O'Reilly logo

CodeIgniter 2 Cookbook by Rob Foster

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Escaping data – for a database

It's never a good idea to trust any information or data that comes the user; you should always consider any data from the user to be untrustworthy and potentially dangerous. You are strongly advised to ensure that you escape any data coming in from the user, and never trust any data from the user unless you have passed it through various processes that should make that data safe enough to work with. One of these techniques is escaping data. This recipe demonstrates the escaping of variables in a database query.

Getting ready

First, we'll need to create a database table. For this example, let's assume the database table is named escape. Enter the following SQL into your database:

CREATE TABLE `escape` ( `id` INT NOT ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required