Re^2: DBI question

I think the OPs problem was not escaping text within a Perl string, but escaping text within a SQL statement. In general, you double up your quotes for that, i.e. to insert the string "Sue's Sister" into a database, you would write...

INSERT INTO sometable VALUES ('Sue''s Sister')
[download]

... although the $dbh->quote method is cleaner if you're working with Perl.

Comment on Re^2: DBI question Select or Download Code

Replies are listed 'Best First'.
Re^3: DBI question by Whitehawke (Pilgrim) on Mar 11, 2005 at 01:20 UTC
Yep. That's why I said "...is better in this specific case. In general...." :>	[reply]
Re^3: DBI question by ahewitt96 (Initiate) on Mar 11, 2005 at 14:57 UTC
It was a problem with SQL and not a perl problem. Doubling up the single quotes solved the problem. Thanks for you help	[reply]
Re^4: DBI question by jZed (Prior) on Mar 11, 2005 at 15:10 UTC
SO, in other words, you completely ignored our advice. DO NOT HANDLE QUOTING YOURSELF. You are certain to get into trouble eventually either through SQL injection attack or through missing something that should have been escaped. Use placeholders.	[reply]