on Tue, 09 Jul 2002 14:05:51 GMT, [EMAIL PROTECTED] (Timothy
Helck) wrote:
> Generally I prefer to cat together my select statement as a
> string, then use prepare(). Like this:
> my $SQL_sth1 = q
> { SELECT *
> FROM coverage_primary_loan
> WHERE certificate_number = $certificate
> };
>
> my $sth1 = $dbh1->prepare($SQL_sth1);
>
> Now you can print $SQL_sth1 and you can find many obvious errors
> this way.
If you had done this yourself you would have noticed that
$certificate isn't interpolated because you use 'q' instead of 'qq'.
> But there's a better way to do what you're doing: placeholders and
> bind variables.
Which would also solve any potential quoting issues that can occur in
the SELECT statement above.
--
felix
