On Mi, 18.01.2006, 10:43, Ask Bjørn Hansen sagte: > > On Jan 18, 2006, at 1:13 AM, Ulrich Stärk wrote: > >>> >>> 3) You should use placeholders in the SQL. (As it is it'll break if >>> someone sends a mail with ' in the subject). >> >> That's what myquote() is for. It will quote all "'" and "\" in a given >> string. And $subject is quoted that way. [...] > > Ah, I missed that. DBI has a quote method you could use instead.
Which won't work when there are newlines in the string to quote. Took me a while to figure that one out :) > >>> 4) Why store the mail both in the database and in a file? >> >> Because you don't want all the attachments in your database but you do >> want to search the message body. That's the reason why [...] > > Ok, I thought you were saving the attachment in the database too. Just their names. Uli
