Comments on: Integrate your SafeConnect NAC with a Palo Alto Firewall http://www.pskl.us/wp/?p=757 Preset Kill Limit Fri, 14 Jul 2017 16:58:41 +0000 hourly 1 By: Heather http://www.pskl.us/wp/?p=757&cpage=1#comment-14531 Sat, 03 Aug 2013 15:40:03 +0000 http://www.pskl.us/wp/?p=757#comment-14531 Great work on the article, SQL is probably my weakest point in coding and this helps a lot.

]]>
By: Apachez http://www.pskl.us/wp/?p=757&cpage=1#comment-14489 Fri, 29 Jun 2012 17:08:21 +0000 http://www.pskl.us/wp/?p=757#comment-14489 Its a matter of taste but I prefer using placeholders for added security in order to avoid sql injections (no matter if its for personal use or public use 🙂

Like so:

my %sqlconfig = (
‘server’ => ‘mysqlbox-14.pskl.us’,
‘user’ => ‘MySQL_username’,
‘pass’ => ‘MySQL_password’,
‘db’ => ‘backupDB’,
);

my %sql = ();

my $dbh = DBI->connect(“DBI:mysql:”.$sqlconfig->{‘db’}.”;”.$sqlconfig->{‘server’}, $sqlconfig->{‘user’}, $sqlconfig->{‘pass’}) || Error(“Couldn’t connect to database.”);

my $sth = $dbh->prepare_cached(“SELECT transDate, currentIpAddress, principal FROM clienthist WHERE DATE_SUB(CURDATE(), INTERVAL ? DAY) execute($safeconnect_reauth_time) || Error(“Couldn’t find requested items.”);

$sth->bind_columns(undef, \$sql{‘transDate’}, \$sql{‘currentIpAddress’}, \$sql{‘principal’});

while($sth->fetchrow_arrayref) {
…whatever you wish to do, you access each column like: $sql{‘transDate’}, $sql{‘currentIpAddress’} and $sql{‘principal’}…
}

$sth->finish;

$dbh->disconnect;

]]>