in reply to Re^7: DBH Insert of Binary Data
in thread DBH Insert of Binary Data

So now I'm getting curious: are there DBD drivers where you could get an SQL injection attack while still using the quote method correctly?

Just to make myself as clear as I can: I agree that using placeholders is usually the best and most efficient technique, but I am under the impression that using quote() would (or at least, should) catch all attempts of "breaking out of" an SQL value.

updated: s/attact/attack/

"What should it profit a man, if he should win a flame war, yet lose his cool?"

Replies are listed 'Best First'.
Re^9: DBH Insert of Binary Data
by jZed (Prior) on Mar 19, 2005 at 01:46 UTC 
    > are there DBD drivers where you could get an SQL injection
> attact while still using the quote method correctly?
    Not that I know of.
[reply]

In Section Seekers of Perl Wisdom