+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Active Record Not Escaping (/showthread.php?tid=11719)
Active Record Not Escaping - El Forum - 09-20-2008
[eluser]hpadrick[/eluser]
I am using $this->db->insert('table', $data)... When the data is inserted it is not escaped, but when profiler is enabled it is showing the query at the bottom with escapes.
CI version 1.6.3
PHP version 5.2.5
Active Record Not Escaping - El Forum - 09-20-2008
[eluser]hpadrick[/eluser]
More Info:
The form info originally typed:
`Should'" Es\cape
Bad"quote" 'single'
DAta
attached is the profiler screenshot with the escapes
Active Record Not Escaping - El Forum - 09-20-2008
[eluser]hpadrick[/eluser]
attached is screenshot of mysql with no escapes
Active Record Not Escaping - El Forum - 09-21-2008
[eluser]Pascal Kriete[/eluser]
I believe this is caused by the mysql cli client. It interprets the escapes when it displays the data. Try running it with the --raw or -r flag.
Active Record Not Escaping - El Forum - 09-21-2008
[eluser]hpadrick[/eluser]
I get the same output in phpmyadmin... but I will try with the flags... I ran my own quotes and they are inserted and shown with no problems.
Active Record Not Escaping - El Forum - 09-21-2008
[eluser]hpadrick[/eluser]
no different... add_slashes() inserts the slashes fine... but the db->insert method is not
Active Record Not Escaping - El Forum - 09-22-2008
[eluser]hpadrick[/eluser]
I have installed everything on a work PC and run some tests. Still no escapes.