Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: Mysql queries with ' and "

by golux (Friar)
on Mar 12, 2014 at 20:10 UTC ( #1078085=note: print w/replies, xml ) Need Help??


in reply to Mysql queries with ' and "

Hi fattahsafa,

Just modify your $insert_query first, to escape all occurrences of apostrophe "'":

$insert_query =~ s/'/\\'/g;

This changes each "'" into "\'" (you have to escape the backslash "\" in the regular expression, which why there are two).

Update:   I agree with runrig that $dbh->quote is preferrable (as is using placeholders). On second look my way wouldn't quite work anyway, since you've got apostrophes within the string, though you could still get away with the regex if it didn't contain apostrophes to begin with; eg.:

insert_query = qq{INSERT INTO arabic_corpus (crps_word, crps_count +) VALUES ("$word", "$count")}; $insert_query =~ s/'/\\'/g;
say  substr+lc crypt(qw $i3 SI$),4,5

Replies are listed 'Best First'.
Re^2: Mysql queries with ' and "
by runrig (Abbot) on Mar 12, 2014 at 20:23 UTC
    $insert_query =~ s/'/\\'/g;
    No, the right way would be to use the $dbh->quote() method, or even better, to use placeholders as suggested below.
      Thank you ! Placeholder works well

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1078085]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (2)
As of 2016-12-09 04:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    On a regular basis, I'm most likely to spy upon:













    Results (148 votes). Check out past polls.