Safety of concatenating query stringby bradcathey (Prior)
|on Jun 23, 2011 at 16:38 UTC||Need Help??|
bradcathey has asked for the
wisdom of the Perl Monks concerning the following question:
I've always used placeholders, but was wondering about the safety, or not, of concatenating a query statement with column names. So, note the concatenation at the end of $stmt = below:
vs. the long-hand method:
Obviously the first one is a bit more streamlined, but unsure of the safety of it. Thoughts?
"The important work of moving the world forward does not wait to be done by perfect men." George Eliot