Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine

Extensible DBI front-end

by TheoPetersen (Priest)
on Jul 17, 2001 at 21:35 UTC ( #97374=perlquestion: print w/replies, xml ) Need Help??
TheoPetersen has asked for the wisdom of the Perl Monks concerning the following question:

I haven't been a big fan of DBI front-ends in the past; I particularly don't care for the ones that try to make an abstract interface around SQL, since I always seem to run into something the interface doesn't handle. But I do appreciate centralized logging and debugging facilities and other such features.

Today I needed to add HTML screening to one of our sites, which uses a home-brewed wrapper around DBI for inserts and updates. That was fortunate, since I could go into the two methods and call escape_html on each value being passed to DBI's execute method. Neat and simple, but it got me wondering.

It seems like other sites and tools would benefit from having a front-end that prepares data before DBI writes it -- maybe you only want to screen some HTML tags, or check for naughty words or what ever. I went looking around for such a beast, but couldn't find one, nor could I see an easy way to put a hook for such into the DBI code (though I didn't look very hard).

I checked a few modules on CPAN that seemed likely contenders; DBIx::Abstract has most of the other features of our home-brew, and would be as easily modified to handle this, but doesn't have a quote/escape hook.

So, anyone know of a good module for doing this, an easy way to hook the code into DBI, or a better solution?

Replies are listed 'Best First'.
Re: Extensible DBI front-end
by Masem (Monsignor) on Jul 17, 2001 at 22:13 UTC
    Possibly overlooked, but easily plugged in (though non-module) is the approach the the Everything engine does. You can find it in their code, the upshot being that besides the conversion of the typical HTML symbols to the &###; variety, it also limits what HTML tags you can accept in an HTML field (including none), as well as the ability to limit what attributes in those tags are accepted.

    Mind you, I yet to see of a good DBI frontend that does any other preparsing beyond that of meta-quoting.

    Dr. Michael K. Neylon - || "You've left the lens cap of your mind on again, Pinky" - The Brain

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://97374]
Approved by root
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (9)
As of 2018-07-19 15:56 GMT
Find Nodes?
    Voting Booth?
    It has been suggested to rename Perl 6 in order to boost its marketing potential. Which name would you prefer?

    Results (411 votes). Check out past polls.