• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
escape str vs query builder

#1
Sorry, got a really basic question on escape_str, should it be adding backslashes for each apostrophe? Whereas query builder won't?
Reply

#2
You use it on data that your going to be saving into a database.

MySQL escape string is depreciated.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#3
(02-04-2021, 03:56 PM)InsiteFX Wrote: You use it on data that your going to be saving into a database.

MySQL escape string is depreciated.

Thanks for the reply, I mean, the codeigniter escape_str function, should this be adding backslashes before apostrophes? I thought that was only if magic quotes was enabled.
Reply

#4
Yes, it should because it is interpreted as a single quote mark.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#5
(02-04-2021, 09:50 PM)InsiteFX Wrote: Yes, it should because it is interpreted as a single quote mark.

Thanks again for your reply, does this not imply the documentation is incorrect, as the query builder does not put the backslash, which implies that the query builder is using bindings and not using an escape function (as it appears to suggest?)
Reply

#6
(02-04-2021, 09:50 PM)InsiteFX Wrote: Yes, it should because it is interpreted as a single quote mark.

Essentially, to clarify, I thought escape string doesn't do this nowadays, and only does it if PHP magic quotes is on?
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.