I know this isn't a PHP board but what you're suggesting is very dangerous. Using simple sprintf & %s in php like that does not get you all the benefits of ? placeholders in DBI. Later versions of PHP have PDO which is similar to DBI (but not as nice).