Del wrote:
> Webmaster wrote:
> > How do I get the ' entered successfully in a MySQL
> > database with Perl script ?
>
> $data = "it's best that you quote your strings"
>
> ########################################
> # HERE'S THE MAGIC BIT OF CODE YOU NEED!
> $data_to_insert = $dbh->quote($data);
> ########################################
>
> $sth = $dbh->prepare("INSERT INTO mytable VALUES mystring=" . $data_to_insert);
> $rv = $sth->execute;
Even easier: use a bound parameter as follows, which automagically
does any quoting necessary for you:
$data = "it's easiest to pass bound parameters";
$sth = $dbh->prepare("INSERT INTO mytable VALUES mystring = ?");
$rv = $sth->execute($data);
You can pass as many '?' placeholders in the SQL as you require.
Pass the actual parameters to be bound to execute.
And remember: perldoc DBI <--- is your friend.
cheers
rickw
--
_________________________________
Rick Welykochy || Praxis Services
Put an unpatched Win2k box on the Internet. Wait five minutes. Take it
off the Internet (please!) and connect it to a box running ethereal and
capture the packets.
-- how to snag a virus
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
