I find I need to write queries without using CI’s active record frequently for

Question

0

Asked: May 27, 20262026-05-27T15:58:06+00:00 2026-05-27T15:58:06+00:00

I find I need to write queries without using CI’s active record frequently for

0

I find I need to write queries without using CI’s active record frequently for example:

$query = "INSERT INTO votes (userid, itemId) VALUES ({$userId},{$itemId})
                      ON DUPLICATE KEY UPDATE weight = {$vote}";

$query = $this->db->query($query);

Should I be worried about performance or security loss because of this?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T15:58:06+00:00

You may use Query Bindings, you can enjoy flexibility with security. But you my not be able switch database in future.

http://codeigniter.com/user_guide/database/queries.html

Example:

$sql = "SELECT * FROM some_table WHERE id = ? AND status = ? AND author = ?"; 

$this->db->query($sql, array(3, 'live', 'Rick'));

The secondary benefit of using binds is that the values are
automatically escaped, producing safer queries. You don’t have to
remember to manually escape data; the engine does it automatically for
you.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I find I need to write queries without using CI’s active record frequently for

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply