Welcome Guest, Not a member yet? Register   Sign In
Active Record & SQL Injection?

Does active record take care of any possible SQL injections?

100% yes or NO?

I think 100% yes... check it out, try it yourself.

Or just check the user guide - ellislab.com/codeigniter/user-guide/.

It does if you tell it to. There are configuration options for whether or not you want to have everything run through the filters.

I've checked the userguide, its basically my bible... but only states "It also allows for safer queries, since the values are escaped automatically by the system." Which doesn't really tell me into how much depth of security it goes into?

Theme © iAndrew 2016 - Forum software by © MyBB