Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re^5: untainting or encoding for shelled sqlplus update

by goibhniu (Hermit)
on May 15, 2008 at 21:05 UTC ( [id://686811]=note: print w/replies, xml ) Need Help??


in reply to Re^4: untainting or encoding for shelled sqlplus update
in thread untainting or encoding for shelled sqlplus update

I've been looking at Interpolate. How would that take care of bad characters in $bar in your example?

#my sig used to say 'I humbly seek wisdom. '. Now it says:
use strict;
use warnings;
I humbly seek wisdom.
  • Comment on Re^5: untainting or encoding for shelled sqlplus update

Replies are listed 'Best First'.
Re^6: untainting or encoding for shelled sqlplus update
by runrig (Abbot) on May 15, 2008 at 21:28 UTC
    Start with what Herkum suggests above. Make one database handle. But then create a function that (maybe untaints the data and then) calls $dbh->quote() on its argument and returns the results, then use Interpolate to tie a hash to that function. Or, don't use DBI, and just wing it to create your own escaping function.
[reply]
[d/l]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://686811]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having an uproarious good time at the Monastery: (3)
As of 2024-04-16 14:23 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found