Parameterized query binding in ON clause for a LEFT JOIN in Laravel Eloquent / Query Builder

Question

Let\'s say I want to show a full list of awards with type=\"color\":

Awards        Type     2013 Winner
======        ====     ===========
Blue Award    colo         


        

Answer 1

This comes straight from the Laravel docs:

The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.

You shouldn't need to sanitize it at all. It should be fine. If you are worried about it though, you can use the Validator class to validate it however you want.