Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Backslashes added when using $this->db->query and update in mysql
Backslashes added when using $this->db->query and update in mysql
  • El Forum
    Guest
  •  
#1
02-09-2008, 01:15 PM

[eluser]tomodian[/eluser]
Hi. I think I found error in db class for mysql. (mysql_driver.php)

When I post my data, backslashes added automatically, and even though I use stripslashes(), it still adds backslashes.

To avoid this problem, I changed mysql_driver.php to below.

function escape_str($str)
{
if (function_exists('mysql_real_escape_string'))
{
return mysql_real_escape_string($str, $this->conn_id);
}
elseif (function_exists('mysql_escape_string'))
{
return mysql_escape_string($str);
}
else
{
return addslashes($str);
}
}

To

function escape_str($str)
{
/*
if (function_exists('mysql_real_escape_string'))
{
return mysql_real_escape_string($str, $this->conn_id);
}
elseif (function_exists('mysql_escape_string'))
{
return mysql_escape_string($str);
}
else
{
return addslashes($str);
}
*/
return $str;
}

Someone please tell me if this raises security problems.




Theme © iAndrew 2016 - Forum software by © MyBB