[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Omaha.pm] Database -> XML

To: omaha-pm@pm.org
Subject: Re: [Omaha.pm] Database -> XML
From: George Neill <georgen@neillnet.com>
Date: Sun, 22 Apr 2007 22:58:48 -0500
Delivered-to: mailman-omaha-pm@mailman.pm.dev
Delivered-to: omaha-pm@pm.org
In-reply-to: <3c7efdcf89f93b46c5755b21e14e820f@jays.net>
List-archive: <http://mail.pm.org/pipermail/omaha-pm>
List-help: <mailto:omaha-pm-request@pm.org?subject=help>
List-id: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm.pm.org>
List-post: <mailto:omaha-pm@pm.org>
List-subscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=subscribe>
List-unsubscribe: <http://mail.pm.org/mailman/listinfo/omaha-pm>, <mailto:omaha-pm-request@pm.org?subject=unsubscribe>
References: <E59FF64509EEEA4C96BE4723AE9668537DE1A1@exchange2k3.omnihotels.net> <20070416012059.fpza9900u8c4w0oo@www.neillnet.com> <3c7efdcf89f93b46c5755b21e14e820f@jays.net>
Reply-to: "Perl Mongers of Omaha, Nebraska USA" <omaha-pm@pm.org>
User-agent: Internet Messaging Program (IMP) H3 (4.1)

Quoting Jay Hannah <jay@jays.net>:

If I was ever going to accept $prop as input from the outside I'd (1)
sanitize it with a regex, (2) make sure it was in a DBI placeholder,
not just running loose in an SQL string, and (3) use Perl's taint mode.

What about the monger -not- named Jay who makes it available to theoutside! :)


Later,
George.

References:
- [Omaha.pm] Database -> XML
  - From: "Jay Hannah" <jhannah@omnihotels.com>
- Re: [Omaha.pm] Database -> XML
  - From: George Neill <georgen@neillnet.com>
- Re: [Omaha.pm] Database -> XML
  - From: Jay Hannah <jay@jays.net>

Prev by Date: Re: [Omaha.pm] database -> XML
Next by Date: Re: [Omaha.pm] # TEMP PATCH FIX LATER
Previous by thread: Re: [Omaha.pm] Database -> XML
Next by thread: [Omaha.pm] database -> XML
Index(es):
- Date
- Thread