my $sql = "SELECT foo FROM Bar WHERE 1=1";
my @bind;
$sql .= " AND baz in ( " . join(',', map {'?'} @ins) . ") ";
push @bind, @ins;
$dbh->selectall_arrayref($sql, {}, @bind);
[download]

use SQL::Abstract;
my $SA = SQL::Abstract->new;
my ($sql, @bind) = $SA->select('Bar', ['foo'], {baz => \@ins});
$dbh->selectall_arrayref($sql, {}, @bind);
[download]

Between ( '?' ) x @ins and map { '?' } @ins, the first is more efficient. There's no loop - it just creates the right number of elements in place.

my $in = "a,b";
my $sth = $dbh->prepare("SELECT foo FROM bar WHERE baz IN (?)");
$sth->execute( $in );

# fetch returns no results -- it would work if $in were just "a"


my @in = qw/a b/;
$sth = $dbh->prepare("SELECT foo FROM bar WHERE baz in (?,?)");
$sth->execute( @in );

# fetch returns expected results for "a" and "b"
[download]

Given that circumstance, I would definitely use the  join( ',', map {'?'} @ins approach for putting together the text for the sql select statement (like davidrw showed in his reply).

my $in;  $in .= '?, ' for @ins;

# discard hanging comma
$in =~ s/, $//;
[download]

my $in = join ', ', ('?') x @ins;
[download]

I've been trying it here, passing a string of comma separated numeric values as the bind value for a single placeholder in an IN clause, and in my case (MySQL 4.1, DBD::mysql 2.9007) it seems to just take the first value in the list.

Oops! You're right -- I was mistaken. Looking back, I had confused two separate pieces of code when thinking about this problem. The code that made me think of the first method actually has $in inlined right into the SQL. Obviously that's no good! I guess that pretty much answers the question, then. <Emily Litella>Nevermiiiind!</ET>

(And I didn't write that piece, I swear. :) But I am going to fix it post-haste.)

The second method is the proper way to go, period. See Re: best way to inline code? (i.e. macro) for a good example of how I write this type of code.

Personally I prefer the first one, the one using place holder.

"From an elegance standpoint, it's nice to have each "IN" item be its own bind parameter,"

Not true, for the elegance, one place holder for the entire in list is better than multiple ones (and one for each element). From an elegance point of view, you don't use dynamic query, unless there is absolutely no other (easier) way. In this case, in order to have the right number of place holders for the elements of the in list, you have to go with dynamic query, which is less perfect.

One purpose of place holder is performance as you mentioned, it is not clear to me whether the latest MySQL actually started to use the true prepared query, but you probably should use it any way for two reasons: 1) other benefits that prepared query bring to table; 2) even if there is no performance benefit with the current MySQL implementation, I believe there will be.

# @ins is actually calculated at runtime. 
# Defined here for demonstration.
my @ins = qw(1 2 3 4 5 6);
my $in = join ',', map { "?" } @ins;
my $sth = $dbh->prepare("SELECT foo FROM Bar WHERE baz IN ( $in )");
$sth->execute( @ins );
[download]