Does code igniter stop SQL Injection?

Register Sign In

Does code igniter stop SQL Injection?

El Forum
Guest

#13

06-16-2009, 02:58 AM

[eluser]sl3dg3hamm3r[/eluser]
[quote author="Bogdan Tanase" date="1245153764"]

Code:
$this->db->query("SELECT * FROM products WHERE prod_name='$prod_name'");

I believe this is not escaped, right?[/quote]

Right, in that case you would need to escape manually.

Messages In This Thread

Does code igniter stop SQL Injection? - by El Forum - 06-14-2009, 11:15 PM

Does code igniter stop SQL Injection? - by El Forum - 06-14-2009, 11:47 PM

Does code igniter stop SQL Injection? - by El Forum - 06-14-2009, 11:49 PM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 08:57 AM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 09:22 AM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 09:26 AM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 12:08 PM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 02:02 PM

Does code igniter stop SQL Injection? - by El Forum - 06-15-2009, 02:54 PM

Does code igniter stop SQL Injection? - by El Forum - 06-16-2009, 01:02 AM

Does code igniter stop SQL Injection? - by El Forum - 06-16-2009, 01:14 AM

Does code igniter stop SQL Injection? - by El Forum - 06-16-2009, 01:38 AM

Does code igniter stop SQL Injection? - by El Forum - 06-16-2009, 02:58 AM

Theme © iAndrew 2016 - Forum software by © MyBB