• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
protect from special characters like "\"

#1
[eluser]nikos[/eluser]
Hello guys...

i have a serious problem in my application.

i have a search form. Every time i fill a value in a text field with something like this: xxx\ then the sql query is broken. Probably if the character \ is the last in the text field then i have serious problem.

What should i do for this?

And is there a functionality in codeigniter to protect from special characters?

I am waiting for your precious helping.

Thanks a lot

#2
[eluser]elite[/eluser]
Can you post some code - e.g. how are you constructing your queries?

I suspect you're not escaping your queries (which is bad from a security point of view as well as breaking your queries.

The active record class automatically escapes characters:
ellislab.com/codeigniter/user-guide/database/active_record.html

Alternatively you may want to look at escaping queries in the database library:
ellislab.com/codeigniter/user-guide/database/queries.html

#3
[eluser]nikos[/eluser]
ok gyus please close this post.problem solved.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.