[EMAIL PROTECTED] (Joseph Xu) writes:
> The following test script has strange behavior. It may relate
> to CGI::Vars. please advice.
>
> Thanks
>
> #!/usr/bin/perl
>
> use DBI;
> use CGI;
>
> my $dbh = DBI->connect("dbi:mysql:wirepoll01", "UID", "PWD");
> my $q = new CGI;
>
> $q->param('abc' => 'teststring');
> $p = $q->Vars;
> print $dbh->quote( $p->{'abc'} ); # WHY print 'NULL' ????????
>
> $pp = {'abc' => 'teststring'};
> print $dbh->quote( $pp->{'abc'} ); # but this print '\'teststring\''
>
> $dbh->disconnect;
The DBI::quote function is not intended for CGI, it's intended for the
database. In a SQL statement, if a string contains single quotes, you
need to replace them with \' or '' (depending on the database's
rules), and if a value is undefined, the database equivalent is NULL.
The reason $p->{'abc'} is not working as you would expect is a CGI
question, not a DBI one. Try printing it without the $dbh->quote()
function call, and see what the results are. Also check
defined($p->{'abc'}) and exists($p->{'abc'}).
If you are interested in "quoting" characters for display in HTML, use
CGI::escapeHTML. For quoting characters in URLs, use CGI::escape or
the URI module.
--Bill.
--
William R Ward [EMAIL PROTECTED] http://www.wards.net/~bill/
-----------------------------------------------------------------------------
If you're not part of the solution, you're part of the precipitate.
