Stopping Laravel SQL Injection with sole()

Published by on

While parameterized queries are the preferred method, sole() adds an extra layer of protection when using raw queries, especially when only one record should match.

Read more

Categories: PHP
Tags:

Related Posts

PHP

#[RouteParameter] Does Not Bind Your Model

Michael Dyrynda explains a subtle Laravel gotcha: #[RouteParameter] only reads the current route parameter value, it does not perform implicit model binding. Good reminder that the controller signature still matters when you expect a bound Read more…

PHP

Prompt-Injection Guardrails in Laravel: Defend the Tools, Not the Prompt

You can’t out-prompt an attacker — to the model, your system instructions and a malicious support ticket are the same text. So stop defending the prompt and lock down the boundaries you actually control: tools Read more…

PHP

More time to think

Matthias writes that AI has shifted more of software development from typing to thinking, reviewing, and iterating. Nice reflection on how agentic coding, parallel worktrees, and voice dictation can slow individual features down while still Read more…