Welcome Guest, Not a member yet? Register   Sign In
Safe escape
#1

Hello,
When I do something like this:
Code:
$data = array(
     'user_id' => $id,
     'followed_user_id' => $followed,

);
$this->db->insert('users_follows', $data);




It's safe and CI will automatically escape the variables, right?

But when I do smth like this:

Code:
$this->db->join('cities as s', 's.state_id = "'.$GET['state'].'" AND s.id = users.city_id');
or

Code:
$data = array(
   'img' => $src,
   'img_s' => $src2,
   'img_xs' => $src3
);
$this->db->update('users', $data, "id = '".$id."'");  

Will CI also escape the variables?

Thanks !
Reply


Messages In This Thread
Safe escape - by Ridd - 08-12-2015, 03:31 PM
RE: Safe escape - by Narf - 08-12-2015, 03:48 PM
RE: Safe escape - by Ridd - 08-12-2015, 03:53 PM
RE: Safe escape - by Narf - 08-12-2015, 05:40 PM
RE: Safe escape - by kenjis - 08-12-2015, 09:06 PM
RE: Safe escape - by Ridd - 08-13-2015, 05:29 AM
RE: Safe escape - by kenjis - 08-13-2015, 02:59 PM
RE: Safe escape - by mwhitney - 08-14-2015, 07:33 AM



Theme © iAndrew 2016 - Forum software by © MyBB