in reply to Re^2: Executing code stored in a database..
in thread Executing code stored in a database..

Don't insert plain text into a SQL statement!!! Escape properly or use placeholders. 

my $sql = "SELECT script FROM scripts where name=?";
my $sth = $dbh->prepare($sql);
$sth->execute($ref->{name});

[download]

What's with putting everything in quotes? 

"$sql"                 ->  $sql
"$row_hash->{script}"  ->  $row_hash->{script}
"$script"              ->  $script

[download]

Or a here-doc? 

$r->puts(<<"END");     \
$post                   >  $->puts($post)
END                    /

[download]

Why loop when you only want one variable? 

my $row_hash = $sth->fetchrow_hashref()
   or die(...);

$script = $row_hash->{script};

[download]

Finally, "doesn't work" is a very useless problem description. Please provide more details.

...although returning one probably won't help if you use it that way. 

my $result = eval $script;
defined($result)
   or die(...);

$post .= $result;

[download]

In Section Seekers of Perl Wisdom