Display data securely which come from database - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: Model-View-Controller (https://forum.codeigniter.com/forumdisplay.php?fid=10) +--- Thread: Display data securely which come from database (/showthread.php?tid=61397) |
Display data securely which come from database - smallbug - 04-12-2015 For a query with PHP Code: $this->db->query($sql, array( $var )); RE: Display data securely which come from database - silentium - 04-12-2015 You should still use htmlspecialchars() and similar functions. CodeIgniter do not format, escape or filter the database output for you. What it does, when using the Query Builder Class, is escaping you queries that insert/update data in the database. RE: Display data securely which come from database - smallbug - 04-12-2015 Thanks a lot! |