+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: $this->db->escape() vs $this->db->escape_str() (/showthread.php?tid=39529)
$this->db->escape() vs $this->db->escape_str() - El Forum - 03-13-2011
[eluser]Evollution[/eluser]
i dont understand when i shoud use $this->db->escape_str() and when $this->db->escape() what is the diffrence ?
$this->db->escape() vs $this->db->escape_str() - El Forum - 03-13-2011
[eluser]Evollution[/eluser]
for example my controller
Code:
function create(){
$this->load->library('form_validation');
// field name, error message, validation rules
$this->form_validation->set_rules('name', 'Title', 'trim|required|min_length[4]|xss_clean');
$this->form_validation->set_rules('autoplayon', 'Autoplay ON', 'trim|required');
$this->form_validation->set_rules('autoplayoff', 'Autoplay OFF', 'trim|required');
if($this->form_validation->run() == FALSE)
{
$this->load->view('admin/add');
}
else
{
$data = array(
'name' => $this->input->post('name'),
'slug' => url_title($this->input->post('name'),'dash', TRUE),
'autoplayon' => $this->input->post('autoplayon'),
'autoplayoff' => $this->input->post('autoplayoff'),
'autor' => $this->MyBBI->mybb->user['username']
);
$this->radio_m->add_record($data);
$this->index();
}and my model
Code:
function add_record($data){
// insert
$this->db->insert('radio', $this->db->escape($data));
$return;I done it corectly ?
$this->db->escape() vs $this->db->escape_str() - El Forum - 03-13-2011
[eluser]guidorossi[/eluser]
You don't need to escape the data if you're using Active Record because "All values are escaped automatically producing safer queries."
http://ellislab.com/codeigniter/user-guide/database/active_record.html#insert