Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Extensible DBI front-end

by TheoPetersen (Priest)
on Jul 17, 2001 at 21:35 UTC ( [id://97374]=perlquestion: print w/replies, xml ) Need Help??

TheoPetersen has asked for the wisdom of the Perl Monks concerning the following question:

I haven't been a big fan of DBI front-ends in the past; I particularly don't care for the ones that try to make an abstract interface around SQL, since I always seem to run into something the interface doesn't handle. But I do appreciate centralized logging and debugging facilities and other such features.

Today I needed to add HTML screening to one of our sites, which uses a home-brewed wrapper around DBI for inserts and updates. That was fortunate, since I could go into the two methods and call escape_html on each value being passed to DBI's execute method. Neat and simple, but it got me wondering.

It seems like other sites and tools would benefit from having a front-end that prepares data before DBI writes it -- maybe you only want to screen some HTML tags, or check for naughty words or what ever. I went looking around for such a beast, but couldn't find one, nor could I see an easy way to put a hook for such into the DBI code (though I didn't look very hard).

I checked a few modules on CPAN that seemed likely contenders; DBIx::Abstract has most of the other features of our home-brew, and would be as easily modified to handle this, but doesn't have a quote/escape hook.

So, anyone know of a good module for doing this, an easy way to hook the code into DBI, or a better solution?

Replies are listed 'Best First'.
Re: Extensible DBI front-end
by Masem (Monsignor) on Jul 17, 2001 at 22:13 UTC
    Possibly overlooked, but easily plugged in (though non-module) is the approach the the Everything engine does. You can find it in their code, the upshot being that besides the conversion of the typical HTML symbols to the &###; variety, it also limits what HTML tags you can accept in an HTML field (including none), as well as the ability to limit what attributes in those tags are accepted.

    Mind you, I yet to see of a good DBI frontend that does any other preparsing beyond that of meta-quoting.


    Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://97374]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others studying the Monastery: (7)
As of 2024-03-28 19:47 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found