Hi,
I've seen examples of searching in a database using the LIKE operator like:
$rs = $rs->search( {
name => { -like => "%$name%" },
} );
It doesn't look to be very secure to quote the variable $name this way.
Or maybe the special chars in the whole composed string "%$name%" are then
escaped if -like key is used?
Or is there a better alternative?
Thanks.
--Octavian
_______________________________________________
List: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbix-class
IRC: irc.perl.org#dbix-class
SVN: http://dev.catalyst.perl.org/repos/bast/DBIx-Class/
Searchable Archive: http://www.grokbase.com/group/dbix-class@lists.scsys.co.uk
