Hi,
I have this code snippet I am using it to search if a certain tag exists, if not that i persist a new tag into the db. This work fine, however i am concern on whether this is protected as sql injection. It's not documented.
$tagr = Tags::findFirst( array(
"conditions" => array(
"tagName" => $tags
)
) );
if ( !$tagr ) {
$tagObj = new Tags();
$tagObj->tagName = $tags;
$tagObj->save();
}