Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: Mysql queries with ' and "

by golux (Pilgrim)
on Mar 12, 2014 at 20:10 UTC ( #1078085=note: print w/ replies, xml ) Need Help??


in reply to Mysql queries with ' and "

Hi fattahsafa,

Just modify your $insert_query first, to escape all occurrences of apostrophe "'":

$insert_query =~ s/'/\\'/g;

This changes each "'" into "\'" (you have to escape the backslash "\" in the regular expression, which why there are two).

Update:   I agree with runrig that $dbh->quote is preferrable (as is using placeholders). On second look my way wouldn't quite work anyway, since you've got apostrophes within the string, though you could still get away with the regex if it didn't contain apostrophes to begin with; eg.:

insert_query = qq{INSERT INTO arabic_corpus (crps_word, crps_count +) VALUES ("$word", "$count")}; $insert_query =~ s/'/\\'/g;
say  substr+lc crypt(qw $i3 SI$),4,5


Comment on Re: Mysql queries with ' and "
Select or Download Code
Re^2: Mysql queries with ' and "
by runrig (Abbot) on Mar 12, 2014 at 20:23 UTC
    $insert_query =~ s/'/\\'/g;
    No, the right way would be to use the $dbh->quote() method, or even better, to use placeholders as suggested below.
      Thank you ! Placeholder works well

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1078085]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (13)
As of 2014-12-22 20:51 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (130 votes), past polls