TheoPetersen has asked for the wisdom of the Perl Monks concerning the following question:
Today I needed to add HTML screening to one of our sites, which uses a home-brewed wrapper around DBI for inserts and updates. That was fortunate, since I could go into the two methods and call escape_html on each value being passed to DBI's execute method. Neat and simple, but it got me wondering.
It seems like other sites and tools would benefit from having a front-end that prepares data before DBI writes it -- maybe you only want to screen some HTML tags, or check for naughty words or what ever. I went looking around for such a beast, but couldn't find one, nor could I see an easy way to put a hook for such into the DBI code (though I didn't look very hard).
I checked a few modules on CPAN that seemed likely contenders; DBIx::Abstract has most of the other features of our home-brew, and would be as easily modified to handle this, but doesn't have a quote/escape hook.
So, anyone know of a good module for doing this, an easy way to hook the code into DBI, or a better solution?