Codeigniter auto removes slashes in db queries?
I have a SQL INSERT query that has a field that has a slash in it. Here is the string in PHP:
'\\\\192.168.2.10\\datastore'
Here it is when I echo it out:
'\\192.168.2.10\datastore'
The above string is part of a query and is used in this method:
$this->db->query($sql);
However, when I view the database it has been written as:
\192.168.2.10datastore
How can I stop this from happening? What do I turn off to stop codeigniter from 开发者_运维问答doing this?
Update
var $clients_array = array(
1 => array('datastore' => '\\\\192.168.2.10\\datastore'),
);
function(){
//loop here
$client_details = $this->clients_array[1];
$datastore = $client_details['datastore'];
$sql = "INSERT INTO table (datastore) VALUES ('$datastore')";
//$sql = "INSERT INTO table (datastore) VALUES ('".$datastore."')"; //tried this too
echo $sql;
if($this->db->query($sql)){}
}
I may be overlooking something, but those backslashes are escape characters as you know, in both PHP and MySQL. You need to escape them for your query or they will escape themselves.
$datastore = $this->db->escape($client_details['datastore']);
$sql = "INSERT INTO table (datastore) VALUES ('$datastore')";
I'm pretty sure mysql_real_escape_string()
would be fine as well, but we're using CI so might as well make the most of it.
Consider using CI's Active Record, which escapes all queries automatically, or query bindings (reference in linked page), otherwise you must do it manually as usual.
More on escaping queries with CI: http://codeigniter.com/user_guide/database/queries.html
精彩评论