profile88721
New Member
Is it possible for to sql inject a \[code\]ZEND_DB_TABLE_ABSTRACT\[/code\] method?like for example\[code\] $this->insert();\[/code\]edit for a more clearer explanationPost values are :\[code\]'username' = 'admin';\[/code\]\[code\]'password' = '1;Drop table users;'\[/code\]Here is the insert statement in the controller: \[code\]public function InsertAction() { $postValues = $this->_request->getPost(); $usersTable = new Application_Models_DbTable_Users(); $username = $postValues['username']; $password = $postValues['password']; $data = http://stackoverflow.com/questions/9372850/array('username'=>$username,'password'=>$password); $users->insert($data);}\[/code\]