Skip to content
Advertisement

can i use md5 hashed values inside $this->db->escape() in codeigniter,

when i tried to use md5 hashed values inside $this->db->escape() i’m getting error like below when i tried to fetch count of results “Call to a member function num_rows() on bool”

my code

$hashedUniqueId= md5($uniqueId);
$query = "select * from my_table where uId_hash= '".$this->db->escape($hashedUniqueId)."' AND password= '".$this->db->escape($password)."' ";
$result = $this->db->query($query);
print_r($result->num_rows());

Advertisement

Answer

You are making double escape as i see it. Remove the single quotes from $this->db->escape().

$query = "select * from my_table where uId_hash= ".$this->db->escape($hashedUniqueId)." AND password= ".$this->db->escape($password);

Or the better way is to set the variables in the $this->db->query($query); This way codeigniter will escape it for you.

$hashedUniqueId= md5( $uniqueId );
$query = "select * from my_table where uId_hash= ? AND password= ?";
$result = $this->db->query( $query, array( $hashedUniqueId, $password ) );
print_r($result->num_rows());
User contributions licensed under: CC BY-SA
4 People found this is helpful
Advertisement