
Perl-Sensitive Sunglasses
	PerlMonks

Re: Avoiding SQL insecurities

by Belgarion (Chaplain)

on Jul 15, 2004 at 14:30 UTC ( [id://374774]=note: print w/replies, xml )

Need Help??

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.

in reply to Avoiding SQL insecurities

You may also want to look into something like Class::DBI as a means of interfacing with your database. Class::DBI handles the SQL translation correctly without any interaction by you.

Even if you don't end up using the module it is a good piece of code to study to see how to work with a database from within Perl.

Comment on Re: Avoiding SQL insecurities

Replies are listed 'Best First'.
Re^2: Avoiding SQL insecurities by eclark (Scribe) on Jul 15, 2004 at 21:38 UTC
Always use placeholders. Examples below. `$dbh->do('UPDATE table SET col = ? WHERE id = ?', {}, $value, $id); my $sth = $dbh->prepare('SELECT foo, bar FROM table WHERE baz = ?'); $sth->execute($baz);` [download]	[reply] [d/l]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://374774]
help

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Notices^?

	• hippo	‥ epoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
	• erzuuli	‥ Anonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.