Subject: | MySQL Session doesn't get removed when running in taint mode |
I was running a mod_perl app with PerlTaint On and got this error message when I tried to untie a MySQL session. The session wasn't removed from the database.
When I disabled PerlTaint, the error went away and the session was removed properly.
[error] Insecure dependency in parameter 2 of DBIx::ContextualFetch::st=HASH(0xb55828c)->bind_param method call while running with -T switch at /usr/lib/perl5/vendor_perl/5.8.4/Apache/Session/Store/DBI.pm line 113.
The line in question is:
$self->{remove_sth}->bind_param(1, $session->{data}->{_session_id});
Thanks,
-Andy