Codeigniter mysql DESCRIBE

Question

I'm a bit new to codeigniter and I'm trying to run this simple query:

DESCRIBE `table_name`;

I tried this:

$sql = 'DESCRIBE ?';
$desc = $this->db->query($sql, $table)->result();

Which creates this query:

DESCRIBE 'table_name';

As you can see, the wrong quotes are being outputted when I bind the $table variable; they are value quotes ('), not table quotes (`). Am I doing this wrong?

thank you!

Answer 1

CodeIgniter's query bindings will escape things for you. It assumes that the data is a value, not a table name.

You're gunna have to escape the value yourself.

$table = $this->db->escape_str($table);
$sql = "DESCRIBE `$table`";
$desc = $this->db->query($sql)->result();