Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming No idea how to refactor this into Code Igniter
No idea how to refactor this into Code Igniter
  • El Forum
    Guest
  •  
#6
07-22-2007, 05:30 PM

[eluser]Rick Jolly[/eluser]
mysqli_escape_string() is for mysql. It escapes special database characters (') and prevents sql injection. If you need to display the $_POST data then you should use xss_clean or html purifier. If you trust your users, then at the very least use htmlspecialchars() so your html doesn't get corrupted.

Your code looks great. I'd just put the email stuff in a library.


Messages In This Thread
No idea how to refactor this into Code Igniter - by El Forum - 07-21-2007, 10:30 PM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 12:21 AM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 12:43 AM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 11:19 AM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 01:20 PM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 05:30 PM
No idea how to refactor this into Code Igniter - by El Forum - 07-22-2007, 05:46 PM



Theme © iAndrew 2016 - Forum software by © MyBB