in reply to Re^2: unsupported REQUEST_METHOD?
in thread unsupported REQUEST_METHOD?

If you want to focus on database design and queries use CGI, parseForm is a complete waste of time. Hand parsing CGI has been a bad idea for 16 years now, since 1993, really. Tell your classmates, tell your teacher, use CGI or die;

Replies are listed 'Best First'.
Re^4: unsupported REQUEST_METHOD?
by jtm62 (Initiate) on Nov 15, 2009 at 18:30 UTC

    Please excuse my ignorance, but if I were to use CGI how would I change my code to reflect this?

    Thanks for you help!

[reply]
      To continue using $formValues as you were, you could 
      use CGI 'param';
my %formValues = map { $_ => scalar param($_) } param;

      [download]
      You really shouldn't embed variables in your SQL queries, this can lead to SQL injection attacks ( http://xkcd.com/327/, http://bobby-tables.com/). If you insist on using $dbh->do you should use $dbh->quote like 
      
$dbh->do(
    sprintf "Insert into sell values (%s)",
    join ' , ', map { $dbh->quote($_) }
      $tid,
    $formValues{'salesperson'},
    $clid,
    $formValues{'comid'},
    $formValues{'ps'},
    $formValues{'ds'},
);

      [download]
      See DBI recipes
[reply]
[d/l]
[select]

        I must thank you for your help. However, I would like to move this problem out of the forum, if you are willing? Can you send me a private message with your e-mail address? I would like to build a secure and correct front end for this database. If you would like to continue helping me via e-mail I would greatly appreciate it!

        Thanks, Josh

[reply]

In Section Seekers of Perl Wisdom