From 325197e700564f8e4e0ba7c9fc82abfd85f451b0 Mon Sep 17 00:00:00 2001
From: Rick Ellis <rick.ellis@ellislab.com>
Date: Mon, 20 Nov 2006 17:29:05 +0000
Subject:

---
 user_guide/database/helpers.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'user_guide/database/helpers.html')

diff --git a/user_guide/database/helpers.html b/user_guide/database/helpers.html
index 2b552f1c3..5ffe0c85c 100644
--- a/user_guide/database/helpers.html
+++ b/user_guide/database/helpers.html
@@ -117,6 +117,8 @@ $str = $this->db->insert_string('table_name', $data);
 <p>The first parameter is the table name, the second is an associative array with the data to be inserted.  The above example produces:</p>
 <code>INSERT INTO table_name (name, email, url) VALUES ('Rick', 'rick@your-site.com', 'www.your-site.com')</code>
 
+<p class="important">Note: Values are automatically escaped, producing safer queries.</p>
+
 
 
 <h2>$this->db->update_string(); </h2>
@@ -132,7 +134,7 @@ $str = $this->db->update_string('table_name', $data, $where);
 <p>The first parameter is the table name, the second is an associative array with the data to be inserted, and the third parameter is the "where" clause. The above example produces:</p>
 <code> UPDATE exp_weblog SET name = 'Rick', email = 'rick@your-site.com', url = 'www.your-site.com' WHERE author_id = 1 AND status = 'active'</code>
 
-
+<p class="important">Note: Values are automatically escaped, producing safer queries.</p>
 
 
 </div>
-- 
cgit v1.2.3-24-g4f1b