Home > mailing lists

Re: DBD::Pg problem - Mailing list pgsql-general

From	Harald Fuchs
Subject	Re: DBD::Pg problem
Date	December 3, 2003 13:40:29
Msg-id	pu4qwix8wy.fsf@srv.protecting.net Whole thread Raw
In response to	Re: DBD::Pg problem ("Ausrack Webmaster" <webmaster@ausrack.com.au>)
List	pgsql-general

Tree view

In article <3FCDE437.9060309@cog.ufl.edu>,
Barbara Lindsey <blindsey@cog.ufl.edu> writes:

> When I have problems like this, I do something like this:
> $sql="insert into it_contact (email, to_email,
> subject,details,modify,parent) values(
> '".$from."','".$to,"','".$subject."','".$body."', now(),'".$parent."')";

> Then you dont have to bind params. You can just prepare and execute.

... and get interesting results if one of the variables contains
quotes or backslashes.

I often use something like that:

  $dbh->do (q{
    INSERT INTO it_contact (email, to_email, subject, details, modify, parent)
    VALUES (?, ?, ?, ?, ?, ?)
  }, undef, $from, $to, $subject, $body, now(), $parent);

This lets DBI do the proper quoting for you.

pgsql-general by date:

From: Doug McNaught
Date: 03 December 2003, 13:10:35
Subject: Re: DBD::Pg problem

From: Jan Wieck
Date: 03 December 2003, 13:44:30
Subject: Re: Feature Request for 7.5

Re: DBD::Pg problem - Mailing list pgsql-general

Previous

Next