Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re: Preventing SQL injection attacks: are -T and placeholders not enough?by perrin (Chancellor) |
on Jan 09, 2008 at 05:36 UTC ( [id://661262]=note: print w/replies, xml ) | Need Help?? |
There are certain cases where using placeholders is difficult (e.g. the column name or table name is being set dynamically), but I can't think of any case where you would use placeholders and they wouldn't properly quote your arguments. This sounds like some kind of posturing or misunderstanding on their part. I doubt there is anything to it.
In Section
Seekers of Perl Wisdom
|
|