Tied variables ;-)
G.
On 24 Jan 2013, at 13:57, Denny wrote:
> You do know what $status contains in the example (so you could hardcore it in
> the SQL anyway). $id is up for grabs though.
>
>
>
> Simon Wilcox <es...@ourshack.com> wrote:
>
>> On 24/01/2013 03:01, Sam Kington wrote:
>>> I mean, sure, this is safe:
>>>
>>> if ($status eq 'foo') {
>>> $dbh->do("UPDATE table SET status='$status' WHERE id=$id");
>>> }
>>
>> Only if you're certain you know what $status and $id contain.
>>
>> http://xkcd.com/327/
>
> --
> Sent from my mobile phone. Please excuse terseness, typos and top-posting.
