09-04-2012, 11:29 AM
[eluser]Unknown[/eluser]
I use callback functions in my form validation code to check the database for valid values for a field. Is it right to assume that the value in the field passed to the call back function is not sanitized? If I have xss enabled in my config, do I have to use $this->input->post('str') in my callback function if I want the data cleaned? Is it enough to protect the values being sent to my callback function by using validation rules such as alpha, or alpha_dash, etc?
I use callback functions in my form validation code to check the database for valid values for a field. Is it right to assume that the value in the field passed to the call back function is not sanitized? If I have xss enabled in my config, do I have to use $this->input->post('str') in my callback function if I want the data cleaned? Is it enough to protect the values being sent to my callback function by using validation rules such as alpha, or alpha_dash, etc?