how i can sanitize the input and use parametrized query for this create function?

  laravel, php

This is the create function in which i need to sanitize the input, use parametrized query in php. As I’m new to php please anyone could help me in this.
Ps:Edited now as stack trace functionality got solved. Thanks for suggestions

 public function create(Request $request)
    {
        $request->hubs = ($request->hubs == "")?[]:$request->hubs;
        $success_flag = true;
        if($request->city != "0"){
            $city_hub = HubMaster::where('city_id','=',$request->city)->select(['hub_id'])->get();
            foreach($city_hub as $hub){
                array_push($request->hubs,$hub->hub_id);
            }
        }
        for($i =0;$i<count($request->hubs);$i++){

            $hub_id =$request->hubs[$i];
            $manual_auto = $request->manual_auto;
            $manual_text = $request->manual_text;
           
            try
            {
                $sql="INSERT INTO 
                            hub_operational_info(`hub_id`,`manual_auto`,`manual_text`) 
                        VALUES 
                            ({$hub_id},{$manual_auto},'{$manual_text}')
                        ON DUPLICATE KEY UPDATE
                        manual_auto = VALUES(manual_auto),
                        manual_text = VALUES(manual_text)
                    ";   
                $s=DB::statement($sql);
            }
            catch(Exception $e)
            {
                $success_flag = false;
            }
        }
        
        if($success_flag == true)
        {
            return "success";
        }
        else
        {
            return "notsuccess";
        }
    }

Source: Laravel

Leave a Reply