I know there's probably a better way to do what I'm trying to accomplish so I'd like some opinions.
I have 2 cgi programs. One has a form full of text boxes sending data to the 2nd program. What I need is an easy way to add the single-quotes to each variable that is not an integer before sending the statement to my Oracle database. So say I had - $name $address $zip NAME and ADDRESS being character and ZIP being integer variables, and I wanted to make sure the went in as $statement = qw/select * from otable where name='$name' and address='$address' and zip=$zip/; $sth = $dbh->prepare($statement); I need a way (hopefully not messy) to "interpolate" those variables into the sql statement but also have them single-quoted. I could probably work something out but I usually find that there's an easier way to do things after I have made a mess of them.
