(ar0n: use placeholders) Re: text entry into mysql using perl

One: use the DBI quote method:

my $sql = $dbh->quote($foo);
$dbh->do($sql);
[download]

Two: use placeholders:

my $sth = $dbh->prepare("INSERT INTO foo (bar, baz, quux) VALUES (?, ?
+, ?)");
$sth->execute($bar, $baz, $quux);
[download]

I prefer option two. Read <code>perldoc DBI</code for more info on placeholders.

[ ar0n ]

Comment on (ar0n: use placeholders) Re: text entry into mysql using perl Select or Download Code

Replies are listed 'Best First'.
Re: (ar0n: use placeholders) Re: text entry into mysql using perl by cdherold (Monk) on Apr 16, 2001 at 05:45 UTC
I did what you said `$sth = $dbh->prepare("INSERT INTO press_releases (time,date,ticker,hea +der,body) VALUES (?,?,?,?,?);"); $sth->execute($time, $date, $ticker, $header, $body);` [download] which worked beautifully. Only thing is it worked twice, so I got the same thing written into the database two times. Did I do something wrong?	[reply] [d/l]
(ar0n) Re (2): (ar0n: use placeholders) Re: text entry into mysql using perl by ar0n (Priest) on Apr 16, 2001 at 05:50 UTC
Only thing is it worked twice, so I got the same thing written into the database two times. Did I do something wrong? Most likely. Are you using this in a loop? The statements above work fine. [ ar0n ]	[reply]