If you're looking to qoute strings in perl, your DBI handle has a function
called quote:
$quoted_string = $dbh-quote($unqouted string)
I believe you need to be connected to your database server in order to use
this, and I am not POSITIVE whether this works for all RDBMS servers.
Jeppe
-Original Message-
From: Victoria Reznichenko [mailto:[EMAIL PROTECTED]]
Sent: 15. januar 2003 15:44
To: [EMAIL PROTECTED]
Subject: re: filter input
On Wednesday 15 January 2003 04:26, julian haffegee wrote:
I want to insert some text into my database, but I'm worried about bad
data - metacharacters etc.
So I need to filter the input and remove bad characters. Which characters
should I remove? What is bad for mysql?
does anyone know a good subroutine (or webpage telling me all about it)
for
reference. I did have a good(ish) php way of doing this, but need perl
this time.
You should escape some chars:
http://www.mysql.com/doc/en/String_syntax.html
Take a look at addslashes() function in PHP or mysql_escape_string(). You
can
also use MySQL function QUOTE():
http://www.mysql.com/doc/en/String_functions.html
--
For technical support contracts, goto https://order.mysql.com/?ref=ensita
This email is sponsored by Ensita.net http://www.ensita.net/
__ ___ ___ __
/ |/ /_ __/ __/ __ \/ /Victoria Reznichenko
/ /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED]
/_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.net
___/ www.mysql.com
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail
[EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail [EMAIL PROTECTED]
To unsubscribe, e-mail [EMAIL PROTECTED]
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php