Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming <, script and > inserted in DB
<, script and > inserted in DB
  • El Forum
    Guest
  •  
#1
10-09-2010, 03:22 PM

[eluser]shinokada[/eluser]
I load helpers, form, url and database in a controller.

I have the following model.

Code:
function entertest(){

        $data = array(
            'title' => $this->input->post('title'),
            'embed' => $this->input->post('embed'),
          
        );
        $this->db->insert('video',$data);
     }

When I enter < and > with script tag, it is inserted in DB.

I was assuming CI will change < to & g t;, but it did not.

According to the CI user guide, it says When you use $this->db->insert();, Note: All values are escaped automatically producing safer queries.

I also used ", but it is in DB as it is.

What am I doing wrong here?

Thanks in advance.


Messages In This Thread
<, script and > inserted in DB - by El Forum - 10-09-2010, 03:22 PM
<, script and > inserted in DB - by El Forum - 10-09-2010, 08:37 PM
<, script and > inserted in DB - by El Forum - 10-10-2010, 02:26 AM
<, script and > inserted in DB - by El Forum - 10-10-2010, 06:31 AM



Theme © iAndrew 2016 - Forum software by © MyBB