parameterised query using database functions

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

How would i turn the following query in to a parameterised query as it uses a database function

    my $querystrCon = ("update table set Details= CONCAT(Details, \"$i
+ lines inserted") where id=$RunID");
[download]

thanks

Comment on parameterised query using database functions Download Code

Replies are listed 'Best First'.
Re: parameterised query using database functions by ikegami (Patriarch) on Nov 24, 2010 at 17:47 UTC
`my $querystrCon = " UPDATE table SET Details=CONCAT(Details, ?) WHERE id=? "; ->execute("$i lines inserted", $RunID)` [download]	[reply] [d/l]
Re^2: parameterised query using database functions by Anonymous Monk on Nov 24, 2010 at 17:54 UTC
thanks. didn;t think you could do that :)	[reply]
Re^3: parameterised query using database functions by ikegami (Patriarch) on Nov 24, 2010 at 18:17 UTC
Which part? Use placeholders (question marks)? They are documented under the header "Placeholders and Bind Values".	[reply]
Re: parameterised query using database functions by locked_user sundialsvc4 (Abbot) on Nov 24, 2010 at 19:13 UTC
Notice that the placeholders are not enclosed in quotes. (`"?"` is a literal string consisting of one question-mark.) The database driver will recognize that these are bound parameters and will insist that the `execute` call (etc...) must have the corresponding number of parameter-values supplied. Nice thing about parameters is that you only have to `prepare` the query once.