• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Need Help With Active Record For Search Function

#9
[eluser]Joshua Logsdon[/eluser]
Looks good and good luck with it!

As a parting note, I would feel negligent if I didn't add this in on Escaping Queries:
http://ellislab.com/codeigniter/user-gui...eries.html

So you may want to use this when building your new WHERE clause where applicable:
Code:
..... LIKE '". $this->db->escape_like_str($keywords) ."' .....

And if you want to be extra safe and do any XSS filtering:
Code:
$keywords = $this->input->post('keywords', TRUE);

And if you are only going to use $keywords in the LIKE area you could just do it all at once:
Code:
$keywords = $this->db->escape_like_str( $this->input->post('keywords', TRUE) );
and keep $keywords plugged into the $where like you have now.


Messages In This Thread
Need Help With Active Record For Search Function - by El Forum - 01-26-2010, 02:50 PM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 06:06 AM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 08:10 AM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 08:27 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:09 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:15 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:21 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:42 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:57 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.