diff options
Diffstat (limited to 'user_guide')
| -rw-r--r-- | user_guide/changelog.html | 1 | ||||
| -rw-r--r-- | user_guide/database/queries.html | 9 |
2 files changed, 9 insertions, 1 deletions
diff --git a/user_guide/changelog.html b/user_guide/changelog.html index e12e343bc..164bf8a1f 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -71,6 +71,7 @@ SVN Revision: XXXX</p> <li>Added the ability to assign library objects to your own variable names when you use <kbd>$this->load->library()</kbd>. Please see the <a href="libraries/loader.html">Loader class</a> for more info.</li>
<li>Added controller class/method info to <a href="general/profiling.html">Profiler class</a>.</li>
<li>Improved the "auto typography" feature and moved it out of the helper into its own <a href="libraries/typography.html">Typography Class</a>.</li>
+ <li>Improved Active Record class to allow full path column and table names: hostname.database.table.column</li>
<li>Added <dfn>max_filename</dfn> option to set a file name length limit in the <a href="libraries/file_uploading.html">File Upload Class</a>.</li>
<li>Added <dfn>set_status_header()</dfn> function to <a href="libraries/output.html">Output class</a>.</li>
<li>Changed the output of the profiler to use style attribute rather than clear, and added the id "codeigniter_profiler" to the container div.</li>
diff --git a/user_guide/database/queries.html b/user_guide/database/queries.html index 1411e65db..35f2da786 100644 --- a/user_guide/database/queries.html +++ b/user_guide/database/queries.html @@ -84,9 +84,16 @@ It simply lets you submit a query. Most users will rarely use this function.</p> <p>If you have configured a database prefix and would like to add it in manually for, you can use the following.</p>
<p><code>$this->db->dbprefix('tablename');<br />
// outputs prefix_tablename</code></p>
+
+
<h1>Protecting identifiers</h1>
-<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. Active Record queries are automatically protected, however if you need to manually protect an identifier you can use:</p>
+<p>In many databases it is advisable to protect table and field names - for example with backticks in MySQL. <strong>Active Record queries are automatically protected</strong>, however if you need to manually protect an identifier you can use:</p>
<p><code>$this->db->protect_identifiers('table_name');</code></p>
+
+<p>This function will also add a table prefix to your table, assuming you have a prefix specified in your database config file. To enable the prefixing set <kbd>TRUE</kbd> (boolen) via the second parameter:</p>
+<p><code>$this->db->protect_identifiers('table_name', <kbd>TRUE</kbd>);</code></p>
+
+
<h1>Escaping Queries</h1>
<p>It's a very good security practice to escape your data before submitting it into your database.
CodeIgniter has two functions that help you do this:</p>
|