[Catalyst] untainting utf8 text for db

Ash Berlin ash_cpan at firemirror.com
Thu Jun 5 19:10:41 BST 2008

On 5 Jun 2008, at 19:05, Daniel McBrearty wrote:

> database contains text fields which can be in any language and contain
> any text and punctuation
> 1. I am getting params back via a web form to create new records. What
> do I do to validate input (apart from length check)?
> 2. I want to take a param and do a "like(%$param%)" search returning
> matching records. How do I protect this?

You mean "foo LIKE '%$param%' " and its done by

$rs->search({ col => { -like => "%$param%" } })


More information about the Catalyst mailing list