in reply to Re^3: unsupported REQUEST_METHOD?
in thread unsupported REQUEST_METHOD?

Please excuse my ignorance, but if I were to use CGI how would I change my code to reflect this?

Thanks for you help!

Replies are listed 'Best First'.
Re^5: unsupported REQUEST_METHOD?
by Anonymous Monk on Nov 15, 2009 at 18:54 UTC
    To continue using $formValues as you were, you could 
    use CGI 'param';
my %formValues = map { $_ => scalar param($_) } param;

    [download]
    You really shouldn't embed variables in your SQL queries, this can lead to SQL injection attacks ( http://xkcd.com/327/, http://bobby-tables.com/). If you insist on using $dbh->do you should use $dbh->quote like 
    
$dbh->do(
    sprintf "Insert into sell values (%s)",
    join ' , ', map { $dbh->quote($_) }
      $tid,
    $formValues{'salesperson'},
    $clid,
    $formValues{'comid'},
    $formValues{'ps'},
    $formValues{'ds'},
);

    [download]
    See DBI recipes
[reply]
[d/l]
[select]

      I must thank you for your help. However, I would like to move this problem out of the forum, if you are willing? Can you send me a private message with your e-mail address? I would like to build a secure and correct front end for this database. If you would like to continue helping me via e-mail I would greatly appreciate it!

      Thanks, Josh

[reply]

In Section Seekers of Perl Wisdom