Re^6: How to optimise " csv into mysql " using Text:CSV

to be honest I don't exactly get the point. What actually wrong with the way I'm using placeholders (building the list).? The thing is, that I'm running this piece of code to import multiple files with different column names, and column counts. So building the placeholders looked like a good ( and only I could think off ) idea to me. I just don't find any better solution.

Comment on Re^6: How to optimise " csv into mysql " using Text:CSV_XS and DBD::Mysql

Replies are listed 'Best First'.
Re^7: How to optimise " csv into mysql " using Text:CSV_XS and DBD::Mysql by chacham (Prior) on Sep 08, 2015 at 12:58 UTC
The (major) reason placeholders are better than variables in a dynamic SQl statement, is placeholders are strictly typed and cannot (generally) do anything unintended. In the script, $fieldList defines the list of fields. As there is now a variable available in the statement, little Bobby Tables lives on. The idea is to never have a variable anywhere in your SQL statements. Ultimately, it's just fyi. Keep it in mind and make the best decision for your particular situation.	[reply]

Replies are listed 'Best First'.

Re^7: How to optimise " csv into mysql " using Text:CSV_XS and DBD::Mysql
by chacham (Prior) on Sep 08, 2015 at 12:58 UTC

The (major) reason placeholders are better than variables in a dynamic SQl statement, is placeholders are strictly typed and cannot (generally) do anything unintended.

In the script, $fieldList defines the list of fields. As there is now a variable available in the statement, little Bobby Tables lives on.

The idea is to never have a variable anywhere in your SQL statements.

Ultimately, it's just fyi. Keep it in mind and make the best decision for your particular situation.

[reply]