Welcome Guest, Not a member yet? Register   Sign In
What about security in CI?
#1

[eluser]borgir[/eluser]
Hey there!
Is there any function similar to mysql_real_escape_string in CI?
Will I have to worry about this when using CI forms and DB insert functions?
Thks!
#2

[eluser]BrianDHall[/eluser]
CI's built-in SQL helper/class and ActiveRecord all automatically handle escaping special characters for you, you don't have to worry about doing it manually. It's a really nice time-saver, one less thing to worry about.

You should still do basic data sanitizing using form validation and common sense, but you don't have to worry about escaping special chars.
#3

[eluser]borgir[/eluser]
Thks for the information, Brian!
Take care =)
#4

[eluser]InsiteFX[/eluser]
You can also find this helpful for security.

CodeIgniter Security Help

Enjopy
InsiteFX
#5

[eluser]borgir[/eluser]
Thks a lot, InsiteFX!
Cheers!




Theme © iAndrew 2016 - Forum software by © MyBB