D
dn_perl
I want to use placeholder to escape special characters directly
via DBI while constructing an sql query.
The following code works properly :
=====================================
use vars qw($check_name) ;
$check_name = "Peter" ;
$dstmt = $dbh->prepare("select count(*) from student
where st_name='$check_name' "); # statement 2
$dstmt->execute() or die "sql call failed"; # statement 3
$num_entries = $dstmt->fetchrow() ;
$dstmt->finish ;
=====================================
I get the correct value in $num_entries and it happens to be 3.
But if I change statements 2 and 3 to use placeholder, I get
$num_entries = 0 (instead of 3). I am wondering why.
New statements #s 2 and 3
$dstmt = $dbh->prepare("select count(*) from student
where st_name=? ");
$dstmt->execute($check_name) or die "sql call failed";
Please advise.
via DBI while constructing an sql query.
The following code works properly :
=====================================
use vars qw($check_name) ;
$check_name = "Peter" ;
$dstmt = $dbh->prepare("select count(*) from student
where st_name='$check_name' "); # statement 2
$dstmt->execute() or die "sql call failed"; # statement 3
$num_entries = $dstmt->fetchrow() ;
$dstmt->finish ;
=====================================
I get the correct value in $num_entries and it happens to be 3.
But if I change statements 2 and 3 to use placeholder, I get
$num_entries = 0 (instead of 3). I am wondering why.
New statements #s 2 and 3
$dstmt = $dbh->prepare("select count(*) from student
where st_name=? ");
$dstmt->execute($check_name) or die "sql call failed";
Please advise.