On Apr 2, 7:31am, "Mack" wrote:
} Subject: RE: [Mimedefang] perl problem
} my $newrecip =$recip;
} $newrecip =~ s/'/''/gi;
} $sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username =
} '$recip' && preference='whitelist_from'");
}
}
} that will fix it, (replacing the ' with '') be carefull of \' as well if you
are using mysql
Much better would be something like:
$quoteduser = $dbh->quote($recip);
$sth = $dbh->prepare(qq{SELECT value FROM userpref WHERE username =
$quoteduser && preference = 'whitelist_from'});
$sth->execute();
then you don't have to worry about what $recip contains.
} -----Original Message-----
} From: [EMAIL PROTECTED]
} [mailto:[EMAIL PROTECTED] Behalf Of B. Tolka
} Sent: Thursday 10 November 2005 12:44
} To: [email protected]
}
} I my milter I have a mysql call below.
}
} $sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username =
} '$recip' && preference='whitelist_from'");
}
} My slave is always getting killed because of an aprostophe in an email
} address. It fails at '$recip'.
}
} Is there another way to code the above line??
}
}-- End of excerpt from "Mack"
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
