Clear questions and runnable code get the best and fastest answer |
|
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
And how do you call the stored procedure and provide parameter values? Not by interpolating strings in the SQL I hope.
If you don't use string interpolation, I guess you use placeholders, and we're back to the advice: always use placeholders. The use of SPs are orthogonal to that issue. /J In reply to Re^2: Preventing SQL injection attacks: are -T and placeholders not enough?
by jplindstrom
|
|