Alan Horn wrote:
...
> The statement I'm using is thus :
>
> my($sth) = $dbh->prepare("insert into maintenance (sno, date, data) values
> ('$sno', '$date', '$tmpstring')");
>
> (all on one line of course...)
>
> My problem is this. $tmpstring may well contain embedded newlines or '
> characters (these are the two characters I've had problems with so far).
...
The method you're looking for is $dbh->quote. You could use it like:
$sth = $dbh->prepare("insert into maintenance (sno, date, data)
values ($dbh->quote($sno),
$dbh->quote($date),
$dbh->quote($tmpstring))");
Hope that helps.
Regards,
Kyle
