Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re: regex challenged

by moritz (Cardinal)
on Oct 07, 2009 at 19:55 UTC ( [id://799799]=note: print w/replies, xml ) Need Help??


in reply to regex challenged

You should just use placeholders and avoid escaping of the values totally:
my $sth = $dbh->prepare('SELECT Name, UserID, Passwd, Class FROM Users WHERE UserID=?'); $sth->execute($User);

The database substitutes the question mark with the value from $User without interpreting it as SQL, so you're as safe as you can get that way.

When you print out the user name again someday, you have to HTML-Escape it. Good template systems like HTML::Template::Compiled can do that by default with the default_escape => 'HTML' option.

Perl 6 - links to (nearly) everything that is Perl 6.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://799799]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (10)
As of 2024-03-28 12:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found