in reply to Escaping %params

That is not a guaranteed method to prevent SQL injection. If instead you use placeholders and bind arguments you will catch the injections.

Replies are listed 'Best First'.
Re^2: Escaping %params
by DaisyLou (Sexton) on Jan 20, 2014 at 22:22 UTC
    I know it's not perfect -- just looking for something untikl we get a more permanent soultion in place like what you suggested.
[reply]

In Section Seekers of Perl Wisdom