in reply to DBI confusion
What I do in my scripts is setting the RaiseError option to 1, and let it take care of all errors.
Then you can do something along these lines:
my $sth = $dbh->prepare("SELECT password FROM table WHERE userName = ? +"); $sth->execute($username); if ($sth->selectrow_array){ print "logged in\n"; }
Please don't ever interpolate data into your SQL queries, use placeholders like I did in the example above. If you interpolate data, you're not safe against SQL injection - what if the user name actually is evil ' or '' = '?
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^2: DBI confusion
by choroba (Cardinal) on Jun 01, 2017 at 08:45 UTC |
In Section
Seekers of Perl Wisdom