On Tuesday, 18 February 2014 14:53:09 UTC+1, Parsifal wrote: > > Thanks but as about 3. I tought it is doctrine related! Does doctrine > escape the passed value before inserting? Or this is my job to escape it > before passing to insert? >
To be precise: it is not a Doctrine ORM responsibility, but there are some minimal provisions in Doctrine DBAL (and PDO), as you can read in http://doctrine-dbal.readthedocs.org/en/latest/reference/security.html Please search more before asking. Thank you. Sorry, as said, no time anymore; won't answer anymore questions. Have a nice day. -- You received this message because you are subscribed to the Google Groups "doctrine-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/doctrine-user. For more options, visit https://groups.google.com/groups/opt_out.
