[Mimedefang] perl problem
John Nemeth
jnemeth at victoria.tc.ca
Fri Nov 11 21:30:45 EST 2005
On Apr 2, 7:31am, "Mack" wrote:
} Subject: RE: [Mimedefang] perl problem
} my $newrecip =$recip;
} $newrecip =~ s/'/''/gi;
} $sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username =
} '$recip' && preference='whitelist_from'");
}
}
} that will fix it, (replacing the ' with '') be carefull of \' as well if you are using mysql
Much better would be something like:
$quoteduser = $dbh->quote($recip);
$sth = $dbh->prepare(qq{SELECT value FROM userpref WHERE username = $quoteduser && preference = 'whitelist_from'});
$sth->execute();
then you don't have to worry about what $recip contains.
} -----Original Message-----
} From: mimedefang-bounces at lists.roaringpenguin.com
} [mailto:mimedefang-bounces at lists.roaringpenguin.com]On Behalf Of B. Tolka
} Sent: Thursday 10 November 2005 12:44
} To: mimedefang at lists.roaringpenguin.com
}
} I my milter I have a mysql call below.
}
} $sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username =
} '$recip' && preference='whitelist_from'");
}
} My slave is always getting killed because of an aprostophe in an email
} address. It fails at '$recip'.
}
} Is there another way to code the above line??
}
}-- End of excerpt from "Mack"
More information about the MIMEDefang
mailing list