Query Helper append to existing field. |
Hi! With CodeIgniter 3, I would like to append a string to an existing field. I did something like :
PHP Code: $this->db->where('id', $id); I don't really like "not escaping" the user input. What is the right and secure way to append a string to an existing field ?
If you use double quote marks you can do it like this.
PHP Code: $this->db->set('field', "CONCAT(field, {$string})", false); What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
@InsiteFX This is just different syntax for the same result. It doesn’t escape the value and it’s not more secure.
@Imabot Use the escape function, see https://codeigniter4.github.io/userguide...ng-queries PHP Code: $this->db->set('field', "CONCAT(field, " . $this->db->escape($string) . ")", false);
CodeIgniter 4 tutorials (EN/FR) - https://includebeer.com
/*** NO support in private message - Use the forum! ***/ |
Welcome Guest, Not a member yet? Register Sign In |