in reply to Re^3: Can I tell if DBI's quote() was used?
in thread Can I tell if DBI's quote() was used?

Yes, for detecting things that are not quoted, I can insert a sanity check everywhere. So, if I have this: 

$dbh->do( "DELETE FROM user WHERE name = $name" );

[download]

...I can do this: 

ensure_quoted( $name );
$dbh->do( "DELETE FROM user WHERE name = $name" );

sub ensure_quoted {
    return if ref $_[0] ne ''
           && $_[0]->isa( 'Magic::DBI::Quote' );
    if ( $just_fix_it ) {
        # replace caller's variable
        $_[0] = $dbh->quote( $_[0] );
    }
    elsif ( $raise_the_red_flag ) {
        die "Oh noes! Unquoted string '$_[0]'";
    }
}

[download]

This is still considerable work, but at least I don't have to figure out where $name came from.

In Section Seekers of Perl Wisdom