[eluser]Perkin5[/eluser]
I understood that, by using the active record class, CI would take care of escaping special characters.
I find, However, that my model method
Code:
function update_table($data){
$id = $this->input->post('id');
$this->db->where('id',$id);
$this->db->update($this->session->userdata('admincat'),$data);}
allows me to insert ampersands and apostrophes. When I look at the database with Navicat, I can see that no slashes have been added to escape them. OK so far and the items can be fetched from the database and displayed on screen. So the database may not be a factor in my problem but I'm not sure. But when I then try to add that item to the shopping cart, it will not accept it ie nothing happens.
Add to cart method looks like this:
Code:
function add() {
$product = $this->Cards_model->get_item($this->input->post('id'));
$insert = array(
'id' => $this->input->post('id'),
'cat' => $product->cat,
'name' => $product->name,
'price' => $product->price,
);
$this->cart->insert($insert);}
Works perfectly unless the name field contains an ampersand or an apostrophe
Anyone suggest why?