Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming $this in a condition
$this in a condition
  • El Forum
    Unregistered
  •  
#6
01-03-2008, 04:51 AM

[eluser]xwero[/eluser]
No problem, now you know you have to makes checks for all queries.
You could write the getNomCat query 2 different ways
Code:
$query = $this->db->query('SELECT nom_cat FROM news_categories WHERE id=? LIMIT 1',array($idcat));
This way will escape the value to prevent sql attacks. And the other way is using the active records class
Code:
$this->db->select('nom_cat');
$this->db->from('news_categories');
$this->db->where('id',$idcat);
$this->db->limit(1);
$query = $this->db->get();
// or chained (php5)
$query = $this->db->select('nom_cat')->from('news_categories')->where('id',$idcat)->limit(1)->get();
This has the advantage of escaping the values and works with all the supported databases.


Messages In This Thread
$this in a condition - by El Forum - 01-03-2008, 03:45 AM
$this in a condition - by El Forum - 01-03-2008, 03:58 AM
$this in a condition - by El Forum - 01-03-2008, 04:01 AM
$this in a condition - by El Forum - 01-03-2008, 04:15 AM
$this in a condition - by El Forum - 01-03-2008, 04:24 AM
$this in a condition - by El Forum - 01-03-2008, 04:51 AM
$this in a condition - by El Forum - 01-03-2008, 05:22 AM



Theme © iAndrew 2016 - Forum software by © MyBB