diff options
Diffstat (limited to 'user_guide/database/queries.html')
-rw-r--r-- | user_guide/database/queries.html | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/user_guide/database/queries.html b/user_guide/database/queries.html index 1411e65db..35f2da786 100644 --- a/user_guide/database/queries.html +++ b/user_guide/database/queries.html @@ -84,9 +84,16 @@ It simply lets you submit a query. Most users will rarely use this function.</p> <p>If you have configured a database prefix and would like to add it in manually for, you can use the following.</p>
<p><code>$this->db->dbprefix('tablename');<br />
// outputs prefix_tablename</code></p>
+
+
<h1>Protecting identifiers</h1>
-<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. Active Record queries are automatically protected, however if you need to manually protect an identifier you can use:</p>
+<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. <strong>Active Record queries are automatically protected</strong>, however if you need to manually protect an identifier you can use:</p>
<p><code>$this->db->protect_identifiers('table_name');</code></p>
+
+<p>This function will also add a table prefix to your table, assuming you have a prefix specified in your database config file. To enable the prefixing set <kbd>TRUE</kbd> (boolen) via the second parameter:</p>
+<p><code>$this->db->protect_identifiers('table_name', <kbd>TRUE</kbd>);</code></p>
+
+
<h1>Escaping Queries</h1>
<p>It's a very good security practice to escape your data before submitting it into your database.
CodeIgniter has two functions that help you do this:</p>
|