Re^2: Preventing malicious T-SQL injection attacks


Your skill will accomplish what the force of many cannot
	PerlMonks

Re^2: Preventing malicious T-SQL injection attacks

by Win (Novice)

on Mar 05, 2007 at 18:37 UTC ( #603262=note: print w/ replies, xml )

Need Help??

in reply to Re: Preventing malicious T-SQL injection attacks
in thread Preventing malicious T-SQL injection attacks

What is the best way of checking that the looked up value in the hash is the same as $elements_in_array for the key $SPROC?


  my %procs = (
         reception => 29
  );

    unless (exists $procs{$SPROC}) {
      die "Unknown stored proc: $SPROC\n";
    }

 $Command = join(' ', 
            'EXEC', 
            $SPROC, 
            join(', ', 
             @CHOICE[1 .. $elements_in_array])) . '';   

[download]

Comment on Re^2: Preventing malicious T-SQL injection attacks
Download Code

Re^3: Preventing malicious T-SQL injection attacks
by davorg (Chancellor) on Mar 05, 2007 at 19:50 UTC

What is the best way of checking that the looked up value in the hash is the same as $elements_in_array for the key $SPROC?

Ok, now I'm really puzzled. That's exactly the same check that you have been claiming is unnecessary. Why do you now want to add it?

But to answer your question, if you want to see if two numbers are equal, then I recommend the "==" operator.

<http://dave.org.uk>

"The first rule of Perl club is you do not talk about Perl club." -- Chip Salzenberg

[reply]

In Section Seekers of Perl Wisdom

Node Status^?

node history
Node Type: note [id://603262]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others romping around the Monastery: (3)

As of 2013-05-26 05:35 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

The best material for plates (tableware) is:

Results (524 votes), past polls