in reply to Using Perl and MySQL for Activity Log

It's been ages since I've written direct database queries, but something like the following could be what you use.

Using prepared statements and placeholders are the biggest things I'd recommend:


#!/usr/bin/perl

use strict;
use warnings;

use DBI;
use DBD::mysql;

#this is my config module
use DBase::MySQL::Config qw(DB_CUSTOMER_CATALOG DB_USER DB_PW);

my $dbh = DBI->connect(DB_CUSTOMER_CATALOG, DB_USER, DB_PW);

my $catalog_u = $dbh->prepare(q{UPDATE catalog SET name=?, address=?, 
+notes=? WHERE phone_number=?});
my $catalog_i = $dbh->prepare(q{INSERT INTO catalog SET phone_number=?
+, name=?, address=?, notes=?});
my $catalog_c = $dbh->prepare(q{SELECT COUNT(*) FROM catalog WHERE pho
+ne_number=?});
my $change_i = $dbh->prepare(q{INSERT INTO change_log SET timestamp=NO
+W(), number_record=?, action=?});

while(<DATA>) {
    chomp;
    my ($phone, $name, $address, $notes) = split "\t";
    
    my $catalog_c->execute($phone) or die $dbh->errstr;
    my ($exists) = $catalog_c->fetchrow_array;
    
    if ($exists) {
        my $changed = $catalog_u->execute($name, $address, $notes, $ph
+one) or die $dbh->errstr;
        if ($changed) {
            $change_i->execute($phone, 'update') or die $dbh->errstr;
        }
    } else {
        $catalog_i->execute($phone, $name, $address, $notes) or die $d
+bh->errstr;
        $change_i->execute($phone, 'insert') or die $dbh->errstr;
    }
}

$catalog_u->finish;
$catalog_i->finish;
$catalog_c->finish;
$change_i->finish;

$dbh->disconnect();

__END__

[download]

In Section Seekers of Perl Wisdom