On 08 Mar 2003 16:06:35 -0600 Rob Benton <[EMAIL PROTECTED]> wrote: > I know there's probably a better way to do what I'm trying to accomplish > so I'd like some opinions. > > I have 2 cgi programs. One has a form full of text boxes sending data to > the 2nd program. What I need is an easy way to add the single-quotes to > each variable that is not an integer before sending the statement to my > Oracle database. > > So say I had - > > $name > $address > $zip > > NAME and ADDRESS being character and ZIP being integer variables, and I > wanted to make sure the went in as
Using an NUMBER column for zipcodes is just begging for problems. For example, what about Canadian addresses? > $statement = qw/select * from otable where name='$name' and > address='$address' and zip=$zip/; > $sth = $dbh->prepare($statement); > > I need a way (hopefully not messy) to "interpolate" those variables into > the sql statement but also have them single-quoted. I could probably > work something out but I usually find that there's an easier way to do > things after I have made a mess of them. Placeholders. There are examples of using them in the fine DBI and DBD::Oracle manuals and in DBD-Oracle-xxx/Oracle.ex/ . http://xmlproj.com/fom-serve/cache/49.html -- Mac :}) ** I normally forward private questions to the appropriate mail list. ** Ask Smarter: http://www.catb.org/~esr/faqs/smart-questions.html Give a hobbit a fish and he eats fish for a day. Give a hobbit a ring and he eats fish for an age.
