# GLOBALS
#======================================================================
-our $VERSION = '1.71';
+our $VERSION = '1.72';
# This would confuse some packagers
$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
return bless \%opt, $class;
}
+
+sub _assert_pass_injection_guard {
+ if ($_[1] =~ $_[0]->{injection_guard}) {
+ my $class = ref $_[0];
+ puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
+ . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
+ . "{injection_guard} attribute to ${class}->new()"
+ }
+}
+
+
#======================================================================
# INSERT methods
#======================================================================
$self->debug("Generic unary OP: $op - recursing as function");
- if ($op =~ $self->{injection_guard}) {
- my $class = ref $self;
-
- puke "Possible SQL injection attempt '$op'. If this is indeed a part of the "
- . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
- . "{injection_guard} attribute to ${class}->new()"
- }
+ $self->_assert_pass_injection_guard($op);
my ($sql, @bind) = $self->_SWITCH_refkind ($rhs, {
SCALAR => sub {
$op =~ s/^\s+|\s+$//g;# remove leading/trailing space
$op =~ s/\s+/ /g; # compress whitespace
- if ($op =~ $self->{injection_guard}) {
- my $class = ref $self;
-
- puke "Possible SQL injection attempt '$op'. If this is indeed a part of the "
- . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
- . "{injection_guard} attribute to ${class}->new()"
- }
-
+ $self->_assert_pass_injection_guard($op);
# so that -not_foo works correctly
$op =~ s/^not_/NOT /i;
return ${$_[1]} if ref($_[1]) eq 'SCALAR';
unless ($_[0]->{quote_char}) {
-
- if ($_[1] =~ $_[0]->{injection_guard}) {
- my $class = ref $_[0];
- puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
- . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
- . "{injection_guard} attribute to ${class}->new()";
- }
-
+ $_[0]->_assert_pass_injection_guard($_[1]);
return $_[1];
}