Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Multiple SQL statements in DBI

by davido (Archbishop)
on Sep 07, 2012 at 08:24 UTC ( #992264=note: print w/ replies, xml ) Need Help??


in reply to Multiple SQL statements in DBI

What are you actually trying to accomplish? I mean what do you want to gain by running two statements in a single call? Are you trying to achieve an atomic operation? Some efficiency issue? Or just trying to save a few keystrokes?

Depending on the answer to that question, we can probably help guide you to an actual solution.


Dave


Comment on Re: Multiple SQL statements in DBI
Re^2: Multiple SQL statements in DBI
by tel2 (Scribe) on Sep 07, 2012 at 21:21 UTC
    Sorry Dave - I should have made that clearer.  My reason is (hidden) in question 3.

      Ah, in that case:

      Placeholders and bind-values are what you should be using. They would prevent the possibility of an SQL injection attack. Even if the semicolon isn't the issue, there are other things user-supplied input could do when interpolated into the middle of an SQL statement. But placeholders eliminate the interpolation, and overcome that issue. While you might not be able to construct an attack with a semicolon, I wouldn't be too confident that you've eliminated all attack vectors. At least with placeholders you can cross the SQL injection attack off the list.


      Dave

        Thanks Dave.  Yeah - I've been using placeholders & bind-variables, but did wonder about the need for those given my findings with DBI not allowing multiple statements, but you've semi-answered that, so thanks!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://992264]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (3)
As of 2014-07-24 03:41 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (156 votes), past polls