Most people would agree with you. There are several reasons I do not
prefer this route:
- I will be using, or attempting to use, the full potential of a Perl regex for the query, and converting this to an SQL query would be quite complicated, perhaps impossible (at least for me).
- Because users will be allowed to enter their own regex for the query, not running their regex on the SQL database gives me a Taint-like layer of protection, as there is zero chance of database manipulation, and nothing will be done/executed on the server with the query output.
- I trust Perl over MySQL/MariaDB to securely, reliably, and efficiently meet my needs.