search

guillaumeaubert / Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection

PerlCritic policy that attempts to detect the most common sources of SQL injection in manually crafted SQL statements, by detecting the use of variables inside interpolated strings that look like SQL statements.
https://metacpan.org/pod/Perl::Critic::Policy::ValuesAndExpressions::PreventSQLInjection
Other
6 stars 8 forks source link

Detect use of constants #10

Open krismatthews opened 10 years ago

krismatthews commented 10 years ago

In a perfect world, it would be nice if constants were detected and ignored as safe:

use Const::Fast;

const my $FOOBAR => 12;

...

$dbh->do("SELECT name FROM categories WHERE id = $FOOBAR");