And the DBI has now defined a $dbh->quote_identifier method.
But I'm not sure if DBD::mysql has implemented it yet.
Tim.
On Tue, Nov 12, 2002 at 12:48:29PM -0600, Paul DuBois wrote:
> At 10:27 -0700 11/12/02, Rob Lee wrote:
> >[Please respond directly to me as this address is not subscribed to this
> >list - thnx]
>
> The problem is that parameter binding applies to data values, not to
> identifiers such as table or column names.
>
> >
> >When I parameter bind and execute() I get seemingly-subtle errors related
> >to quoting.
> >
> >my $sth = $dbh->prepare("SELECT * FROM ?");
> >my $table = "tblSites";
> >$sth->execute($table);
> >
> >DBD::mysql::st execute failed: You have an error in your SQL syntax near
> >''tblSites'' at line 1 at ./quoteTest line 31, <F> line 15.
> >
> >This fails for the same reason why the following fails:
> >
> >mysql> SELECT * FROM 'tblSites';
> >ERROR 1064: You have an error in your SQL syntax near ''tblSamples'' at
> >line1
> >
> >Back-ticks(`tblSites`) are fine, single quotes cause problems.
> >
> >I can't seem to find any documentation on this issue.
> >
> >-R
>
