At 13:35 Uhr -0400 6.4.2001, Vivek Khera wrote:
>
> ... LIMIT '3',2
>
>and resulting in a parse error. The fix was to call
>$sth->execute($start+0,$howmany+0) and then DBI did the right thing.
A similar problem may occur if you use a text variable in a ==
comparison before passing it to execute. If you run perl with
tainting check, DBD::mysql will interpret the text variable as number
and not quote it, leading to either a parsing error or a security
hole in your application. I have written about this on 2000/08/23 to
the dbi-users and msql-mysql-modules lists. Tim Bunce suspected it to
be a driver bug. I don't know if it has been solved.
Christian.
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
