40 minutes
Any
English
Many are still composing their SQL queries dangerously by assembling their queries with string interpolation.
Not only are such queries slow and prone to errors, they are also loopholes for injections.
But many legacy projects are full of such examples. And refactoring is often not easy.
And even today many developers choose interpolation, since it’s a core feature in Perl and comfortable to use.
This talk shows a current project to convert such interpolations to placeholders, without losing the benefits of ease and expressiveness.
We will cover and explain some in-depth techniques like
- Callbacks in DBI.pm
- Manipulating variables with PadWalker.pm
- Bind variables with tie
- Overloading operators for objects
This is an extended and updated version of my talk at YAPC::Europe & KohaCon’23 in Helsinki (https://perlkohacon.fi/Schedule.html#?talk_id=31)
| Attended by: |
|---|
| Ian Boddison (Bod) |
| John McCarthy |
| Sаm Kington |
| John Imrie |
| Michael Woods |
| Toby Inkster |
| AndyR |
| Dinis Rebolo (drebolo) |
Sponsors
Diamond:
Gold:
Silver:
Bronze:
More information about all of our valued sponsors is available on our sponsors page.