+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Do I need to use add_slashes() or anything? (/showthread.php?tid=55283)
Do I need to use add_slashes() or anything? - El Forum - 10-18-2012
[eluser]php_princess[/eluser]
I always use $this->db->escape() on anything I put in the database (unless I'm using active record). It doesn't seem to put slashes in front of single quotes because I see stuff in the database with naked single quotes.
This is bad, right? I need to do something to make sure single quotes always have a back slash in front of them, yes?
Do I need to use add_slashes() or anything? - El Forum - 10-18-2012
[eluser]benton.snyder[/eluser]
$this->db->escape() alone is sufficient. The naked single quotes you see in databases are extraneous.
Escaping a value should not add anything to the record, but instead tell the database engine to treat the value as simple text and not attempt to process it.