Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re: regex challengedby moritz (Cardinal) |
on Oct 07, 2009 at 19:55 UTC ( [id://799799]=note: print w/replies, xml ) | Need Help?? |
You should just use placeholders and avoid escaping of the values totally:
The database substitutes the question mark with the value from $User without interpreting it as SQL, so you're as safe as you can get that way. When you print out the user name again someday, you have to HTML-Escape it. Good template systems like HTML::Template::Compiled can do that by default with the default_escape => 'HTML' option.
Perl 6 - links to (nearly) everything that is Perl 6.
In Section
Seekers of Perl Wisdom
|
|