Always use Eloquent ORM or Laravel's query builder to interact with the database, which automatically prevents SQL injection by binding parameters.
// Using Eloquent ORM
$user = User::where('email', $request->input('email'))->first();
// Using Query Builder
$users = DB::table('users')->where('email', $request->input('email'))->get();
You Might Also Like
Extend Existing Artisan Commands
Extend and customize built-in Laravel Artisan commands to suit specific requirements. This technique...
Remove Composer Package
Removing an installed Composer package from your PHP or Laravel project. Let's consider you want to...