Method:
tidyInput()
Class:
SQL
Method Call:
include_once("core/sql/SQL.php");
$db = new SQL();
STRING $db->tidyInput(STRING: $input);
Description:
Returns a string that has been trimmed (left and right whitespace removal), escaped and quoted with adoDB's qstr() method and should be used on all data that
forms part of a condition string passed to the select(), insert() and update() methods etc.
This method is called internally on the $fields parameter of select(), selectNoExecute(), insert(), update() and updateSingle() methods.
Usage:
For example (assuming the database object exists within a class as $this->db):
$tables = array("WKX_resource");
$fields = array("title", "subtitle");
$condition = "WHERE " . $this->db->formatField('id') . "=" . $this->db->tidyInput("wikindx's methodology");
$recordset = $this->db->select($tables, $fields, $condition);
'title' and 'subtitle' above will be quoted and escaped automatically, but you should explicitly call the tidyInput() method on the value in the condition clause.