Codeigniter this-> db->查询 [英] Codeigniter this->db->query

问题描述

$ this-db-> query（）是否具有mysql注入保护？我想知道是因为我在实例中使用了此方法，却没有做任何防止SQL注入的操作。

Does $this-db->query() have mysql injection protection? I was wondering because I use this in instances and have not done anything to protect against sql injection.

推荐答案

ActiveRecord样式的查询

The ActiveRecord style of querying with CodeIgniter escapes parameters, but not query().

您可以按以下方式使用活动记录：

You can use active record in this manner:

$someAge = 25;
$this->db->select('names, age');
$query = $this->db->get_where('people', array('age' => '>' . $someAge));

在此处了解更多信息： https://www.codeigniter.com/userguide2/database/active_record.html

Read more about it here: https://www.codeigniter.com/userguide2/database/active_record.html

这篇关于Codeigniter this-> db->查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！