I have the following function in my model that I want to use to search for phrases and so on. However if I pass in more than one word the spaces are always converted to the %20 symbol which breaks my query. How do I avoid this?
Also is this type of query secure by default in codeigniter? or do I need to escape $term first?
function get_search_entries($limit, $start, $term)
{
$this->db->select('statuses.id, title, status, posted_by, created, rating, name');
$this->db->from('statuses');
$this->db->join('categories', 'categories.id = statuses.category_id');
$this->db->where('MATCH (title, status) AGAINST ("'.$term.'")', NULL, FALSE);
$this->db->limit($limit, $start);
$query = $this->db->get();
if ($query->num_rows() > 0) {
return $query->result();
}
return false;
}
