Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Calculate the range of items shown on each page using codeigniter pagination
Calculate the range of items shown on each page using codeigniter pagination
  • El Forum
    Unregistered
  •  
#6
01-31-2013, 08:26 AM

[eluser]Andy78[/eluser]
Thanks for that, it makes sense.

I was wandering do we need to escape parameters sent via the Uri segment ? What happens is somebody tries and sql injection attack via the pagination links? My site is very likely to come under attack so I need to make sure its super secure. here is a function from my model. Iv added mysql_real_escape_string round the params but is this pointless?

Code:
function get_entries($limit, $start)
    {
        $limit = mysql_real_escape_string($limit);
        $start = mysql_real_escape_string($start);
        
        $this->db->select('statuses.id, title, status, posted_by, posted_by_email, created, name');
        $this->db->from('statuses');
        $this->db->join('categories', 'categories.id = statuses.category_id');
        $this->db->where('active', 1);
        $this->db->limit($limit, $start);
        $query = $this->db->get();
        
        if ($query->num_rows() > 0) {
            
            return $query->result();  
        }
        
        return false;
    }


Messages In This Thread
Calculate the range of items shown on each page using codeigniter pagination - by El Forum - 01-31-2013, 08:26 AM



Theme © iAndrew 2016 - Forum software by © MyBB