+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Best way to process search containing special chars (/showthread.php?tid=11117)
Best way to process search containing special chars - El Forum - 08-26-2008
[eluser]lukeinjax[/eluser]
I've got a search that queries a table using active record with a 'like' to get all records like the search term. What I need is to allow the user to be able to search using special chars such as ", and ', but I don't want to open myself up to SQL injection or any other type of attack.
The search results are paginated, so I'm currently passing the search term in the URL like this: http://mydomain.com/search/page/searchterm/offset, but CI disallows special chars in the URL string. Because of this I'm getting the disallowed chars message when I try to search for '42" plasma' or something like that. So, since I'm sure this situation is pretty common, I'm curious as to how others have handled it.