There are a lot of things going on around here. You need to study how Win32::ODBC module works, how methods are called, how subroutine works, etc...
I would recommend reading the following books:
Learning Perl
and Intermediate Perl. These would cover all the things in the code that you have shown. | [reply] |
Thank you very much ..
can you please tell me these datahash() and fetchrow() are predefined subroutines..
| [reply] |
mtrasp:
I don't use Win32::ODBC, so I can't speak to the details. However, since you're new to perl, here's a handy tip:
Generally, when you see something like: $var->function(parameters), it means that $var contains an object, and function is a function/method/subroutine defined in the object definition. You can usually find out information on these functions in the documentation for the object using the command perldoc Module::Containing::Object at your command prompt.
So, if you have code like:
use Win32::ODBC;
my $mydb=Win32::ODBC('MyDSN');
$mydb->Sql("exec Stored_Procedure_Name");
if ($mydb->FetchRow())
{
%Info = $mydb->DataHash();
}
the second line tells you that $mydb is a Win32::ODBC object, so you can read information about the Sql, FetchRow and DataHash methods by executing perldoc Win32::ODBC at the command line.
If the function doesn't have a $var-> prefix, then you'll have several places to look. I normally first run perldoc perlfunc to see if it's one of the standard ones. Failing that, then I go through the list of modules in the use Module::Name; statements one after another until I find the one that's exporting the function I'm looking for.
...roboticus
Update: Trivial formatting fix | [reply]
[d/l]
[select] |
- Perl fundamentals
- Whatever module provides $mydb's class
- SQL
To understand what's wrong with that code, you need to be familiar with code injection, specifically SQL injection
| [reply]
[d/l] |