The value you are pulling from the registry likely has an apostrophe in it, which is causing your sql error. With SQL server, you should replace a single apostrophe with a double, like this:
$BIOSVer =~ s/'/''/g; It's very important for security purposes to do this as well, because somebody could cause a malicious sql statement to be executed on your server. -----Original Message----- From: Ross Draper [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 5:23 PM To: [EMAIL PROTECTED] Subject: Win32 ODBC and SQL Insert error. Hi guys I've been puzzling over this for a little while now and could do with some help. I've written a script to retrieve information from remote NT/2000 machines and squirt it into a MS SQL database(2000) for the purposes of auditing. Everything was working fine until a week or so ago when I noticed that some machines werent appearing in my db anymore. After doing some debugging I have found that my SQL insert statement is failing with the following error: Error: [105] [1] "[Microsoft][ODBC SQL Server Driver][SQL Server]Unclosed quotation mark before the character string 'Phoenix ROM BIOS PLUS Version 1.10 A15'." To get to the basics of the problem I chucked away half the script and whittled it down to just the sections that retrieve and then insert the data. It seems that no matter what I do I keep getting this error and I think I have spent so long looking at it that I can no longer do so objectively. --------------------------------------------- use Win32::TieRegistry; use Win32::ODBC; $IPaddress = "127.0.0.1"; if (!($db = new Win32::ODBC("DSN=auditdb;UID=xxxxx;PWD=xxxxxx;"))){ print "Error connecting to $dsn\n"; print "please check the settings in your ini file and try again.\n"; print "Error: " . Win32::ODBC::Error() . "\n"; exit; } else { print "->Successfully connected to database using dsn.\n" } $BIOSKey =new Win32::TieRegistry"\\\\$IPaddress\\LMachine\\Hardware\\Description\\System\\ "; $BIOSVer = $BIOSKey->GetValue('SystemBiosVersion'); $db->Sql("INSERT INTO audit.dbo.system VALUES ( '$BIOSVer', 'testPC' ) " ); print "below is insert error\n"; print "Error: " . Win32::ODBC::Error() . "\n"; $db->Close; -------------------------------------------------- Can you notice anything wrong with the above that could cause it to generate the SQL error? The whole insert sting is just a series of variables in the full program. To my knowledge the SQL server hasnt been touched and I have double and triple checked the db design. If i substitute a text string for the variable it all works fine, so I can only assume I am picking up a hidden character from somewhere? Could somebody be kind enough to put me out of my misery and point out how I have caused this error? This is running on win2k Pro and perl v5.6.1. Many thanks Ross ************************************************************************* GWR on the Web http://www.koko.com http://www.classicfm.com http://www.corefreshhits.com http://www.planetrock.com http://www.opusonline.co.uk http://www.gwrgroup.com CONFIDENTIALITY NOTICE The information in this e-mail and any attachments to it is confidential and may be legally privileged or prohibited from disclosure and unauthorised use. If you are not the intended recipient, any use, copying, disclosure, modification, distribution and/or publication of this message or its attachments (if any) is prohibited and may be unlawful. We will not accept liability for any claims arising as a result of the use of the internet to transmit information by or to GWR Group plc. **************************************************************************** *********************** _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
