Hello i have read that "Codeigniter update and insert function values are escaped automatically producing safer queries."
But i tried to insert the data with the single quote in my contactUs form. But i have noticed that single quote is added in my database.
Here is my code
Controller:
$data=array('name'=>$this->input->post('name'),'EmailId'=>$this->input->post('emailid'));
$this->mymodel->insert_data('mytable',$data);//Sending data to the model
Model
public function insert_data($table,$data)
{
$this->db->insert($table,$data);
return 'success.';
}
Any suggetions???
Thanks in Advance
