my $sql = qq(INSERT INTO db.table("field1","field2","field3") VALUES(
+?, ?,now()));
my $sth = $dbh->prepare($sql) or die "Not prepared: ".DBI->errstr;
$sth->execute($var_field1,$var_field2) or die "Not executed: ".DBI->er
+rstr;
best is to use the ? as placeholders. This is one cause that can give errors with ' escaping the insert values string. The placeholders fix this problem!
Like set before is for timestamp fields in mysql the now() function to best choice.
IMPORTANT: always use the placeholders!
--
My opinions may have changed,
but not the fact that I am right