[eluser]xwero[/eluser]
The problem is the AR library has no option to add parenthesis so the where part of the snippet you provided will output
WHERE id = 1 OR winner = 1000 OR author = 1000
But you want
WHERE id = 1 AND (winner = 1000 OR author = 1000)
To make it happen and escape the data to prevent sql attacks at the same time you will have to do
Code:
$session_id = $this->db->escape($this->userdata->item('id'));
$where = sprintf('id = %d AND (winner = %d OR author = %d)', $this->db->escape($id),$session_id,$session_id);
$this->db->where($where);