"be consistent" | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
OK.... I didn't know they were called placeholders until I came to this site. When I google searched for "mysql select placeholders", I discovered this: http://stackoverflow.com/questions/8054421/mysql-perl-placeholder-rules Says: "With most drivers, placeholders can't be used for any element of a statement that would prevent the database server from validating the statement and creating a query execution plan for it." So now I guess I need to sanitize the user input for the select statement so there is less risk of attack on that front and simply execute() with no arguments. In reply to Re^4: DBI variable argument count
by anothersmurf
|
|