[eluser]Unknown[/eluser]
Hello,
I used the active record "where" method as such:
$this->db->where (" (desc LIKE "%$search%" or name LIKE "%$search%"))
I thought that using the "where" method auto escapes the values but it did not.
In order to get it to work, I had to write the sql using bind variables (ie: ?).
-jeff