Hello,
I have a strange problem with stored queries like this
$sql = qq/
SELECT city, country
FROM countries
WHERE city LIKE ?
ORDER BY city
/;
$sthCity= $dbh->prepare($sql);
my $tempCity = $dbh->quote("n%");
$sthCity->execute($tempCity);
my $result = $sthCity->fetchall_arrayref;
the query doesn't return any value. It works only if I remove the -
>quote(). The following code actually works retuning all cities with
their name n-something
my $tempCity = "n%";
$sthCity->execute($tempCity);
my $result = $sthCity->fetchall_arrayref;
bu I'm a little bit worried to use a a WHERE statement without quoting
the search pattern (input by user). Is it a problem or not?
Thanks,
Filippo