Search code examples
phpphalcon

phalcon query return Scanning error before

I'm using the phalcon framework, I want to execute this query 

public function updateAction($id)
{
$email = $this->request->getPost('email');
 $check_email_unique = Users::find(['conditions' => 'id != ' .$id. ' AND email = '. $email]);

echo $check_email_unique->id;
return ;
    }

but when test, the function on postman this returns error

Solution

  • You want to be binding your parameters because what you are doing is vulnerable to SQL injection.

    Try this:

    $check_email_unique = Users::findFirst([
    'conditions' => "email = :email: AND id != :id:",
    'bind' => [
        'email' => $email,
        'id' => $id
    ]
]);