Hi, I usually use placeholders in DBI. Is this enough for avoiding SQL injections? I have made a simple test and I have seen that it seems to be enough, but... I am not sure.
Thanks. Teddy ----- Original Message ----- From: "Ian Joyce" <[EMAIL PROTECTED]> To: "Adam Prime x443" <[EMAIL PROTECTED]> Cc: "Mod-Perl ((E-mail))" <modperl@perl.apache.org> Sent: marti, 15 februarie 2005 21:09 PM Subject: Re: securing web form interaction On Tue, 15 Feb 2005 14:07:22 -0500, Adam Prime x443 <[EMAIL PROTECTED]> wrote: > > $dbh->quote() everything you can. > Or make it easy on yourself and just use placeholders. --Ian
