In our Cakephp3 application, the user is inputting some text with apostrophe's and it should be backslashed or using mysql_real_escape_string() we should be handled to override the errors throwing in site.
This fix should be done in one uniq place, instead of being taken care in all the places.
What would be the best approach? Thanks
I recommed you to put a str_replace at your tables before marshall.
If this is needed for all tables, I recommend you to put the before marshall at Table.php and extend it in yours others tables
It should be something like this:
At table.php:
public function beforeMarshal(Event $event, ArrayObject $data,
ArrayObject $options)
{
foreach ($data as $key => $value) {
if (is_string($value)) {
$data[$key] = str_replace("'","`",$value);
}
}
}
At the other tables:
class YourTableNameTable extends Table
Read the following: https://book.cakephp.org/3.0/en/orm/saving-data.html#modifying-request-data-before-building-entities