On the CodeWall.co.uk site there's a new tutorial showing you how to use Eloquent outside of Laravel applications thanks to its "capsule" functionality. Eloquent is an ORM layer that's a part of the Laravel framework and makes it easier to work with records and sets of data from your database.
OWASP (Open Web Application Security Project) is a project that notes down the current threats to a web application. And I have been researching on their site and I have found this similarity in their 2010, 2013 and 2017 report that, SQL Injection or any other type of Injection is number 1 on this list, every time.
And that’s a part to worry.
This can cause you to get out of business, so this is pretty serious and your organisation should take care of the this issues and prevent yourself from it.
The tutorial starts with a brief introduction of what SQL injection is including some example SQL to show how the injection happens. It then covers how to prevent this issue with base PHP code (no framework or package) using prepared statements and bound parameters. Eloquent takes care of this for you and provides a lot of other handy features. The article goes on to show:
- how to install the Eloquent packages with Composer
- the code to create the "capsule" that's used as a bridge into the Eloquent code
- the creation of migrations for two tables: users and posts
- how to make models for these two tables
The post wraps up with a look at using these models to create a new
post record using the ORM interface rather than manual SQL statements.