Hi, J�rn,
> I encountered a strange bug in DBD::mysql with parameter binding. If
> I use an arithmetic operator (e.g. > ) on a string value just before
> using $dbh->prepare/execute, DBD::mysql guesses a numeric data type
> for this variable and omits the surrounding apostrophs, which
> naturally results in a MySQL syntax error. DBI->do works without
> problems in this case, only prepare/execute fails.
this is quite explainable in the case of DBD::mysql.
As MySQL doesn't actually support placeholders, the driver
emulates them. As a consequence, it is the drivers task to
decide whether $a and $b in the following example are being
quoted or not:
$sth->execute($a, $b);
The driver does so by looking at certain Perl flags that
indicate whether a variable is assumed to be numeric or
not. In your case the arithmetic comparison is setting
the flags.
If you want to ensure portability, use
$sth->bind_param(1, $a, DBI::SQL_VARCHAR);
$sth->bind_param(2, $b, DBI::SQL_INTEGER);
or
$sth->execute("$a", int($b));
Sorry,
Jochen
