Welcome Guest, Not a member yet? Register   Sign In
Escaping special characters

I understood that, by using the active record class, CI would take care of escaping special characters.

I find, However, that my model method

function update_table($data){
$id = $this->input->post('id');

allows me to insert ampersands and apostrophes. When I look at the database with Navicat, I can see that no slashes have been added to escape them. OK so far and the items can be fetched from the database and displayed on screen. So the database may not be a factor in my problem but I'm not sure. But when I then try to add that item to the shopping cart, it will not accept it ie nothing happens.

Add to cart method looks like this:

function add() {
$product = $this->Cards_model->get_item($this->input->post('id'));
$insert = array(
'id' => $this->input->post('id'),
'cat' => $product->cat,
'name' => $product->name,
'price' => $product->price,

Works perfectly unless the name field contains an ampersand or an apostrophe

Anyone suggest why?

Messages In This Thread
Escaping special characters - by El Forum - 03-15-2012, 07:52 AM
Escaping special characters - by El Forum - 09-06-2012, 08:59 PM
Escaping special characters - by El Forum - 09-07-2012, 04:19 AM

Theme © iAndrew 2016 - Forum software by © MyBB