From: will trillich Octavian -- Inlining the values, as you say, would be fraught with peril -- DBI (and DBIx::Class) know better, so it's not a problem. It's not special to the -like operator, it's part of how DBIC works. [cut] So if someone put nefarious strings in one of the ID values, it'd still be quoted.
Yep, thanks. I was wrong, because if DBIC escapes the special chars in the values for -like hash keys, it shouldn't matter if those values are stored in a scalar var, or a quoted string that might contain scalar vars. Octavian
_______________________________________________ List: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbix-class IRC: irc.perl.org#dbix-class SVN: http://dev.catalyst.perl.org/repos/bast/DBIx-Class/ Searchable Archive: http://www.grokbase.com/group/dbix-class@lists.scsys.co.uk