php - How to escape all array elements from special characters while sending to mysql database -


i sending array has been passed view controller(ajax-json). in controller, collecting of them in array this:

$to_update = array(     'name' =>$name,      'qualification' =>$qualification,      'percentage' =>$percentage,       ); 

and sending model inserting in database, , call like

$result  = $this->model_name->func_name($to_update); 

and in model, insered like,

$this->db->insert('table_name', $to_update); 

now have make sure sql injection handled , no harm takes place when special charecters entered user. have give escape functionality array. have huge arrays above hundreds of elements.

while saving saves special charecter, while fetching, there problem , data lost. have take care of escaping, , how suggestions please.

all of activerecord's query-building methods like ,where, group, order, insert, update , on, safe against sql injection long not pass them raw sql strings.

codeigniter recognize type of data variable is, , wrap accordingly. is, if it's string, put ' , ' around escaped value in sql, need ensure users can't inject malicious.

codeigniter strip slashing quotes , vulnerable scripts when using active records rather running direct sql queries.. no wories using active records


Comments

Popular posts from this blog

qt - Using float or double for own QML classes -

Create Outlook appointment via C# .Net -

ios - Swift Array Resetting Itself -