Insert and Update database checking

CodeIgniter makes it easy to use DB transactions to make sure your inserts and updates all went well.

http://www.codeigniter.com/user_guide/da...tions.html

PHP Code:

public function get_gifts_for($user_id)
{
    return $this->db->query(
        'SELECT
            gifts.id AS id,
            gifts.name AS gift,
            gifts.price AS price,
            gifts.description AS description,
            gifts.url AS url,
            glists.name AS glist,
            glists.max_gifts AS glist_max_gifts,
            glists.max_price AS glist_max_price,
            u2.name AS owner
        FROM gifts
        INNER JOIN users ON gifts.for_user_id = users.id
        INNER JOIN glists ON glists.id = gifts.glist_id
        INNER JOIN users u2 ON glists.owner = u2.id
        WHERE users.id = ' . $user_id . ';')->result_array();
} 


If you're going to use queries like this, you need to understand that you will no longer benefit from the escaping (sanitizing) that CodeIgniter provides, in this case for the variable $user_id. I also think it's important to know how to use plain MySQL, but CodeIgniter does a lot for you, and you can get into trouble if you don't know what you're doing with plain MySQL. In the case of this example query, I would have type casted $user_id as an integer.

Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3