https://stackoverflow.com/questions/22138215
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI would check first if date_default_timezone_get() returns a valid value, to avoid a query like: SET time_zone = "".
Is this php/mysql expression (which sets the timezone of connection) safe enough?
문제
Is this expression is safe or does this approach has vulnerabilities?
$pdo = new PDO('mysql:host=localhost;dbname=test', 'user', 'password');
$pdo->exec('SET time_zone = "' . date_default_timezone_get() . '"');
올바른 솔루션이 없습니다
다른 팁
제휴하지 않습니다 StackOverflow
