Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re: The art of error handlingby clscott (Friar) |
on Dec 20, 2000 at 04:36 UTC ( [id://47518]=note: print w/replies, xml ) | Need Help?? |
I think you're checking the user input at the wrong point if you're relying on the DBI::errstr to tell you that user input is invalid. From a security and usability stand point you should test your data long before you try and dump it into the database. I think the security part stands on it's own without further explanation. The earlier you detect a problem the easier it tends to be to deal with it. What if this program routinely took 10 or 15 minutes to get to the point where the insert happens and DBI::errstr is populated? Your users will be upset. Better options for detecting and reporting errors in web apps (in order of increasing ease of user interaction):
If you continue down the road you're on now are you really prepared to grep DBI::errstr for every partial error string that could be tossed from within the database? --Clayton
In Section
Seekers of Perl Wisdom
|
|