Bug #23946 for DBI: Add some sort of paranoid mode?

RT for rt.cpan.org

This queue is for tickets about the DBI CPAN distribution.

Report information

The Basics

Id:	23946
Status:	resolved
Priority:	0/
Queue:	DBI

People

Owner:	Nobody in particular
Requestors:	adamk [...] cpan.org
Cc:
AdminCc:

Bug Information

Severity:	Wishlist
Broken in:	1.53
Fixed in:	(no value)

History Show all quoted text

Thu Dec 14 21:39:59 2006 adamk [...] cpan.org - Ticket created

Subject:

Add some sort of paranoid mode?

One of the things we teach Perl newbies is to ALWAYS use placeholders... It occurs to me that it would be really nice if DBI had some sort of Taint-like feature you had to intentionally turn on, that would forbid you to use quotes directly in SQL statements. I really don't know if this is doable or good or bad, but I think it's an interesting idea.

Mon Feb 19 07:54:27 2007 TIMB [...] cpan.org - Correspondence added

Thanks for the suggestion. I think that kind of functionality doesn't belong in the DBI itself. Perhaps best implemented as a subclass. I'd be willing to add a mechanism to automatically use a subclass if an environment variable was set (something like DBI_AUTOPROXY)

Mon Feb 19 07:54:46 2007 The RT System itself - Status changed from 'new' to 'open'

Mon Feb 19 07:55:03 2007 TIMB [...] cpan.org - Status changed from 'open' to 'resolved'