Welcome Guest, Not a member yet? Register   Sign In
protect from special characters like "\"
#1

[eluser]nikos[/eluser]
Hello guys...

i have a serious problem in my application.

i have a search form. Every time i fill a value in a text field with something like this: xxx\ then the sql query is broken. Probably if the character \ is the last in the text field then i have serious problem.

What should i do for this?

And is there a functionality in codeigniter to protect from special characters?

I am waiting for your precious helping.

Thanks a lot
#2

[eluser]elite[/eluser]
Can you post some code - e.g. how are you constructing your queries?

I suspect you're not escaping your queries (which is bad from a security point of view as well as breaking your queries.

The active record class automatically escapes characters:
ellislab.com/codeigniter/user-guide/database/active_record.html

Alternatively you may want to look at escaping queries in the database library:
ellislab.com/codeigniter/user-guide/database/queries.html
#3

[eluser]nikos[/eluser]
ok gyus please close this post.problem solved.




Theme © iAndrew 2016 - Forum software by © MyBB