Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
Hi Monks,

I'm trying to see if I can run 2 commands in 1 with Perl's DBI module.  Here's my code:

$dbh->do("UPDATE person SET nickname = 'one' WHERE id=1") or die "Coul +d not execute #1: $DBI::errstr\n"; $dbh->do("UPDATE person SET nickname = 'two' WHERE id=1; UPDATE person + SET nickname = 'three' WHERE id=1") or die "Could not execute #2: $D +BI::errstr\n";
The output is: "Could not execute #2: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UPDATE person SET nickname = 'three' WHERE id=1' at line 1"

The result is, nickname ends up being = 'one'.

Questions:

1. If the error is with setting nickname = 'three', then why doesn't nickname end up being = 'two'?

2. Does DBI allow multiple SQL statements to be run in one invocation?  If so, how can that be done?

3. Or if not, why not? Is it to help prevent SQL injection, perhaps?  That's fine, as that's the reason for my test, but I'd like to see how to make it happen before I see if my methods of prevention are working.

Thanks.
tel2


In reply to Multiple SQL statements in DBI by tel2

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    [oiskuu]: glibc getlogin just does ttyname() and falls back on getutline(); it's not security related at all. (reminds me of sendmail and remote finger services of the naive early spam era)
    [Corion]: But yes, "who started this process" is interesting information :)
    [tye]: no, I really believe that "login user" was added as a fundamental bit of info about each process in order to enhance the usefulness of auditing
    [Corion]: Ah - if that information is saved in a file, then you could theoretically spam that file and confuse getlogin(). So, don't use it for authentication :)
    [tye]: that is what getlogin() certainly *used* to do. I don't believe that is what it certainly should do.
    [davido]: /var/run/utmp is 664 i think.
    [tye]: Note that my "man getlogin" says that it uses stdin when it should use /dev/tty (calling a glibc bug). But that does not appear to be the case when I test it. But maybe Perl's getlogin() is not using glibc's getlogin().
    [oiskuu]: well, run a strace and see what the getlogin does for you.... As I said. SELinux probably has those security labels. But not regular linux.
    [tye]: for example, read https://unix. stackexchange.com/ questions/146138/ loginuid-should-be -allowed-to-change -or-not-mutable-or -not
    [tye]: I'm not using SELinux and it certainly appears to disagree with you. shrug

    How do I use this? | Other CB clients
    Other Users?
    Others avoiding work at the Monastery: (9)
    As of 2017-06-23 19:44 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      How many monitors do you use while coding?















      Results (554 votes). Check out past polls.