Preferred method to escape data using Active Record? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Preferred method to escape data using Active Record? (/showthread.php?tid=6147) |
Preferred method to escape data using Active Record? - El Forum - 02-15-2008 [eluser]thatscriptguy[/eluser] This issue here is that $this->db->escape places single quotes (') around values that you escape. Which means that Value gets turned into 'Value' So, for example, if I say Code: $email=$this->db->escape($this->input->post('email')); Instead of selecting records where `email`='email@address', it selects records where `email`="'email@address'" I think I'm trying to mix two different things here, which is why I'm having difficulties. So the question is this: What is the preferred method for escaping user data when working with Active Record or does AR escape data automatically? Thanks, Kevin Preferred method to escape data using Active Record? - El Forum - 02-16-2008 [eluser]xwero[/eluser] the ar library excapes the values by default |