• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Validation prep_for_form

#1
[eluser]Aaron L.[/eluser]
Hello,

I am trying to submit my form to a function which validates my form before inserting it into the DB. In this function, I am attempting to use prep_for_form (documentation). The problem is, when I fill-in the form with something like "I'm", I still get an SQL error because the ' is there.

Here is my code:
Code:
$this->load->library('validation');

    //set the validation rules
    $rules['subject'] = "prep_for_form|required|xss_clean";
    $rules['message'] = "prep_for_form|required|xss_clean";
    $rules['to_nick'] = "trim|required|xss_clean";
            
    $this->validation->set_rules($rules);
            
    //set field names for validation error messages
    $fields['subject'] = 'Subject';
    $fields['message'] = 'Message';
    $fields['to_nick'] = 'To Nickname';

    $this->validation->set_fields($fields);
            
    if ($this->validation->run() == FALSE)
    {
        echo "Error";
    }
    else
    {  
                $this->db->query("INSERT INTO messages (subject, message) VALUES ('$subject','$message')");

                echo "SUCCESS!!";
    }

Do you know what's going on here? I'm stumped...

Aaron


Messages In This Thread
Validation prep_for_form - by El Forum - 07-02-2007, 06:57 PM
Validation prep_for_form - by El Forum - 07-02-2007, 07:24 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:04 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:05 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:47 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:48 PM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.