PHP Codeigniter + Sparks + php-activerecord how to escape before insert or update data

839 Views Asked by jeefo At 19 April 2025 at 09:18

I'm very new php-activerecord. Is there a way auto escape all of my post/get data before update or insert records?

class User extends ActiveRecord\Model {...}

class Blog extends MY_Controller
{
    function test()
    {
        $user = User::find('last');
        $user->first_name = 'test"quot' . "es'zzz";
        $user->save();
    }
}

// inserted data
// first_name = test"quotes'zzz

Original Q&A

There are 2 best solutions below

Pav On 28 May 2012 at 01:26 BEST ANSWER

Have a look at Query Bindings

The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.

greut On 30 May 2012 at 21:04

Did you encounter any trouble? PHP-ActiveRecord is using PDO prepared statements(source). So you shouldn't encounter any escaping problem, if so, feel free to open n issue on the github project page: https://github.com/kla/php-activerecord

PHP Codeigniter + Sparks + php-activerecord how to escape before insert or update data

There are 2 best solutions below

Related Questions in PHP

Related Questions in CODEIGNITER

Related Questions in PHPACTIVERECORD

Trending Questions

Popular # Hahtags

Popular Questions