Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Escaping form inputs
Escaping form inputs
  • El Forum
    Guest
  •  
#1
10-14-2009, 11:57 AM

[eluser]loonychune[/eluser]
I was just working through a form, escaping the values in the controller(!) because I wanted to reuse the variables.

So, I'm thinking of escaping the values something like this:

Code:
class Something extends Model {

  public $user;
  public $pass;

  function escape_values($user, $pass) {
    $this->user = $this->db->escape($user);
    $this->pass = $this->db->escape($pass);
  }

  function use_values() {
    //now i can always refer to the variables

    $query = $this->db->query("DELETE FROM table WHERE pass = {$this->pass}");
  }

}

This seems an efficient way to do things if i had say, 5 or 6 functions reusing the $user and $pass values... I don't want to have to escape the values in EVERY method.

What do you think???

I'm also curious about how to go FURTHER... i.e. MY_Controller pops up a lot in the forums and seems to be a way of implementing reusable functionality.

Appreciate your input...


Messages In This Thread
Escaping form inputs - by El Forum - 10-14-2009, 11:57 AM
Escaping form inputs - by El Forum - 10-14-2009, 12:17 PM
Escaping form inputs - by El Forum - 10-14-2009, 10:27 PM
Escaping form inputs - by El Forum - 10-15-2009, 02:15 AM
Escaping form inputs - by El Forum - 10-16-2009, 02:45 AM



Theme © iAndrew 2016 - Forum software by © MyBB