summaryrefslogtreecommitdiffstats
path: root/user_guide/database
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide/database')
-rw-r--r--user_guide/database/queries.html9
1 files changed, 8 insertions, 1 deletions
diff --git a/user_guide/database/queries.html b/user_guide/database/queries.html
index 1411e65db..35f2da786 100644
--- a/user_guide/database/queries.html
+++ b/user_guide/database/queries.html
@@ -84,9 +84,16 @@ It simply lets you submit a query. Most users will rarely use this function.</p>
<p>If you have configured a database prefix and would like to add it in manually for, you can use the following.</p>
<p><code>$this-&gt;db-&gt;dbprefix('tablename');<br />
// outputs prefix_tablename</code></p>
+
+
<h1>Protecting identifiers</h1>
-<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. Active Record queries are automatically protected, however if you need to manually protect an identifier you can use:</p>
+<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. <strong>Active Record queries are automatically protected</strong>, however if you need to manually protect an identifier you can use:</p>
<p><code>$this-&gt;db-&gt;protect_identifiers('table_name');</code></p>
+
+<p>This function will also add a table prefix to your table, assuming you have a prefix specified in your database config file. To enable the prefixing set <kbd>TRUE</kbd> (boolen) via the second parameter:</p>
+<p><code>$this-&gt;db-&gt;protect_identifiers('table_name', <kbd>TRUE</kbd>);</code></p>
+
+
<h1>Escaping Queries</h1>
<p>It's a very good security practice to escape your data before submitting it into your database.
CodeIgniter has two functions that help you do this:</p>