Hello All,
This may not be a DBI problem, but I've haven't been able to turn up any
good info so I'm giving the list a shot..
The problem is with double quotes, in short I have a HTML form text box to
take a user inputted description which gets saved into a mySql table into
the following field.
| Field | Type | Null | Key | Default | Extra
|
+---------------------+--------------+------+-----+---------+---------------
-+
| ListingDescription | text | YES | | NULL |
|
The problem is if a user uses double quotes within that description then
everything from the first double quote until the end is wiped out
(everything else is inserted or updated)..
I am using placeholders and I thought that this was the exact reason to use
them (so there are no quoting issues), for example
$sth = $db->prepare("Update table set ListingDescription = ?")
$sth->execute($form_value{'description'}).
Should I just do a search and replace on that val and escape any double
quotes?
($val =~ s/"/\\"/g)
Or is there something I'm missing?
I guess I need to go back now and start testing things like single quotes
and whatnot to see if there are other problem with any other chars..
Thanks in advance for any info.
-Chris
