I'm very new php-activerecord. Is there a way auto escape all of my post/get data before update or insert records?
class User extends ActiveRecord\Model {...}
class Blog extends MY_Controller
{
function test()
{
$user = User::find('last');
$user->first_name = 'test"quot' . "es'zzz";
$user->save();
}
}
// inserted data
// first_name = test"quotes'zzz
Have a look at Query Bindings
The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.