Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Best Practices Sanitizing Form inputs form quotes (' and ")
Sanitizing Form inputs form quotes (' and ")
  • Offline mwhitney
    Posting Freak
  • *****
  • Posts: 1,101
    Threads: 4
    Joined: Nov 2014
    Reputation: 95
#7
01-02-2015, 01:17 PM

If you use the form_validation library, any fields which are processed by the library are updated in the post array. This is why set_value() is needed for these particular instances. Since it is possible that the validation used for a particular view will change over time, set_value() works whether the library was used or not, and for both values which were processed and those which were not.

At some point in the library's development, it was determined that it was more convenient to require using set_value() in the view than to require the use of a different function/method for retrieving the processed data after validation (or maybe this was just necessary for backwards compatibility when someone recognized an issue). Either way, it is not particularly difficult to use set_value() all the time in your views, and it does have some other benefits.

You could also setup your own helper functions to use set_value() if you want to avoid calling it explicitly in your views.
Bonfire
Practical CodeIgniter 3
CodeIgniter Testing Guide
Reply


Messages In This Thread
RE: Sanitizing Form inputs form quotes (' and ") - by mwhitney - 01-02-2015, 01:17 PM



Theme © iAndrew 2016 - Forum software by © MyBB