class CI_Security xss_clean($str[, $is_image = FALSE]) Parameters: $str (mixed) – Input string or an array of strings Returns: XSS-clean data Return type: mixed Tries to remove XSS exploits from the input data and returns the cleaned string. If the optional second parameter is set to true, it will return boolean TRUE if the image is safe to use and FALSE if malicious data was detected in it. sanitize_filename($str[, $relative_path = FALSE]) Parameters: $str (string) – File

method([$upper = FALSE]) Parameters: $upper (bool) – Whether to return the request method name in upper or lower case Returns: HTTP request method Return type: string Returns the $_SERVER['REQUEST_METHOD'], with the option to set it in uppercase or lowercase. echo $this->input->method(TRUE); // Outputs: POST echo $this->input->method(FALSE); // Outputs: post echo $this->input->method(); // Outputs: post

get_temp_keys() Returns: Array containing the keys of all “tempdata” items. Return type: array Gets a list of all $_SESSION that have been marked as “tempdata”.

mdate([$datestr = ''[, $time = '']]) Parameters: $datestr (string) – Date string $time (int) – UNIX timestamp Returns: MySQL-formatted date Return type: string This function is identical to PHP’s date() function, except that it lets you use MySQL style date codes, where each code letter is preceded with a percent sign, e.g. %Y %m %d The benefit of doing dates this way is that you don’t have to worry about escaping any characters that are not date codes, as you would normally have t

affected_rows() Returns: Number of rows affected Return type: int Returns the number of rows changed by the last executed query. Useful for checking how much rows were created, updated or deleted during the last executed query.

referrer() Returns: Detected referrer or an empty string Return type: string The referrer, if the user agent was referred from another site. Typically you’ll test for this as follows: if ($this->agent->is_referral()) { echo $this->agent->referrer(); }

send_request() Returns: TRUE on success, FALSE on failure Return type: bool The request sending method. Returns boolean TRUE or FALSE based on success for failure, enabling it to be used conditionally.

In the last section, we went over some basic concepts of the framework by writing a class that includes static pages. We cleaned up the URI by adding custom routing rules. Now it’s time to introduce dynamic content and start using a database. Setting up your model Instead of writing database operations right in the controller, queries should be placed in a model, so they can easily be reused later. Models are the place where you retrieve, insert, and update information in your database or other

initialize([$params = array()]) Parameters: $params (array) – Configuration parameters Returns: CI_Pagination instance (method chaining) Return type: CI_Pagination Initializes the Pagination class with your preferred options.

repair_table($table_name) Parameters: $table_name (string) – Name of the table to repair Returns: Array of repair messages or FALSE on failure Return type: array Repairs a database table.