in reply to DBI and variable numbers of bind parameters

The problem with the first option is that you lose the major benefit of placeholders - security. When you use placeholders, you get a DBI->quote() call for you. That means that you (almost) never have to worry about SQL injection attacks.

The second method is the proper way to go, period. See Re: best way to inline code? (i.e. macro) for a good example of how I write this type of code.

My criteria for good software:
  1. Does it work?
  2. Can someone else come in, make a change, and be reasonably certain no bugs were introduced?
  • Comment on Re: DBI and variable numbers of bind parameters

In Section Seekers of Perl Wisdom