[Dbix-class] escape char support
Bernhard Graf
dbic1 at augensalat.de
Sat Sep 23 22:18:35 CEST 2006
On Tuesday 19 September 2006 I wrote:
> Maybe this question is more related to SQL::Abstract, but maybe
> someone can help here:
>
> Is there any support for db engine independent escaping (user) input
> ('%' and '_')?
hmm ... looks like there is not...
> DBI returns the escape character by calling $dbh->get_info(14), but I
> would like a more elegant/intuitive solution.
Just to give an example what I mean (from a Catalyst application):
my $esc = $c->model('DB::Table')->result_source->schema->storage->dbh->get_info(14);
my $input = $c->request->params->{input}
$input =~ s/([_%])/$esc$1/g;
Not very pretty, but always needed, where user input from external
sources is used inside SQL queries.
Comments?
--
Bernhard Graf
More information about the Dbix-class
mailing list