Need Help With Active Record For Search Function |
[eluser]Joshua Logsdon[/eluser]
Looks good and good luck with it! As a parting note, I would feel negligent if I didn't add this in on Escaping Queries: http://ellislab.com/codeigniter/user-gui...eries.html So you may want to use this when building your new WHERE clause where applicable: Code: ..... LIKE '". $this->db->escape_like_str($keywords) ."' ..... And if you want to be extra safe and do any XSS filtering: Code: $keywords = $this->input->post('keywords', TRUE); And if you are only going to use $keywords in the LIKE area you could just do it all at once: Code: $keywords = $this->db->escape_like_str( $this->input->post('keywords', TRUE) ); |
Messages In This Thread |
Need Help With Active Record For Search Function - by El Forum - 01-26-2010, 02:50 PM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 06:06 AM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 08:10 AM
Need Help With Active Record For Search Function - by El Forum - 01-27-2010, 08:27 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:09 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:15 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:21 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:42 AM
Need Help With Active Record For Search Function - by El Forum - 01-28-2010, 07:57 AM
|