Kaustubh
2 years ago

Sql Injection

Posted 2 years ago by Kaustubh

View

<div class="panel-body">
    @foreach($pageLi as $li)
        <a href="{{ url('/userlogin',array($li->p_id)) }}">{{ $li->p_name }}</a>
    @endforeach
</div>

Url

http://localhost/test/public/userlogin/3

Route

Route::get('/userlogin/{id}',['uses' => '[email protected]', 'as' => 'login.get']);

Controller

public function userlogin($id)
{
    $Task = App\Task::where('userid',$id)->first();
    return view('task', ['task'=>$task]);
}

is there any way to prevent sql injection from url and should i use anchortag in form & {{ csrf_field() }}

Please sign in or create an account to participate in this conversation.