Hi,

Perhaps this question has already been posted here. But I’m working on a small project where we want to store data in the database, among other things. This concerns texts that are placed in the database as json. As far as I know, Laravel already does some escaping from SQL injection, but what functions are best used for larger texts with inserts?

What is the best practice here?

PS. always shoot SQLmap against it of course

The Laravel query builder uses PDO parameter binding to protect your application against SQL injection attacks. There is no need to clean or sanitize strings passed to the query builder as query bindings.

Ref: https://laravel.com/docs/9.x/queries