> -----Original Message-----
> From: Strong [mailto:[EMAIL PROTECTED]
> Sent: Saturday, December 10, 2005 9:36 AM
> To: [email protected]
> Subject: Re: [cgiapp] Double MySQL query thru DBI.
>
>
> On Thu, 8 Dec 2005 19:11:45 +0100 "Emanuele Zeppieri"
> <[EMAIL PROTECTED]> wrote:
> > my @names = @_;
> > >
> > > my $sql = 'SELECT name, id FROM table WHERE name IN (';
> > > $sql .= join( ',', ('?') x @names );
> > > $sql .= ')';
> Excuse me for a silly question, but when I executed this:
>
> @names=('q','w');
> my $sql = 'SELECT name, id FROM table WHERE name IN (';
> $sql .= join( ',', ('?') x @names );
> $sql .= ')';
> print $sql;
>
> It gave me this:
>
> SELECT name, id FROM table WHERE name IN (?,?)
>
> So, where are those 'q' and 'w'?!
With respect to the previous messages, 'q' and 'w' are in @names (and in
@bind, if you use the SQL::Abstract version, which I again strongly
suggest).
The first and the second '?' in the query (which are called
"placeholders") will be automatically substituted respectively by 'q'
and 'w' by the db server (or by the DBI driver) just before the query is
executed. That's why you pass also the @bind array (which in this case
contains 'q' and 'w') when you execute the query:
$dbh->selectall_arrayref($sql, { Slice => {} }, @bind)
^^^^^
It is highly recommended to use the placeholders because it permits to
achieve the correct quoting of the parameters used in the query. They
also make your query reusable.
Please, have a look at:
http://search.cpan.org/~timb/DBI-1.49/DBI.pm#Placeholders_and_Bind_Value
s
Ciao,
Emanuele.
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[email protected]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
