What does query builder actually escape? |
I'm looking for reliable answers to the following scenario regarding whether or not the data is escaped by query builder:
Code: $this->db->select($evilInput); // pretty sure it is In which of the above scenarios does `$evilInput` need to be escaped manually? The docs is a little iffy on these types of examples. I know `set()` escapes as well as `$this->db->get('tablename', $escape_this_array);` |
Messages In This Thread |
What does query builder actually escape? - by alex.fagard - 08-05-2018, 10:22 PM
RE: What does query builder actually escape? - by Pertti - 08-06-2018, 01:00 AM
RE: What does query builder actually escape? - by php_rocs - 08-06-2018, 07:44 AM
|