Re: Escape characters in DBD CSV

$dbh->do("UPDATE new_entrant SET forename='$wrk_forename',surname='$wrk_surname' FROM new_entrant WHERE emp_no='$wrk_emp_no'") or die $DBI::errstr;

NEVER put ~~literal values~~ <update>value literals</update> into SQL statements, use placeholders ($dbh->do('UPDATE sometable SET foo=?,bar=?,baz=? WHERE quux=?',undef,$foo,$bar,$baz,$quux);). See DBI, Re: Counting rows Sqlite, Re^2: Massive Memory Leak, Re^5: Variable interpolation in a file to be read in.

Also note that there is no FROM in an UPDATE statement.

And finally, enable autodie in DBI->connect(), that removes the need for or die $DBI::errstr for all DBI methods.

Alexander

Updated wording, thanks to soonix.

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Comment on Re: Escape characters in DBD CSV Select or Download Code

Replies are listed 'Best First'.
Re^2: Escape characters in DBD CSV by chacham (Prior) on May 11, 2015 at 15:09 UTC
Also note that there is no FROM in an UPDATE statement. That depends on the RDBMS. SQL Server allows it and its quite convenient too. (DB2 seems to allow it inside a fullselect sub-clause, but that's not what is being done here.)	[reply]