Welcome Guest, Not a member yet? Register   Sign In
is this protected ?
#1

[eluser]nuclearmaker[/eluser]
hi,is this query protected with sql injection?

Code:
$this->db->where('MATCH (title) AGAINST ("'. $q .'")', NULL, FALSE);
#2

[eluser]InsiteFX[/eluser]
Active record escapes queries!

But if you really want to be safe, Turn the FALSE to TRUE
for backticks or you can trun on XSS Filtering in the config.php

$config['global_xss_filtering'] = TRUE;

InsiteFX




Theme © iAndrew 2016 - Forum software by © MyBB