开发者

Codeigniter auto removes slashes in db queries?

I have a SQL INSERT query that has a field that has a slash in it. Here is the string in PHP:

'\\\\192.168.2.10\\datastore'

Here it is when I echo it out:

'\\192.168.2.10\datastore'

The above string is part of a query and is used in this method:

$this->db->query($sql);

However, when I view the database it has been written as:

\192.168.2.10datastore

How can I stop this from happening? What do I turn off to stop codeigniter from 开发者_运维问答doing this?

Update

var $clients_array = array(
    1 => array('datastore' => '\\\\192.168.2.10\\datastore'),
);

function(){

//loop here

$client_details = $this->clients_array[1];
$datastore = $client_details['datastore']; 

$sql = "INSERT INTO table (datastore) VALUES ('$datastore')";

//$sql = "INSERT INTO table (datastore) VALUES ('".$datastore."')"; //tried this too

echo $sql;

if($this->db->query($sql)){}

}


I may be overlooking something, but those backslashes are escape characters as you know, in both PHP and MySQL. You need to escape them for your query or they will escape themselves.

$datastore = $this->db->escape($client_details['datastore']);
$sql = "INSERT INTO table (datastore) VALUES ('$datastore')";

I'm pretty sure mysql_real_escape_string() would be fine as well, but we're using CI so might as well make the most of it.

Consider using CI's Active Record, which escapes all queries automatically, or query bindings (reference in linked page), otherwise you must do it manually as usual.

More on escaping queries with CI: http://codeigniter.com/user_guide/database/queries.html

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜