There's more than one way to do things | |
PerlMonks |
Re: Use PPI to Find SQL Injection Attacksby jZed (Prior) |
on Aug 14, 2007 at 18:14 UTC ( [id://632560]=note: print w/replies, xml ) | Need Help?? |
Unless I'm misreading, some of the more serious false negatives include:
A better approach might be to find all the prepare() and do() statements and run them through a safe DBI subclass that does the prepare and evaluates what it prepared.
In Section
Cool Uses for Perl
|
|