in reply to
Re: SQL String Escape Special Characters
in thread
SQL String Escape Special Characters
Never just single-quote variables; just use $dbh->quote() if you can't use placeholders.
"What should it profit a man, if he should win a flame war, yet lose his cool?"
Comment on
Re^2: SQL String Escape Special Characters
Replies are listed 'Best First'.
Re^3: SQL String Escape Special Characters
by
jZed
(Prior)
on May 25, 2005 at 23:18 UTC
Good advice, but I think
davidrw
was just pointing out how the OP could see that the OP's method of concating the SQL string didn't even put in quotes at all.
[reply]
In Section
Seekers of Perl Wisdom