Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Help to avoid sql injection attack
Help to avoid sql injection attack
  • El Forum
    Guest
  •  
#6
08-08-2011, 08:13 PM

[eluser]CodeIgniteMe[/eluser]
[quote author="Bart v B" date="1312855066"]
Code:
function GetData()
{
    $this->db->select('select title,picture,news');
    $this->db->where('id', $_GET['id']);
    
    $query = $this->db->get('sport');
    
    return $query->result();
}
[/quote]

and one more thing to clean up.
You don't need to include the select keyword in the statement
Code:
$this->db->select('select title,picture,news');
should be
Code:
$this->db->select('title,picture,news');


Messages In This Thread
Help to avoid sql injection attack - by El Forum - 08-06-2011, 07:48 PM
Help to avoid sql injection attack - by El Forum - 08-07-2011, 02:11 PM
Help to avoid sql injection attack - by El Forum - 08-07-2011, 07:27 PM
Help to avoid sql injection attack - by El Forum - 08-08-2011, 02:57 PM
Help to avoid sql injection attack - by El Forum - 08-08-2011, 08:09 PM
Help to avoid sql injection attack - by El Forum - 08-08-2011, 08:13 PM
Help to avoid sql injection attack - by El Forum - 08-08-2011, 08:25 PM
Help to avoid sql injection attack - by El Forum - 08-09-2011, 06:32 AM



Theme © iAndrew 2016 - Forum software by © MyBB