SQL injection is a technique where malicious users can inject the SQL commands /queries into an SQL statement, resulting in false input of the web page and the security of a web application.
Eventually CakePhp already protects the application against the SQL Injection if you are using the CakePhp’s methods like find() and save() and proper array notation (ie. array(‘field’ => $value))
Still, it is sometimes necessary to perform manual queries, which can be done with Model::Query.
– Read the full Blog at: Protecting Your CakePhp Application Against SQL Injection
Our Php questions and answers forum is developed for those tech geeks who don’t want to wait for a longer duration of time, as the community members within FindNerd can answer any android query within shortest possible time frame.