You just install Laravel Debugbar to inspect your app.
You usually don't see the value bound to the ? so that might be the reason.
Please or to participate in this conversation.