FAQ
yes, that's what I meant. but does using the DBIx::Class construct
sanitise, provide safety and prevent unwanted babies though?

IIRC it does for creating records.
On Thu, Jun 5, 2008 at 8:10 PM, Ash Berlin wrote:
On 5 Jun 2008, at 19:05, Daniel McBrearty wrote:

database contains text fields which can be in any language and contain
any text and punctuation

1. I am getting params back via a web form to create new records. What
do I do to validate input (apart from length check)?

2. I want to take a param and do a "like(%$param%)" search returning
matching records. How do I protect this?
You mean "foo LIKE '%$param%' " and its done by

$rs->search({ col => { -like => "%$param%" } })

-ash

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


--
Daniel McBrearty
email : danielmcbrearty at gmail.com
http://www.engoi.com
http://danmcb.vox.com
http://danmcb.blogger.com
find me on linkedin and facebook
BTW : 0873928131

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 9 | next ›
Discussion Overview
groupcatalyst @
categoriescatalyst, perl
postedJun 5, '08 at 7:05p
activeJun 8, '08 at 10:17a
posts9
users4
websitecatalystframework.org
irc#catalyst

People

Translate

site design / logo © 2021 Grokbase