in reply to Re: Parsing text-based queries to SQL queries
in thread Parsing text-based queries to SQL queries

Placeholders are the safety net against SQL injection attacks; hence my desire to find a way to use them. But thanks for clarifying the problem; I wasn't explicit enough about the security issue.

Sean
  • Comment on Re^2: Parsing text-based queries to SQL queries

Replies are listed 'Best First'.
Re^3: Parsing text-based queries to SQL queries
by dragonchild (Archbishop) on Sep 29, 2005 at 12:06 UTC
    Actually, they're only one part of it. The bigger part is the execution of only one statement at a time. Some DBD's will allow you to restrict yourself to one SQL statement per $sth, which is the big win.
    My criteria for good software:
    1. Does it work?
    2. Can someone else come in, make a change, and be reasonably certain no bugs were introduced?
[reply]

In Section Seekers of Perl Wisdom