Is this MODEL method safe? |
@George.adrian
What you do is not about good/best practices or respecting standards. Simply, the line you add is wrong. The escape method has its purpose - it escapes values before they get inserted within the SQL. What you do is escaping string that itself is a SQL-fragment. This is nonsense - in this direction you have nothing to research about. |
Welcome Guest, Not a member yet? Register Sign In |