From: "Henrickson, Diana" <[EMAIL PROTECTED]>
I realize this may be a silly question but I cannot get this to work. I'm
trying to pass form variables into a database using DBD::DB2..
$sth = $dbh -> prepare ("INSERT INTO USERDATA(FIRST_NAME)
VALUES($fdat{cgifirst})") or die "Cannot INSERT to '$table'" ;
Is there a different way I need to reference my variables?
Any help is much appreciated.
--Diana
You didn't give us much info to go on, but there are only a view
possibilities here.
The first is that $fdat{cgifirst} doesn't contain a value. Another
list member has already addressed that.
The most likely problem is that you are getting a database error,
probably a syntax error. The reason is that cgifirst is a string and
probably needs to be enclosed in quotes in the SQL. The variables
that need to be in quotes verses number that are not in quotes and all
the rest cause lots of problem when you substitute strings into your
SQL as your example shows you doing. The "better" way is to do the
following: (Apologies for any syntax errors, I haven't actually run
the following)
$sth = $dbh -> prepare ("INSERT INTO USERDATA(FIRST_NAME)
VALUES(?)") or die "Prepare failed: " .$dbh->errstr;
$rv = $sth->execute($fdat{cgifirst} or die "Insert failed: " .$dbh->errstr;
This technique uses the ? as a place holder for the value which is
passed in the execute call. This eliminates the quoting problem.
The DBI documentation has some examples of using placeholders so you
should start there and you could get the new O'Reilly book on DBI and
review it for the list.
Dudley
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
