![[ DeepNet IP Database ]](/images/ipdb-logo.png){kind=logo}
Custom Query (13 matches)
Results (10 - 12 of 13)
| Ticket | Owner | Reporter | Resolution | Summary |
|---|---|---|---|---|
| #21 | fixed | Create minimal interface to change email notification settings | ||
| Description |
With the who-and-on-which-events internals of the email notice settings moved into a database table, we need an interface to manage those settings. |
|||
| #29 | invalid | test ticket | ||
| Description |
testing email |
|||
| #34 | fixed | SQL cleanup - use DBI ? substitutions, move all SQL into IPDB.pm | ||
| Description |
Much of the SQL currently uses: $sth = $dbh->prepare("INSERT INTO table (cols) values ('$literal1','$literal2')");
$sth->execute;
instead of: $sth = $dbh->prepare("INSERT INTO table (cols) values (?,?)");
$sth->execute($literal1, $literal2);
Switching to CGI::Simple (#15) is exposing several places where this is problematic. This is also something of an SQL-injection security issue - using DBI's parameter replacement means that user data goes right into the table, instead of munging the SQL (deliberately or otherwise). |
|||
Note:
See TracQuery
for help on using queries.
