Beware of the false sense of being secured, and instead, be paranoid! You can enver know, how weird ideas other might have to crack your tiny little script...
Although using placeholders is considered to be a good practice, here SQL Injection myths under DBI? you will find an extensive discussion on this topic and a bazillion of ideas on how to crack SQL queries. Pick the one you most like!
I think that it is more of a phylosophical question than a practical one: the point is that one should never ever post production CGI code on public forums!
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.
| & || & |
| < || < |
| > || > |
| [ || [ |
| ] || ] ||