In my CodeIgniter, I'm binding my query to a set of variables.
$q = "SELECT * FROM my_table WHERE name=? ORDER BY ?"; $name = $this->input->get("name"); $order_by = $this->input->get("order_by"); $this->db->query($q, array($name, $order_by)); But "order_by" isn't working properly. I've searched through, but I'm not sure how to "sanitize" the "order by" clause.