in reply to Re: Simple question on SQL Injection
in thread Simple question on SQL Injection
Ah...I tried place holders but that did not work for me..
I had to use DataObject to use GetTbl etc as thats the only way I can get to the database.
Is there anyother way I can use place holders if my D/B access look something like this:
use DataObject;
my $table = DataObject->GetTbl("table");
my $query = <<_QUERY_;
select * from table where column is xyz
_QUERY_
DataObject->SetDBIdent("MYDB");
my $results = DataObject->DoSql($query);
Thanks
In Section
Seekers of Perl Wisdom