On Apr 22, 2007, at 10:40 PM, George Neill wrote:
I am curious as to why you chose to use xml attributes over elements?
Huh. I'm not sure. It's not my spec, I'm just writing to it. Uche has some thoughts on your question:
http://www-128.ibm.com/developerworks/xml/library/x-eleatt.html
If I was ever going to accept $prop as input from the outside I'd (1) sanitize it with a regex, (2) make sure it was in a DBI placeholder,not just running loose in an SQL string, and (3) use Perl's taint mode.What about the monger -not- named Jay who makes it available to the outside! :)
Well, a rogue programmer has always been able to destroy everything where I work, so I stopped worrying about that a while ago. :)
j