CodeIgniter Forums
protect from special characters like "\" - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: protect from special characters like "\" (/thread-53484.html)



protect from special characters like "\" - El Forum - 07-26-2012

[eluser]nikos[/eluser]
Hello guys...

i have a serious problem in my application.

i have a search form. Every time i fill a value in a text field with something like this: xxx\ then the sql query is broken. Probably if the character \ is the last in the text field then i have serious problem.

What should i do for this?

And is there a functionality in codeigniter to protect from special characters?

I am waiting for your precious helping.

Thanks a lot


protect from special characters like "\" - El Forum - 07-26-2012

[eluser]elite[/eluser]
Can you post some code - e.g. how are you constructing your queries?

I suspect you're not escaping your queries (which is bad from a security point of view as well as breaking your queries.

The active record class automatically escapes characters:
ellislab.com/codeigniter/user-guide/database/active_record.html

Alternatively you may want to look at escaping queries in the database library:
ellislab.com/codeigniter/user-guide/database/queries.html


protect from special characters like "\" - El Forum - 07-26-2012

[eluser]nikos[/eluser]
ok gyus please close this post.problem solved.