in reply to Re: Re: Quote mark in string messing up mySQL INSERT
in thread Quote mark in string messing up mySQL INSERT

Is it safe to use apostrophes instead of quotes? In the past I have always done: 
$dbh->do("insert into mytable values('$myStringWhichPossiblyContainsQu
+otes', '$another string', ...);

[download]
Rohit

Replies are listed 'Best First'.
Re^4: Quote mark in string messing up mySQL INSERT
by htoug (Deacon) on Dec 13, 2002 at 08:24 UTC
    Nope!!
    What if your variables contain apostrophes? Or other 'nasty' characters?

    Stick with either $dbh->quote($variable) or use placeholders.

[reply]
[d/l]

In Section Seekers of Perl Wisdom