It's just a question.

[eluser]Olivares[/eluser]
Hello Friends.

i'm a newbie with CI and i have a question, if i use CI my sites are safe from sql injection or cross side scripting?

im considering CI for a proyect but i don't know if i'm safe with just CI or i need extra validations.

[eluser]wiredesignz[/eluser]
All the tools to make a secure site are available in CI, of course it's up to you to use them.

[eluser]Olivares[/eluser]
thanks, for your answer. now i fell more confortable with CI.

Do you have a tip or comment to validate input user using CI tools,

Thanks again.

[eluser]wiredesignz[/eluser]
Yes.

Read the user guide:
http://ellislab.com/codeigniter/user-gui...ation.html

[eluser]Olivares[/eluser]
Thats cool, thank you very much.

[eluser]tobben[/eluser]
Also take a look at http://ellislab.com/codeigniter/user-gui...ecord.html

...or just take a look at the entire manual :p

[eluser]ejangi[/eluser]
Yeah, CI is pretty good in terms of security, but it doesn't take long for an un-educated developer to poke holes in it. You still need to be responsible for making your own code as secure as possible.

[eluser]tobben[/eluser]
I think the right attitude/behaviour for any web programmer is to have some sort of paranoid personality disorder.

[eluser]ejangi[/eluser]
Hehehe... Pretty much!