> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Mack
> Sent: donderdag 10 november 2005 13:59
> To: [email protected]
> Subject: RE: [Mimedefang] perl problem
>
>
> my $newrecip =$recip;
> $newrecip =~ s/'/''/gi;
> $sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username =
> '$recip' && preference='whitelist_from'");
>
> that will fix it, (replacing the ' with '') be carefull of \'
> as well if you are using mysql
My method is better, really. :)
$sth1 = $dbh->prepare("SELECT value FROM userpref WHERE username = ? &&
preference='whitelist_from'");
$sth1 -> execute ($recip).
It lets DBI do the quotemeta thingy, internally, and is really the best way
to pass parameters to an execute call.
But all of this is hopelessly OT, of course.
- Mark
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
