[Dbix-class] patch: escaping user input - cookbook example
Robert Krimen
robertkrimen at gmail.com
Wed Feb 6 22:10:44 GMT 2008
On Feb 6, 2008 5:14 AM, Carl Franks <fireartist at gmail.com> wrote:
> On 06/02/2008, Matt S Trout <dbix-class at trout.me.uk> wrote:
> >
> > { name => { like => $query } }
> >
> > works for that.
>
> Did you maybe miss the leading and trailing '%' wildcards?
>
> I just tried changing my app to use your code, and a search for "o'r"
> no longer matched against "test o'reilly".
Yes, you'd need to include the wildcard characters.
{ name => { -like => "$query%" } }
or
{ name => { -like => "${query}_%" } }
It really depends on what $query is (e.g. $query may already have the
wildcards in it)
Rob
More information about the DBIx-Class
mailing list