[Israel.pm] #perl-help irc channel

Shlomi Fish shlomif at shlomifish.org
Wed Jun 26 07:38:14 PDT 2013


Hi Shmuel,

On Thu, 20 Jun 2013 22:42:28 +0900
Shmuel Fomberg <shmuelfomberg at gmail.com> wrote:

> On Thu, Jun 20, 2013 at 10:19 PM, sawyer x wrote:
> 
> > Erez Schatz gave a wonderful talk on how to handle questions like this.
> > On one hand you want to answer them, but on the other hand you want to
> > educate them on searching the documentation.
> >
> > The specific example you gave probably isn't in this exact bracket,
> > because it's a very very specific question. I mean questions like "how do I
> > create objects in Perl" or "what does this function do?" - which are very
> > common, and get the same RTFM responses.
> >
> 
> I'm not in the business of education. I help people.
> So first I help him by giving a short and exact answer to the question.
> Then, if there is a good reading source, I will point him to it.
> 
> Here is another example, some time ago: a user tries to store values into a
> DB table.
> The problem that he is actually having: values not interpolating into the
> query string. (he used single-quote with the variables embedded)
> When I arrived to the scene, he was getting a long explanation about the
> dangers of SQL injection. nobody helped him with the actual problem.
> His data source: his research data's csv file. No problem with SQL
> injection here.
> I solved the problem, and told him to ignore everything that they said. And
> that if one day he will write a web app, he should learn a bit about that
> "SQL injection" that they talked about.
> 

Well, SQL Injection is a big problem also outside the realm of web
applications, and you should always use placeholders:

* http://bobby-tables.com/

* http://perl-begin.org/topics/security/code-markup-injection/

* http://en.wikipedia.org/wiki/SQL_injection

So I believe their instruction was in place.  

Regards,

	Shlomi Fish

> double ufff.
> 
> Shmuel.



-- 
-----------------------------------------------------------------
Shlomi Fish       http://www.shlomifish.org/
Why I Love Perl - http://shlom.in/joy-of-perl

An original philosopher knows the right combination of ideas to steal.

Please reply to list if it's a mailing list post - http://shlom.in/reply .


More information about the Perl mailing list