Am 2014-01-10 14:17, schrieb Markus Hoenicka: 

> if I understand you correctly, you attempt to insert a value containing the 
> string "%s Saints going down tonight!!!!!" using the libdbi function 
> dbi_conn_queryf(). Thing is, dbi_conn_queryf() is intended to make 
> dbi_conn_query() behave somewhat like sprintf() in that you can specify a 
> formatting string containing placeholders like "%s", followed by parameters 
> that are filled in. If you want to preserve the "%s" literally, you either 
> need to escape or quote the values properly, or you should rather use 
> dbi_conn_query() which sends the string parameter to the db engine literally. 
> You still need to watch out for proper quoting and escaping as per the 
> language specs of your db engine.

I forgot to mention that the dbi_conn_quote_string() and
dbi_conn_escape_string() functions and their relatives can do the
quoting and escaping for you, please check the manual.


Markus Hoenicka
AQ score 38

CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
libdbi-users mailing list

Reply via email to