> Hello
> I have a database abc with one table xyz
> The html page is to sign up a new user and calls the following signup.cgi
> script.
> The new data is not getting inserted in the table when I execute it from the
> ip address - the page getting called by the form.
> BUT I can INSERT data in table by giving static values in the column fields
> and executing the script in the shell.
> I tried some google search - it seemed alright.
> what else could possibly be wrong ?
>
> ******************************
> #signup.cgi
> #!/usr/bin/perl -w
>
> use DBI;
>
> print "Content-type:text/html\n\n";
> print <<EoH;
> <HTML><HEAD><TITLE>SIGN UP</TITLE></HEAD>
> <BODY>
> EoH
>
> read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
> @fields = split(/&/,$buffer);
>
> foreach $element (@fields)
> {
> ($field,$data) = split(/=/,$element);
> $data =~ s/\+/ /g;
> $data =~ s/%([a-zA-Z0-9][a-zA-Z0-9])/pack("C",hex($1))/eg;
> $form{$field} = $data;
> }
>
> print "<br>Database<br>";
> $dbh = DBI->connect('dbi:mysql:allaboutsecurity',undef,undef);
> print "<br>Database<br>";
> $sth = $dbh->prepare("INSERT INTO t_userinfo VALUES(`$form{'tusername'}`,
> `$form{'tpassword'}`, `$form{'temail'}`, `$form{'tdob'}`,
> `$form{'taddrstreet'}`, `$form{'taddrcity'}`, `$form{'taddrstate'}`,
> `$form{'taddrzipcode'}`, `$form{'taddrcountry'}`, `$form{'toccupation'}`,
> `$form{'tphhome'}`, `$form{'tphwork'}`, `CURRENT_DATE`)");
> $sth->execute;
> $sth->finish;
> $dbh->disconnect;
>
>
> print <<EoB;
> </BODY>
> </HTML>
> EoB
> *****************************
>
> Thank you
> Aman
With Perl you have a few options when it comes to quoting strings.
You can 'escape' a set of quotes as a wrapper. (
\"$form{'taddrcountry'}\" )
You can also avoid quoting altogether using qq ( qq
("$form{'taddrcountry'}" )
- use what you like after the qq as long as it doesn't conflict with
something inside the string.
Either of these methods will let you avoid the backtick, which is surely
not a good idea methinks.
--
Amer Neely, Softouch Information Services
W: www.softouch.on.ca
E: [EMAIL PROTECTED]
V: 519.438.5887
Perl | PHP | MySQL | CGI programming for shopping carts, data entry
forms.
"We make web sites work!"
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
