• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
special chars in mysql query

#1
[eluser]Yours3lf[/eluser]
Hi,

I have a db in which I have rows with various data that contain characters like (),.:-_!
and they might contain ' and "
If I run a query through codeigniter using $this->db->query(...) I get these chars dropped out. I think it might be because of the escaping of queries. This means that I can't access these rows.
How can I preserve these characters in my query? (maybe except ' and " )

Best regards,
Yours3!f

#2
[eluser]timchase01[/eluser]
First I would suggest using active record instead of running the query directly. If you have to run the query directly though you can escape the special characters. http://ellislab.com/codeigniter/user-gui...eries.html Look for the bit on Escaping Queries, or you can use the data bindings, which is much better from a security standpoint.

#3
[eluser]Aken[/eluser]
Quotes are the only characters there that you need to worry about when included inside a string, unless you are using a search function (such as LIKE queries), in which you need to pay attention to characters such as % and _

If you use $this->db->query() alone, without the bindings array as the second parameter, your query will NOT be automatically escaped.

One step I think you might want to do is to typecast your strings/data - it's possible that the Database class is assuming your string is numeric or something else based on its content.

Pasting an example of a query you're using, as well as the an error and an example of the query CI is using (can be retrieved using $this->db->last_query()), we can be more specific about how to solve your problem.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.