Welcome Guest, Not a member yet? Register   Sign In
escape str vs query builder
#1

Sorry, got a really basic question on escape_str, should it be adding backslashes for each apostrophe? Whereas query builder won't?
Reply
#2

You use it on data that your going to be saving into a database.

MySQL escape string is depreciated.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#3

(02-04-2021, 03:56 PM)InsiteFX Wrote: You use it on data that your going to be saving into a database.

MySQL escape string is depreciated.

Thanks for the reply, I mean, the codeigniter escape_str function, should this be adding backslashes before apostrophes? I thought that was only if magic quotes was enabled.
Reply
#4

Yes, it should because it is interpreted as a single quote mark.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#5

(02-04-2021, 09:50 PM)InsiteFX Wrote: Yes, it should because it is interpreted as a single quote mark.

Thanks again for your reply, does this not imply the documentation is incorrect, as the query builder does not put the backslash, which implies that the query builder is using bindings and not using an escape function (as it appears to suggest?)
Reply
#6

(02-04-2021, 09:50 PM)InsiteFX Wrote: Yes, it should because it is interpreted as a single quote mark.

Essentially, to clarify, I thought escape string doesn't do this nowadays, and only does it if PHP magic quotes is on?
Reply




Theme © iAndrew 2016 - Forum software by © MyBB