in reply to Re: Re: Getting MySQL Data into an Array.
in thread Getting MySQL Data into an Array.

There are some nitpicks I do have with this tutorial.

First of all, it's the absence of use strict;, which is not really good in code that will be cut, pasted and modified, possibly with typos.

The mix of implicit return values and explicit return ($sth) statements is also likely to bother the newbie.

The author also seems to never have heard of the quote method (see http://mysql.turbolift.com/mysql/DBD_3.21.X.php3#quote for example). I'm not sure if this method is available under every database driver, but it's at least worth a mention.

Another problem comes from the naive error-handling approach when mixing CGI and the rest of the world - the author prints the full error message back to the end user, something which will at best confuse the end user, in the worst case this will provide crucial information to an attacker. Of course, the topic of the tutorial is databases and not CGI, but why mix in CGI in the first place ?

perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ;    # The  
$d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider
($c = $d->accept())->get_request(); $c->send_response( new   #in the
HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' #  web

[download]

Replies are listed 'Best First'.
Re: Re: Re: Re: Getting MySQL Data into an Array.
by Parham (Friar) on Jan 07, 2002 at 03:03 UTC
    I won't disagree with you Corion because "perlguy" does in fact do a few things incorrect. The filter() and Do_SQL() subroutines don't seem all too practical and 'clear'. On the other hand, "perlguy" understandably explains how to SELECT, INSERT, DELETE and UPDATE database entries which i believe were the key points of the tutorial. It is one of the few (only one i found) tutorials which give you an entire program to disect with line-by-line explanations of what is going on.
[reply]

In Section Seekers of Perl Wisdom