yes, that's what I meant. but does using the DBIx::Class construct sanitise, provide safety and prevent unwanted babies though?
IIRC it does for creating records. On Thu, Jun 5, 2008 at 8:10 PM, Ash Berlin <[EMAIL PROTECTED]> wrote: > > On 5 Jun 2008, at 19:05, Daniel McBrearty wrote: > >> database contains text fields which can be in any language and contain >> any text and punctuation >> >> 1. I am getting params back via a web form to create new records. What >> do I do to validate input (apart from length check)? >> >> 2. I want to take a param and do a "like(%$param%)" search returning >> matching records. How do I protect this? > > You mean "foo LIKE '%$param%' " and its done by > > $rs->search({ col => { -like => "%$param%" } }) > > -ash > > _______________________________________________ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > -- Daniel McBrearty email : danielmcbrearty at gmail.com http://www.engoi.com http://danmcb.vox.com http://danmcb.blogger.com find me on linkedin and facebook BTW : 0873928131 _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/