Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming DB Active Record - addslashes on data?
DB Active Record - addslashes on data?
  • El Forum
    Guest
  •  
#1
11-04-2009, 12:23 PM

[eluser]gscharlemann[/eluser]
Hello

Quick question. Is there a simple way to escape the data being inserted via the active record class? Here's the scenario: I have an array of keys and values that is parsed from a CSV file. One of the values is a name field, which inevitably contained a name like: "O'keefe"
Code:
$this->db->insert('mytable', $data);
throws an error on O'keefe, because of the '. How can I run the addslashes() function on all of the values in the $data array? The $data array contains between 300 and 1500 key, value pairs, usually.

Thanks!
  • El Forum
    Guest
  •  
#2
11-04-2009, 03:10 PM

[eluser]gscharlemann[/eluser]
So, I assume the Active Record class doesn't addslashes and remove slashes when querying the DB (although it seems to me like it should, or atleast give you the option of being able to). Perhaps something can be done to all of the values in the array of data. The array is 2D looks something like:
Code:
Array (
    1 => Array (
        "Name" => "Sean O'Keefe"
        "Age" => "13"
    )
    2 => Array (
        "Name" => "Jason Jones"
        ...
    )
)

Can something be done using array_values function? I really don't want to iterate through the entire array and apply the addslashes function to each value
  • El Forum
    Guest
  •  
#3
11-04-2009, 03:14 PM

[eluser]gscharlemann[/eluser]
I posted the above without doing a thorough review of the addslashes documenation for php. Noticed in the comments that someone provided a function to add slashes to the values in an array. I guess that will work, but it doesn't seem to be the most efficient, especially with a large 1500+ item array.

http://php.net/manual/en/function.addslashes.php
  • El Forum
    Guest
  •  
#4
11-04-2009, 03:30 PM

[eluser]überfuzz[/eluser]
Why store a file like that in a sql-row? Store the file on the server. Add slashes if or when you move the rows to a sql-table.
  • El Forum
    Guest
  •  
#5
11-04-2009, 06:52 PM

[eluser]CroNiX[/eluser]
[quote author="gscharlemann" date="1257380606"]Hello

Quick question. Is there a simple way to escape the data being inserted via the active record class? Here's the scenario: I have an array of keys and values that is parsed from a CSV file. One of the values is a name field, which inevitably contained a name like: "O'keefe"
Code:
$this->db->insert('mytable', $data);
throws an error on O'keefe, because of the '. How can I run the addslashes() function on all of the values in the $data array? The $data array contains between 300 and 1500 key, value pairs, usually.

Thanks![/quote]

Ive not had that problem. The manual for the database class says that when using active record with the insert/update methods it automatically escape data, which it does for me.
  • El Forum
    Guest
  •  
#6
11-10-2009, 06:41 AM

[eluser]gscharlemann[/eluser]
Really? it's not working that way for me... maybe I'm doing something wrong. I added the following function to MY_database_helper.php file:

Code:
function _mysql_real_escape_array($t){
    return array_map("mysql_real_escape_string",$t);
}

it seems to work. thanks for the feedback.




Theme © iAndrew 2016 - Forum software by © MyBB