Home > mailing lists

stored queries and quoted strings - Mailing list pgsql-general

From	filippo
Subject	stored queries and quoted strings
Date	April 2, 2007 14:15:26
Msg-id	1175239878.580307.28090@o5g2000hsb.googlegroups.com Whole thread Raw
Responses	Re: stored queries and quoted strings (Ragnar <gnari@hive.is>)
List	pgsql-general

Tree view

Hello,

I have a strange problem with stored queries like this

  $sql = qq/
         SELECT city, country
         FROM countries
         WHERE city LIKE ?
         ORDER BY city
           /;
  $sthCity= $dbh->prepare($sql);
  my $tempCity = $dbh->quote("n%");
  $sthCity->execute($tempCity);
  my $result = $sthCity->fetchall_arrayref;

the query doesn't return any value. It works only if I remove the -
>quote(). The following code actually works retuning all cities with
their name n-something

  my $tempCity = "n%";
  $sthCity->execute($tempCity);
  my $result = $sthCity->fetchall_arrayref;

bu I'm a little bit worried to use a a WHERE statement without quoting
the search pattern (input by user). Is it a problem or not?

Thanks,

Filippo

pgsql-general by date:

From: Lew
Date: 02 April 2007, 14:12:34
Subject: Re: coalesce for null AND empty strings

From: RPK
Date: 02 April 2007, 14:15:41
Subject: Wrong increments of Sequence

stored queries and quoted strings - Mailing list pgsql-general

Previous

Next