in reply to Hidden Secrets of PERL

Not a real hidden secret, and mentioned on this site before: (however i use it, since it's save for my examle): the x operator.
have a look at the following example: 
my $sql = join(",", @allsearchterms);
my $sth = $dbh->prepare("select * from table where value in($sql)");
# You need to place qutes arount the sql-items, but you'll get the poi
+nt here...
$sth->execute();

[download]
As you know, this isn't safe (sql Piggybacking)
Now concider the next code example: 

my $qm = join ',', ('?') x @allsearchterms;
my $sth = $dbh->prepare("select * from table where value in($qm)");
$sth->execute(@allsearchterms);

[download]
As you see, a neat feature of Perl :)

Update:
code adjusted as suggested by Hue-Bond

"We all agree on the necessity of compromise. We just can't agree on when it's necessary to compromise." - Larry Wall.

Replies are listed 'Best First'.
Re^2: Hidden Secrets of PERL
by Hue-Bond (Priest) on Oct 12, 2006 at 10:24 UTC
    My $qm = '?,'x scalar(@allsearchterms);

    The argument at the right of x is in scalar context, so no need to call scalar. Besides it, you can use join to get rid of the chop:

    my $qm = join ',', ('?') x @allsearchterms;

    --
    David Serrano

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom