I am using Laravel 5.3 PHP framework and I need additional guidance on how to create a database using DB::statement method, I can do it simply like this, but I'm aware of SQL injection possibility:
DB::statement('CREATE DATABASE new_database_name');
However I want to do something like this:
DB::statement('CREATE DATABASE :db_name', ['db_name' => 'new_database_name']);
I'm not sure why the second example doesnt work. I've been reading laravel documentation, and this sort of thing works with DB::insert, DB::select, but what about DB::statement
Actually you can't use bind parameters on CREATE or DROP. Have to be used like that e.g.:
DB::statement("CREATE DATABASE {$newDatabase}");
Hope this helps