+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Preferred method to escape data using Active Record? (/showthread.php?tid=6147)
Preferred method to escape data using Active Record? - El Forum - 02-15-2008
[eluser]thatscriptguy[/eluser]
This issue here is that $this->db->escape places single quotes (') around values that you escape. Which means that Value gets turned into 'Value'
So, for example, if I say
Code:
$email=$this->db->escape($this->input->post('email'));
$query = $this->db->get_where('members', array('email' => $email));Instead of selecting records where `email`='email@address', it selects records where `email`="'email@address'"
I think I'm trying to mix two different things here, which is why I'm having difficulties.
So the question is this: What is the preferred method for escaping user data when working with Active Record or does AR escape data automatically?
Thanks,
Kevin
Preferred method to escape data using Active Record? - El Forum - 02-16-2008
[eluser]xwero[/eluser]
the ar library excapes the values by default