----- Original Message -----
From: "Dave Howorth" <dhoworth@stripped>
To: "mark o' sullivan" <mark.r.osullivan@stripped>
Cc: <perl@stripped>; <msql-mysql-modules@stripped>
Sent: Wednesday, October 22, 2003 10:13 AM
Subject: Re: deleting from database
> The answer is quoting! You asked another question that involved quoting
> yesterday. You need to read up and learn it.
Oh yes, that reminds me of a great article about SQL hacking and quoting and
data scrubbing and breaking out of the quotes by Rain Forest Puppy I read
some time ago. It may be dated material, but I believe it's still
worthwhile reading to understand how to build safer (perl) scripts that muck
around with databases. Read it over and over until you understand it.
Create test examples that intentionally open up security holes so that you
understand the scope of the concern. Best way to learn how to avoid it.
http://www.wiretrip.net/rfp/txt/rfp2k01.txt
> BTW, posting questions to two lists simultaneously is generally not
> appreciated.
AH yes forgot to comment on that. Especially when both lists are apparently
just a mirror of each other. I only subscribed to perl@stripped, but
I get emails from msql-mysql-modules@stripped as well. Sending mail
to one or the other should suffice, but not both. Someone correct me if
this is in error?
Leif
