Raised here, as its not a security problem with codeignitor, is a problem with how its being used.
Comments from one tech below.
The code I reviewed contained a critical security issue that might enable an attacker to steal or delete the whole database.
Here we are talking about the Codeigniter 3 model we reviewed together.
Codeigniter offers the posibility to write the whole query yourself like:
$this->db->query('SELECT * FROM some_table WHERE id = 3 AND status = 4 AND author = "Rick"');
in this case you need to actually write it more like (query binding and escaping to enforce security)
$sql = "SELECT * FROM some_table WHERE id = ? AND status = ? AND author = 'Rick'"
$this->db->query($sql, array($this->db->escape($id), $this->db->escape($status), $this->db->escape($author)));
Which I completely agreed with (Other tech guy) and I was aware of this.
But I am taking advantage of what the framework is offering me and that is called a Query Builder Class
So in my case the query would look like:
$wheresql = "id = {VAR}";
$wheresql .= "status = {VAR}";
$wheresql .= "author = {VAR}";
$this -> db -> where($wheresql);
The "where" method that is called on the db object is calling another method called _wh which is escaping the value or $wheresql
So I am more than sure there is no security problem in that. I already tried myself all "hacking" ways to see if I can inject something and I could not succeed.
Who is right?
is the database safe or not.