Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Validation prep_for_form
Validation prep_for_form
  • El Forum
    Guest
  •  
#4
07-02-2007, 08:05 PM

[eluser]Rick Jolly[/eluser]
It is the job of the database library to escape sql.

Either use Active Record or query bindings and the sql will be escaped automatically.

Code:
// query bindings
$sql = "INSERT INTO messages (subject, message) VALUES (?,?)";
$this->db->query($sql, array($subject,$message));

// active record
$this->db->insert('messages', array('subject' => $subject, 'message' => $message));


Messages In This Thread
Validation prep_for_form - by El Forum - 07-02-2007, 06:57 PM
Validation prep_for_form - by El Forum - 07-02-2007, 07:24 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:04 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:05 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:47 PM
Validation prep_for_form - by El Forum - 07-02-2007, 08:48 PM



Theme © iAndrew 2016 - Forum software by © MyBB