[Dbix-class] Read only resultsets

Dave Howorth
Aug 12, 2010 at 8:52 am

Dan Horne wrote:
The recent discussion on read only objects has got me wondering. Say one
has an app which basically sends result sets to TT templates. What stops
a malicious designer from doing DB updates in the templates since they
have the RS objects?
Make sure that the DBI connection that the templates use is of a db-user
that only has SELECT privileges?

Cheers, Dave

Search Discussions

Discussion Posts


Follow ups

Related Discussions