[eluser]brazilius[/eluser]
This piece of code
Code:
$data=array(
'email' => $this->session->userdata( 'email' ),
'password' => $this->session->userdata( 'password' ),
'active' => 1
);
$this->db->get_where('users',$data);
echo $this->db->last_query();
if userdata for email and password wasn't set
both values would be FALSE
and query would be
SELECT * FROM (`users`) WHERE `email` = 0 AND `password` = 0 AND `active` = 1
and all rows with active = 1 are selected (i can't get why)
and if you use mysql_real_escape_string on both values from session
you get the right query
SELECT * FROM (`users`) WHERE `email` = '' AND `password` = '' AND `active` = 1
is it a right behaviour or a bug&