Re: Re: Re: MySQL count with DBI

Yeah you are right, I should have been more discriminating when I copied stephen's tut, however, Im not sure why you say:
> it is vastly clearer and safer to explicitly write SQLs explicitly into a variable, rather than read them from STDIN.
Where is my snippet doing that?

Smitz

Comment on Re: Re: Re: MySQL count with DBI

Replies are listed 'Best First'.
Re: Re: Re: Re: MySQL count with DBI by Itatsumaki (Friar) on May 09, 2003 at 16:45 UTC
In fact you are not: I just skimmed your code too quickly and mis-read the <<SQL as <STDIN> for some reason. My bad. On the other hand, I do think it is much better to avoid allowing an application to receive a SQL statement as a parameter. That opens up lots of scope for problems, but you probably already knew that. :) Update in bold. Who knew one little word could make it mean the exact opposite of what I intended? :)	[reply]

Replies are listed 'Best First'.

Re: Re: Re: Re: MySQL count with DBI
by Itatsumaki (Friar) on May 09, 2003 at 16:45 UTC

In fact you are not: I just skimmed your code too quickly and mis-read the <<SQL as <STDIN> for some reason. My bad.

On the other hand, I *do* think it is much better to avoid allowing an application to receive a SQL statement as a parameter. That opens up lots of scope for problems, but you probably already knew that. :)

Update in bold. Who knew one little word could make it mean the exact opposite of what I intended? :)

[reply]