The Propel ORM documentation mentions a neat import / export function using functions such as fromArray and fromJSON, which should allow something like this:
$foo = new Widget(); $foo->fromArray($_POST); $foo->save(); /* Aaand you're done! */
... but the documentation does not mention that using this method should be safe, i.e. if fromArray can handle untrusted input. My guess would be that everything is fine - the default installers are injectable, and the whole deal is based on PDO, but I would like to be sure.
Propel PDO , PDO, , SQL Injection ( ).
, PDO SQL Injection, .
, , , Propel PDO SQL Injection.
Propel , , fromArray(), $_POST . .
fromArray()
$_POST
, , .
https://fooobar.com/questions/1118279/android-translate-imageview-over-surfaceview
https://fooobar.com/questions/1118280/index.html