Skip Menu |

This queue is for tickets about the DBI CPAN distribution.

Report information
The Basics
Id: 23946
Status: resolved
Priority: 0/
Queue: DBI

People
Owner: Nobody in particular
Requestors: adamk [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Wishlist
Broken in: 1.53
Fixed in: (no value)



Subject: Add some sort of paranoid mode?
One of the things we teach Perl newbies is to ALWAYS use placeholders... It occurs to me that it would be really nice if DBI had some sort of Taint-like feature you had to intentionally turn on, that would forbid you to use quotes directly in SQL statements. I really don't know if this is doable or good or bad, but I think it's an interesting idea.
Thanks for the suggestion. I think that kind of functionality doesn't belong in the DBI itself. Perhaps best implemented as a subclass. I'd be willing to add a mechanism to automatically use a subclass if an environment variable was set (something like DBI_AUTOPROXY)