Actions
Task #80317
closedDeprecate BackendUtility::getRecordRaw
Start date:
2017-03-17
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
8
PHP Version:
Tags:
Complexity:
Sprint Focus:
Description
Since we follow the principel of "prepared statement", the method getRecordRaw will break this behaviour.
Within the "where" parameter of the function it is possible to inject malicious code.
Thus we should remove it, as the queryBuilder should be used everywhere in the future
to increase visiblity of which query will be processed at a concrete point of code and to
force the concept of prepared statements.
Actions