Welcome Guest, Not a member yet? Register   Sign In
Not validated input and query builder class
#1

I have read the CI user guide, and it stated that the query builder class can generate SQL statements quite safely, but it is not designed to prevent SQL injection no matter what data is passed to it.

If I don't validate my input, I feel very unsafe to depends on the query builder class for preventing SQL injection. 

I want to have an input field that accepts a variety of answers from my users. And the answer can include all kinds of symbols. 

Can I trust Query Builder with unvalidated input fields? I am so scared that my database data will all be gone at some point. I don't have any database backups. Sad
Reply


Messages In This Thread
Not validated input and query builder class - by ONice - 07-22-2023, 01:48 PM



Theme © iAndrew 2016 - Forum software by © MyBB