phpcodeigniteractiverecordwhere-clauseescaping

Unexpected auto-quoting in rendered SQL when passing a string of conditions to CodeIgniter's where() method


I'm referring to the CodeIgniter user guide to write a custom where clause. as per the guide it says for custom where clauses write like this.

$where = "name='Joe' AND status='boss' OR status='active'";
$this->db->where($where); 

but when I use in my model browser is throwing an error.

A Database Error Occurred

Error Number: 1054

Unknown column 'user_name='Joe'' in 'where clause'

SELECT * FROM (`Management`) WHERE `user_name='Joe'` AND password='boss' OR password='active'

Filename: /var/www/models/hr_login_model.php

Line Number: 28

this is just a testing query. my actual query is dynamic one and it is also giving this error.

$where = "user_name='".$username."' AND password='".$password."' AND Department='".$dep_br."' OR Br_no='".$dep_br."'";

Why is it always wrapping the column name and the value in identifier quotes?


Solution

  • use following

    $where = "user_name='$username' AND password='$password' AND (Department='$dep_br' OR Br_no='$dep_br')";