[Omaha.pm] database -> XML
Jay Hannah
jay at jays.net
Mon Apr 23 17:06:25 PDT 2007
On Apr 22, 2007, at 10:40 PM, George Neill wrote:
> I am curious as to why you chose to use xml attributes over elements?
Huh. I'm not sure. It's not my spec, I'm just writing to it. Uche has
some thoughts on your question:
http://www-128.ibm.com/developerworks/xml/library/x-eleatt.html
>> If I was ever going to accept $prop as input from the outside I'd (1)
>> sanitize it with a regex, (2) make sure it was in a DBI placeholder,
>> not just running loose in an SQL string, and (3) use Perl's taint
>> mode.
>
> What about the monger -not- named Jay who makes it available to the
> outside! :)
Well, a rogue programmer has always been able to destroy everything
where I work, so I stopped worrying about that a while ago. :)
j
More information about the Omaha-pm
mailing list