Level 75
https://www.owasp.org/index.php/OWASP_PHP_Security_Project
And good validation and data sanitizing.
Jul 15, 2017
3
Level 3
Sql injection and other malicious things
Laravel uses PDO to prevent sql injection, right? And, you can use {{ $data }} to escape html data. Are there any other subjects I might consider for validating user input/output, like following package maybe:
https://github.com/mewebstudio/Purifier
Thanks
Level 122
Strictly speaking, Laravel uses prepared statements to prevent sql injection - implemented with PDO. PDO itself does not stop you from passing user data directly in a sql statement.
And make sure you understand CSRF
Level 3
Please or to participate in this conversation.