in reply to encoding to prevent sql injection in both perl and php
Given that you seem to be talking about binary values, what are you storing?
The sqlite_escape_string() function probably does much the same as the quote method in DBI, which of course is really surplanted by using placeholders.
If you need true binary capability then MIME::Base64 is probably as good as anything. But it seems you really only want escaped values. Try writing the escaped version into SQLite and see what DBI reads back!
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^2: encoding to prevent sql injection in both perl and php
by mandog (Curate) on Aug 24, 2006 at 21:44 UTC |
In Section
Seekers of Perl Wisdom