Revision 93a4e424
Von Moritz Bunkus vor mehr als 17 Jahren hinzugefügt
SL/DBUtils.pm | ||
---|---|---|
4 | 4 |
@ISA = qw(Exporter); |
5 | 5 |
|
6 | 6 |
@EXPORT = qw(conv_i conv_date conv_dateq do_query selectrow_query do_statement |
7 |
dump_query quote_db_date selectall_hashref_query |
|
8 |
selectfirst_hashref_query selectfirst_array_query |
|
9 |
prepare_execute_query); |
|
7 |
dump_query quote_db_date |
|
8 |
selectfirst_hashref_query selectfirst_array_query |
|
9 |
selectall_hashref_query selectall_array_query |
|
10 |
prepare_execute_query prepare_query); |
|
10 | 11 |
|
11 | 12 |
sub conv_i { |
12 | 13 |
my ($value, $default) = @_; |
... | ... | |
82 | 83 |
return "'$str'"; |
83 | 84 |
} |
84 | 85 |
|
86 |
sub prepare_query { |
|
87 |
my ($form, $dbh, $query) = splice(@_, 0, 3); |
|
88 |
|
|
89 |
dump_query(LXDebug::QUERY, '', $query, @_); |
|
90 |
|
|
91 |
my $sth = $dbh->prepare($query) || $form->dberror($query); |
|
92 |
return $sth; |
|
93 |
} |
|
94 |
|
|
85 | 95 |
sub prepare_execute_query { |
86 | 96 |
my ($form, $dbh, $query) = splice(@_, 0, 3); |
87 | 97 |
|
... | ... | |
110 | 120 |
return $result; |
111 | 121 |
} |
112 | 122 |
|
123 |
sub selectall_array_query { |
|
124 |
my ($form, $dbh, $query) = splice(@_, 0, 3); |
|
125 |
|
|
126 |
my $sth = prepare_execute_query($form, $dbh, $query, @_); |
|
127 |
my @result; |
|
128 |
while (my ($value) = $sth->fetchrow_array()) { |
|
129 |
push(@result, $value); |
|
130 |
} |
|
131 |
$sth->finish(); |
|
132 |
|
|
133 |
return @result; |
|
134 |
} |
|
135 |
|
|
113 | 136 |
sub selectfirst_hashref_query { |
114 | 137 |
my ($form, $dbh, $query) = splice(@_, 0, 3); |
115 | 138 |
|
Auch abrufbar als: Unified diff
CT.pm auf die Verwendung von parametrisierten Queries zur Vermeidung von SQL injection umgestellt. Dabei Restfunktionalität von customertax und vendortax entfernt. Mehr Datenbankhilfsfunktionen hinzugefügt.