Rolf Langsdorf (‎LanX‎)

Saturday, 26 October 2024 10:50

40 minutes

Any

English 

Many are still composing their SQL queries dangerously by assembling their queries with string interpolation.

Not only are such queries slow and prone to errors, they are also loopholes for injections.

But many legacy projects are full of such examples. And refactoring is often not easy.

And even today many developers choose interpolation, since it’s a core feature in Perl and comfortable to use.

This talk shows a current project to convert such interpolations to placeholders, without losing the benefits of ease and expressiveness.

We will cover and explain some in-depth techniques like

- Callbacks in DBI.pm
- Manipulating variables with PadWalker.pm
- Bind variables with tie
- Overloading operators for objects

This is an extended and updated version of my talk at YAPC::Europe & KohaCon’23 in Helsinki (https://perlkohacon.fi/Schedule.html#?talk_id=31) 

interpolation perl placeholder sql

Attended by:
Ian Boddison (‎Bod‎)
John McCarthy
Sаm Kington
John Imrie
Michael Woods
Toby Inkster
AndyR
Dinis Rebolo (‎drebolo‎)
Anne Thorniley
Ian Brierley
Richard Morgan
Ophelia Chiu
Santiago Leyva
Andy McFarland
Anthony Frost
Dave Thomas
Steve Roe (‎librasteve‎)
Peter Kaagman
James Mastros (‎theorbtwo‎)
Sébastien Feugère (‎smonff‎)
James Raspass (‎Raz‎)
Mike Whitaker (‎Penfold‎)
« List of talks

Sponsors

Read more about sponsoring LPW2024

Diamond:
deriv
Gold:
CV Library
Oleeo
Silver:
Geekuni
Geizhals
Datensegler
Spareroom
PayProp
Bronze:
Meterian
TPRF

More information about all of our valued sponsors is available on our sponsors page.

  • Powered by Act A Conference Toolkit