Harald Fuchs writes
> Perhaps you mean something like the following:
>
> my $sth = $dbh->prepare (q{
> SELECT whatever
> FROM mytable
> WHERE somecol LIKE ? || '%'
> });
> $sth->execute ($input);
>
> Even if $input contains '%' or '_', those characters get properly escaped.
Hum, what makes you think that? if $input is "_foo%", then the DBD
driver will produce this query:
SELECT whatever FROM mytable WHERE somecol like '_foo%'||'%'
The % and _ characters aren't escaped at all.
That can be confirmed by setting $dbh->trace_level to something greater or equal
than 2 and looking at the Pg DBD driver's output.
--
Daniel
PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org
