Re: Object Identifier?

Slightly change 2 lines to make your code more secure:


OLD:
$sql = "select list_id from campaign_list where campaign_id = $campaig
+n_id";

NEW:
$sql = "select list_id from campaign_list where campaign_id = ?";

OLD:
$sth->execute();

NEW:
$sth->execute($campaign_id);
[download]

Because $campaign_id comes from the user it is very dangerous to use in a database query unless it is properly handled and placeholders (the ? thingy) does that for you.

Comment on Re: Object Identifier? Download Code

Replies are listed 'Best First'.
Re^2: Object Identifier? by damfer21 (Novice) on Oct 22, 2018 at 22:01 UTC
Awesome. Thanks. Any idea how to make the `$last240_flag` work like the others?	[reply] [d/l]
Re^3: Object Identifier? by Anonymous Monk on Oct 22, 2018 at 23:45 UTC
I think you need to follow this advice from haj and edit camp_copy_schedule_save.cgi to receive the new value you added.	[reply]
Re^4: Object Identifier? by damfer21 (Novice) on Oct 23, 2018 at 00:35 UTC
Ok. Thanks for the help. Working on it.	[reply]

In Section Seekers of Perl Wisdom