Escape behaviour select vs insert - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Development (https://forum.codeigniter.com/forumdisplay.php?fid=6) +--- Forum: Issues (https://forum.codeigniter.com/forumdisplay.php?fid=19) +--- Thread: Escape behaviour select vs insert (/showthread.php?tid=63055) |
Escape behaviour select vs insert - bod99 - 09-21-2015 As I understand, strings passed to db->where() and db->insert() are escaped by default. I see differing results passing strings containing ' and ' or ' or '. insert() processes as expected though where() inserts unwanted whitespace. I'm using CI 3.0.1. PHP Code: $col2 = 'foo and bar'; Code: SELECT `col1` I'm unsure if this is a bug as such or misuse on my part. What's the best approach in order to continue usiing the query builder as it's so convenient! Right now I am simply removing duplicate whitespace before running the generated query: PHP Code: $this->db->query( preg_replace('/\s{2,}/', ' ', $this->db->get_compiled_select()) ); Any tips appreciated. RE: Escape behaviour select vs insert - Narf - 09-23-2015 https://github.com/bcit-ci/CodeIgniter/issues/4093 ... and I believe this was also posted once more here on the forums. RE: Escape behaviour select vs insert - bod99 - 09-24-2015 (09-23-2015, 05:14 AM)Narf Wrote: https://github.com/bcit-ci/CodeIgniter/issues/4093 I missed both despite a prolonged search before posting. Thanks for the reply. Much appreciated. |