What about security in CI?

#1
[eluser]borgir[/eluser]
Hey there!
Is there any function similar to mysql_real_escape_string in CI?
Will I have to worry about this when using CI forms and DB insert functions?
Thks!

#2
[eluser]BrianDHall[/eluser]
CI's built-in SQL helper/class and ActiveRecord all automatically handle escaping special characters for you, you don't have to worry about doing it manually. It's a really nice time-saver, one less thing to worry about.

You should still do basic data sanitizing using form validation and common sense, but you don't have to worry about escaping special chars.

#3
[eluser]borgir[/eluser]
Thks for the information, Brian!
Take care =)

#4
[eluser]InsiteFX[/eluser]
You can also find this helpful for security.

CodeIgniter Security Help

Enjopy
InsiteFX

#5
[eluser]borgir[/eluser]
Thks a lot, InsiteFX!
Cheers!


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.