Kohana v3, automatically escape illegal characters?

Posted by Dom on Stack Overflow See other posts from Stack Overflow or by Dom
Published on 2010-05-02T20:04:35Z Indexed on 2010/05/02 22:08 UTC
Read the original article Hit count: 300

Filed under:

kohana-3

|

kohana-orm

|

php

|

sql

|

security

Quick question, does Kohana (version 3) automatically escape data that is passed into ORM::factory..... (and everywhere else that has to do with the database)?

For example:

$thread = ORM::factory('thread', $this->request->param('id'));

Would the data passed in the second argument be auto-escaped before it goes in the SQL query or do I have to manually do it? Probably a stupid question and it's better to be safe than sorry, but yeah... I usually do manually escape the data, but I want to know if Kohana does this for me?

Thanks

© Stack Overflow or respective owner

Related posts about kohana-3

Kohana 3: How to find the active item in a dynamic menu

as seen on Stack Overflow - Search for 'Stack Overflow'
Maybe not the best explanation, but hear me out. Say I have the following in a config file called menu.php: // Default controller is 'home' and default action is 'index' return array( 'items' => array( 'Home' => '', 'News' => 'news', 'Resources' => 'resources', … >>> More
How to arrange models, views, controllers in a Kohana 3 project

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm looking at how to set up a mid-sized web application with Kohana 3. I have implemented MVC patterns in the past but never worked against a "formalized" MVC framework so I'm still getting my head around the terminology - toying around with basic examples, building views and templates, and so on… >>> More
How to arrange models, views, controllers in a new Kohana 3 project

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm looking at how to set up a mid-sized web application with Kohana 3. I have implemented MVC patterns in the past but never worked against a "formalized" MVC framework so I'm still getting my head around the terminology - toying around with basic examples, building views and templates, and so on… >>> More
Arranging models, views, controllers in a Kohana 3 project

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm looking at how to set up a mid-sized web application with Kohana 3. I have implemented MVC patterns in the past but never worked against a "formalized" MVC framework so I'm still getting my head around the terminology - toying around with basic examples, building views and templates, and so on… >>> More
Favourite Kohana Tips & Features?

as seen on Stack Overflow - Search for 'Stack Overflow'
Inspired from the other community wiki's, I'm interested in hearing about the lesser known Kohana tips, tricks and features. Please, include only one tip per answer. Add Kohana versions if necessary. This a community wiki. >>> More

Related posts about kohana-orm

Kohana ORM get one record in many-to-many relationship

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Guys, I've got two tables (items / tags). Item has and belongs to many tags - tag has and belongs to many items. It's no problem for me to fetch all related tags like: $item = ORM::factory('item', 4); foreach($item->tags as $tag){....} But how can i fetch only one... and maybe a specific… >>> More
Kohana ORM Aliasing and "Trying to get property of non-object"

as seen on Stack Overflow - Search for 'Stack Overflow'
I have the following tables in the database: teams: id name matches: id team1_id team2_id I've defined the following ORM models in my Kohana application: class Match_Model extends ORM { protected $belongs_to = array('team1_id' => 'team', 'team2_id' => 'team'); } class Team_Model… >>> More
How do I relate tables with different foreign key names in Kohana ORM?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm building a Kohaha application to manage sip lines in asterisk. I'm wanting to use ORM but I'm wondering how do relate certain tables that are already well established. e.g. the table sip_lines looks like this. +--------------------+------------------+------+-----+-------------------+-----------------------------+ |… >>> More
Kohana ORM syntax question

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using the "join_table" function with Kohana's ORM to build a query. The following works: $category = ORM::factory('category')->join_table('product'); But this doesn't: $category = ORM::factory('category'); $category->join_table('product'); The documentation uses the second as an example… >>> More
Kohana v3 ACL A2 with database support

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am using Kohana V 3.0.3. I was looking for ACL library and found from http://dev.kohanaphp.com/projects A2 Kohana's ACL module. Apparently it's found that, it manages Roles,Resources and Rules using config file and authenticate object basis. I want it to be dynamic, like Resources and… >>> More