Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re^5: untainting or encoding for shelled sqlplus update

by goibhniu (Hermit)
on May 15, 2008 at 21:05 UTC ( #686811=note: print w/ replies, xml ) Need Help??


in reply to Re^4: untainting or encoding for shelled sqlplus update
in thread untainting or encoding for shelled sqlplus update

I've been looking at Interpolate. How would that take care of bad characters in $bar in your example?


#my sig used to say 'I humbly seek wisdom. '. Now it says:
use strict;
use warnings;
I humbly seek wisdom.


Comment on Re^5: untainting or encoding for shelled sqlplus update
Re^6: untainting or encoding for shelled sqlplus update
by runrig (Abbot) on May 15, 2008 at 21:28 UTC
    Start with what Herkum suggests above. Make one database handle. But then create a function that (maybe untaints the data and then) calls $dbh->quote() on its argument and returns the results, then use Interpolate to tie a hash to that function. Or, don't use DBI, and just wing it to create your own escaping function.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://686811]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (9)
As of 2014-07-14 08:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    When choosing user names for websites, I prefer to use:








    Results (256 votes), past polls