Re^4: Perl CGI and SQL statements

$cgi->p("$dept was received."),
[download]

Change the comma to a ;

Also:

if ($dept eq'CA'){
[download]

is better than:

if ($dept ='CA'){
[download]

If you had warnings (-w) enabled that would have been flagged up too.

Update: == corrected to eq as pointed out by cdarke below

Comment on Re^4: Perl CGI and SQL statements Select or Download Code

Replies are listed 'Best First'.
Re^5: Perl CGI and SQL statements by kjg (Sexton) on Apr 19, 2006 at 11:26 UTC
Right, I've had a good mess with this now and here's my code: use strict; use diagnostics; #use warnings; use CGI qw(:standard); use CGI::Carp qw/fatalsToBrowser/; use Win32::ODBC; use lib '/perlcgi/settings'; require 'settings.pl'; # Included configuration file which contains g +lobal variables my %labels = ( MA => 'Mortgage Advisers', CA => 'Customer Advisers', BM => 'Branch Management', HO => 'Head Office', Acc => 'Accord', MSa => 'MCC Sales', MSe => 'MCC Service', ); my $cgi = CGI->new; my $dept = $cgi->param('department'); print $cgi->header('text/html'); if (defined $dept) { if (exists $labels{$dept}) { # FIXME # untaint $dept and put it into database print $cgi->start_html, $cgi->p("$dept was received."); if ($dept =="CA") { my $db = new Win32::ODBC('$DSN'); if (!($db=new Win32::ODBC('$DSN'))) { $cgi->p("Error connecting to Database"); $cgi->p("Error: " . Win32::ODBC::Error() . " "); } my $SqlStatement ='SELECT * FROM Pipeline WHERE Publish<="19 Apr 2006" + AND Expiry>="19 Apr 2006" AND CA="Must Read"'; print $SqlStatement; $db->Sql('$SqlStatement'); } $cgi->end_html; } else { print $cgi->start_html, $cgi->p("$dept was received, but is not a valid department + name."), $cgi->end_html; }; } else { print $cgi->start_html, $cgi->start_form( -action => $cgi->script_name, ), $cgi->popup_menu( -name => 'department', -values => [keys %labels], -labels => \%labels, ), $cgi->submit, $cgi->end_form, $cgi->end_html; }; This is what prints out: <code> CA was received. SELECT * FROM Pipeline WHERE Publish<="19 Apr 2006" AND Expiry>="19 Ap +r 2006" AND CA="Must Read" Software error: Can't call method "Sql" on an undefined value at E:\Perlcgi\Pipeline\c +gi.pl line 50. [download] Now I really don't get it. Interestingly it seems to do the database connection no matter what the value of $dept.	[reply] [d/l]
Re^6: Perl CGI and SQL statements by osunderdog (Deacon) on Apr 19, 2006 at 11:56 UTC
`my $db = new Win32::ODBC('$DSN');` The declaration of `$db` is too low. The variable is being declared in an if check and it's being referenced in an outer scope. Declare `$db` higher up in a block where it's visible to both the case where you assign it and where you reference it. The outer scope would work, that's where you've defined the `$cgi` variable. Hazah! I'm Employed!	[reply] [d/l] [select]