Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re^8: Removing malicious HTML entities (now with more questions!)

by techcode (Hermit)
on Sep 08, 2008 at 12:00 UTC ( #709737=note: print w/ replies, xml ) Need Help??


in reply to Re^7: Removing malicious HTML entities (now with more questions!)
in thread Removing malicious HTML entities (now with more questions!)

Ugh I had to write so much of code that resembles what you have there - that at the end I wrote my own little DB "abstraction" (more like SQL generator and executer) to re-factor all that. It generates SQL by using placeholder for everything (values) and based on fields available in data/form and table. So I ended up with something like:

$DB->insert_record( table => 'mytable', data => $form, ); # But if you want timestamp => NOW() it should not be used as # placeholder so I added another parameter marking which fields # should be included as they are ... Of course this particular # example would better been done by setting default value of # timestamp field to NOW() and sending nothing here.... $form->{timestamp} ||= 'NOW()'; $DB->insert_record( table => 'mytable', data => $form, as_is_fields => $form->{timestamp} eq 'NOW()' ? [qw/timestamp/] : [ +], );
Now days I just pass around hashrefs from CGI to my DB-thing (through HTML::Entity and Data::FormValidator first), and from DB-thing to TemplateToolkit on output. And just take care to use same field names in all of those - so that DB-thing could do it's magic.

Have you tried freelancing/outsourcing? Check out Scriptlance - I work there since 2003. For more info about Scriptlance and freelancing in general check out my home node.


Comment on Re^8: Removing malicious HTML entities (now with more questions!)
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://709737]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (20)
As of 2014-07-11 17:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    When choosing user names for websites, I prefer to use:








    Results (232 votes), past polls