Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re: DBI and stored procedures

by dsheroh (Parson)
on Nov 05, 2012 at 12:01 UTC ( #1002313=note: print w/ replies, xml ) Need Help??


in reply to DBI and stored procedures

Regardless of SQL injection concerns, you should be validating pretty much all entered data anyhow, except for perhaps freeform "comments" fields and the like.

Is it a date field? You need to validate that it's a good date, and not 2009-02-29. Is it a credit card number? Validate that it's sixteen digits and the check digit is correct. Etc. Unless these things are being verified in the stored proc, you need to check them in code before sending it to the database.


Comment on Re: DBI and stored procedures

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1002313]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (9)
As of 2014-12-27 08:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls