Reputation: 7788
Accessing parameters in Request
I have a question about obtaining parameters from Request object.
What is the difference between
$name = $request->name;
OR
$name = $request->input("name");
They show the same behavior. I am asking that from the typing perspective, it is faster to utilize #1 method. But I don't know the difference. Is #1 prone to SQL injections?
Upvotes: 0
Views: 142
Answers (1)
Reputation: 196
Basically, the first case is just a syntactic sugar for the second. In Laravel, Request implements __get magic function to access its internal properties.
public function all()
{
return array_replace_recursive($this->input(), $this->allFiles());
}
public function __get($key)
{
$all = $this->all();
if (array_key_exists($key, $all)) {
return $all[$key];
} else {
return $this->route($key);
}
}
In the first case, if any files were uploaded, Laravel first looks for a property amongst them. And if there is no such param in files or in input, in your first snippet, Laravel also looks for a value amongst route parameters:
To protect your code against SQL injections, you have to use prepared statements/query builder/ORM. You should not escape/change input, so both these functions don't protect you against SQL injections.
Upvotes: 2
Related Questions
- How to retrieve a url parameter from request in Laravel 5?
- laravel - get parameters from http request
- How to pass Request object from route in Laravel?
- How to get particular value from the $request object in Laravel?
- How to pass parameter using laravel's Request?
- Pass multiple values of a HTTP request parameter
- Laravel 5 get only GET or POST params from request
- How to get parameter in laravel 5.3?
- Laravel Request doesn't have parameters
- How can I access query string parameters for requests I've manually dispatched in Laravel 4?