comment on

Don't beat yourself up too badly.

You appear to have simply made the mistake of writing code without knowing the first thing about what you are trying to do. For example, SQL Injection attacks are not to be avoided in the way that you tried (I will assume you tried).

Avoiding SQL Injection attacks with Perl's DBI is quite simple. Each DBD:: driver is free to implement things differently, but this is generally how you do it:

# Connect to the database:
my $dbh = DBI->connect($dsn, $username, $password);

# Prepare a statement using '?' placeholder:
my $sth = $dbh->prepare(<<"SQL");
  select *
  from table
  where something    = ?
  and something_else = ?
SQL

# Now supply the arguments - they will be properly escaped:
$sth->execute( $some_value, $another_value );

# We have avoided SQL Injection and can process our results:
while( my $record = $sth->fetchrow_hashref ) {
  # Process $record:
}
$sth->finish();
$dbh->disconnect();
[download]

The funny thing is - this axiom is fairly basic. One can hardly avoid finding an example of this pattern - if you simply read others' clean code.

The fact that you seem totally convinced that your new toolkit is somehow superior (or even on the same level as) other toolkits aiming to solve a similar problem is comical. It is comical because you clearly don't Get It on such a fundamental level (yet) that anything you write at this point should be regarded as dangerous and potentially problematic.

To illustrate this point, imagine leaving your car at the mechanic to have the brakes fixed. Hours later you come back and overhear the technician asking his co-worker, "Is it righty-tighty-lefty-loosey? I can never remember these things!"

Clearly you would be worried about having *him* work on your car!

I recommend you spend a year (yes, 12 months) reading the source code of at least one module per day checked-in to http://search.cpan.org/recent to remedy this problem. I think perhaps you are just "green" and haven't been exposed to actual Perl code, written by professionals, enough. Granted, there is some real crap that gets posted on there, but it's mostly good. CPAN's setup has a de facto requirement that "You must be this awesome to upload a Perl module" which precludes a lot of folks who simply have no clue about anything. Not all of them, but many. So reading a daily dose of http://search.cpan.org/recent will help you become a better programmer, just as reading classic literature will help you become a better writer than reading facebook comments would.

With patience and experience, you can make a great contribution. You already have the altruism and will - just improve on what you've already got which most people never muster.

In reply to Re: Moores Law, Perl and the future by jdrago999
in thread Moores Law, Perl and the future by simonodell

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Come for the quick hacks, stay for the epiphanies.
	PerlMonks