那些遇到过的问题

小编Dom*_*ogh的帖子

如何在 Laravel 中保护此 sql 查询免于 SQL 注入?

我正在尝试在 Laravel 中创建restAPI。如何保护这样的 SQL 查询免受 sql 注入的影响?

Route::get('api/restaurant/id/{id}', 'RestaurantController@getRestaurantById');

public function getRestaurantById($id) {
        $restaurant = Restaurant::where('id', $id)->first();

        return $restaurant;
    }
Run Code Online (Sandbox Code Playgroud)

php mysql sql sql-injection laravel

Dom*_*ogh
2020 10-21
4
推荐指数
1
解决办法
1万
查看次数

为什么我不能运行 Npm run dev?

伙计们,你们能帮我解决这个问题吗?我在为我的 Laravel Mix运行npm run dev 时遇到了问题。我按照下面的链接,但仍然存在错误。我的操作系统有问题吗?我试图删除 node_modules,运行 npm install --global cross-env。并再次运行 NPM 安装。

'cross-env' 不被识别为内部或外部命令,

https://github.com/JeffreyWay/laravel-mix/issues/478

我运行时总是遇到错误npm run dev

npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! @ development: `cross-env NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the @ development script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this …
Run Code Online (Sandbox Code Playgroud)

npm npm-install laravel-mix

Dom*_*ogh
2020 02-27
3
推荐指数
3
解决办法
9542
查看次数

是否从sql注入保护此查询?

我想知道此sql查询是否从sql注入中得到保护,并且确定是否可以,或者我应该修改某些内容。

我试图从GET绑定ID,然后,如果一切正常,则使用该ID的实际查询。

if(isset($_GET['id']) && $_GET['id'] != null) {
  $id = $_GET['id'];

  $stmt = $mysqli->prepare('SELECT id FROM maps WHERE id = ?');
  $stmt->bind_param('i', $id);

  $stmt->execute();

  $result = $stmt->get_result();

  if (mysqli_num_rows($result) == 1)    {
    $row = $result->fetch_assoc();
      $secid = $row["id"];
  } else {
      header("LOCATION: index.php");
  }

  $sql = "SELECT 
  maps.id,
  maps.name,
  maps.description,
  maps.date,
  maps.mcversion,
  maps.mapid,
  maps.category,
  maps.format,
  maps.userid,
  users.username,
  users.rank,
  users.verified,
  users.mc_username,
  (SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
  (SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads, …
Run Code Online (Sandbox Code Playgroud)

php mysql sql sql-injection

Dom*_*ogh
lucky-day
1
推荐指数
1
解决办法
55
查看次数

当涉及数千行时,如何优化此mysql查询以使其更快?

我刚启动我的网站,但在5天后变慢,加载网站花费了将近30秒,因为mysql数据库变得越来越大,并增加了50-60k行。

我已经搜寻了数小时的解决方案,但没有找到可以实现以优化查询的任何方法。

$idstack = $_SESSION['ids'];
      $stmt = $mysqli->prepare("SELECT 
      maps.id,
      maps.name,
      maps.date,
      maps.mcversion,
      maps.mapid,
      maps.description,
      maps.java,
      maps.bedrock,
      maps.schematic,
      users.username,
      users.rank,
      users.verified,
      (SELECT COUNT(*) FROM likes WHERE likes.mapid = maps.id) AS likes,
      (SELECT COUNT(*) FROM downloads WHERE downloads.mapid = maps.id) AS downloads,
      (SELECT COUNT(*) FROM views WHERE views.mapid = maps.id) AS views
      FROM maps
      INNER JOIN users 
      ON maps.userid = users.id
      WHERE maps.id NOT IN ( '" . implode( "', '" , (array)$idstack ) . "' ) ORDER BY RAND() DESC LIMIT …
Run Code Online (Sandbox Code Playgroud)

php mysql sql

Dom*_*ogh
2019 09-04
-2
推荐指数
1
解决办法
58
查看次数

标签 统计

mysql ×3

php ×3

sql ×3

sql-injection ×2

laravel ×1

laravel-mix ×1

npm ×1

npm-install ×1