use the TaintOut => 1 argument to DBI->connect

++ Very cool thing that is, indeed. Put that in my dbconn subroutine, plus what I already have in my input-getting function, and I don't have to worry so much about forgetting to mark something as tainted.

I still have to remember to encode entities on untrusted data going to the browser, though.

$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/
[download]