Is htmlspecialchars & mysql_real_escape_string necessary with the input class ?

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ?

El Forum
Unregistered

06-23-2011, 05:44 AM

[eluser]pyrokinesis[/eluser]
Hi everyone,

I'm wondering are the 'htmlspecialchars' & 'mysql_real_escape_string' functions necessary (post input into DB) when using the CI input class or will the input class do it all for me already?

Code:
$data = ci()->input->post($element);

if(!empty($data))

{

  $data = htmlspecialchars($data);

  $data = mysql_real_escape_string($data);

  return $data;

}

Thanks

Messages In This Thread

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 05:44 AM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 01:21 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 04:37 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 04:39 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 04:45 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 08:37 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-23-2011, 11:54 PM

Is htmlspecialchars & mysql_real_escape_string necessary with the input class ? - by El Forum - 06-25-2011, 07:37 AM