Perl and SQL

[Austin Godber]

Thank You all for your replies.  Very informative.  In particular 
David's suggestion worked like a charm.  In fact it allowed me to move 
my $dbh->prepare outside of a loop.

I had actually ran into the Bind Values idea this morning but wasn't 
quite sure they would solve my loose single quote problems.

A note on ->quote() (I haven't tried it since I found the other 
solution) the man page says:

"Quote will probably not be able to deal with all possible input
(such as binary data or data containing newlines), and is not
related in any way with escaping or quoting shell meta-characters.
There is no need to quote values being used with "Placeholders and
Bind Values"."

So be forewarned ... newlines are everywhere, well in what I am dealing 
with.  Also, reading that again makes me realize that it said quoting is 
not necessary... duh.

Austin

David A. Sinck wrote:
> my $sql = 'insert into something (autoinc, textcolumn) values (0, ?)';
> $sth->execute($nasty_raw_unclean_user_input);  
> # see 'Placeholder and Bind Values' in the DBI man page