Re^2: Escaping quotes - can't quite get it!

Replies are listed 'Best First'.
Re^3: Escaping quotes - can't quite get it! by Corion (Patriarch) on May 18, 2011 at 09:02 UTC
Maybe now is a good time to learn about SQL? Depending on your SQL dialect, the "one character" (or "one byte", depending on your database/data structure) wildcard is `_` or `?`. As you seem to be successfully using `%` as wildcard, it is more likely `_` than `?`.	[reply] [d/l] [select]
Re^4: Escaping quotes - can't quite get it! by ultranerds (Hermit) on May 18, 2011 at 09:08 UTC
Hi, Yup, I keep meaning to purchase a book on mySQL. Maybe I will do that now, to start making use of my new Kindle ;) Thanks again - I managed to get it working now. Cheers Andy	[reply]
Re^5: Escaping quotes - can't quite get it! by Anonymous Monk on May 18, 2011 at 11:16 UTC
http://w3schools.com/sql/	[reply]
Re^3: Escaping quotes - can't quite get it! by Tanktalus (Canon) on May 18, 2011 at 15:15 UTC
Personally, a lack-of-support for placeholders would be a deal-breaker. It'd be sufficient, on its own, to warrant the dumping of that module and the search for a different module, or the ground-up writing of a new one, if need be. Injection attacks are not the only problem solved by placeholders, though, again, all on its own, it's sufficient cause for any database-interfacing module to support them. If the author of the module is not aware enough of this to simply allow binding of variables through their interface into DBI, then I would be concerned about everything else. (Which, of course, is not to say that allowing placeholders would be sufficient to draw the conclusion that they're a DB expert.)	[reply]
Re^3: Escaping quotes - can't quite get it! by ultranerds (Hermit) on May 18, 2011 at 09:01 UTC
Never mind - I think I answered my own question, with the REGEXP function in mySQL :) Cheers Andy	[reply]