Guest_imported
New member
- Jan 1, 1970
- 0
I have set up a query in MySQL using Perl.
I use a MySQL command like:
SELECT * FROM mydatafile WHERE field1 LIKE '$value1' AND field2 LIKE '$value2'AND Gender LIKE '$gender' ORDER BY field1 ASC LIMIT $maxlines";
All of the variables are from user input.
My question is whether I need to be worried about some bad guy putting in a wierd input and doing something bad with my data or system.Like using ; or something.
I am using a commercial web host, so I don't have access to the server itself.
I just want to write good, clean, secure code that won't get me in trouble.
(Also, should I also ask this question to a Perl group?)
Comments?
I use a MySQL command like:
SELECT * FROM mydatafile WHERE field1 LIKE '$value1' AND field2 LIKE '$value2'AND Gender LIKE '$gender' ORDER BY field1 ASC LIMIT $maxlines";
All of the variables are from user input.
My question is whether I need to be worried about some bad guy putting in a wierd input and doing something bad with my data or system.Like using ; or something.
I am using a commercial web host, so I don't have access to the server itself.
I just want to write good, clean, secure code that won't get me in trouble.
(Also, should I also ask this question to a Perl group?)
Comments?
