Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?

Re: Mysql queries with ' and "

by golux (Pilgrim)
on Mar 12, 2014 at 20:10 UTC ( #1078085=note: print w/ replies, xml ) Need Help??

in reply to Mysql queries with ' and "

Hi fattahsafa,

Just modify your $insert_query first, to escape all occurrences of apostrophe "'":

$insert_query =~ s/'/\\'/g;

This changes each "'" into "\'" (you have to escape the backslash "\" in the regular expression, which why there are two).

Update:   I agree with runrig that $dbh->quote is preferrable (as is using placeholders). On second look my way wouldn't quite work anyway, since you've got apostrophes within the string, though you could still get away with the regex if it didn't contain apostrophes to begin with; eg.:

insert_query = qq{INSERT INTO arabic_corpus (crps_word, crps_count +) VALUES ("$word", "$count")}; $insert_query =~ s/'/\\'/g;
say  substr+lc crypt(qw $i3 SI$),4,5

Comment on Re: Mysql queries with ' and "
Select or Download Code
Re^2: Mysql queries with ' and "
by runrig (Abbot) on Mar 12, 2014 at 20:23 UTC
    $insert_query =~ s/'/\\'/g;
    No, the right way would be to use the $dbh->quote() method, or even better, to use placeholders as suggested below.
      Thank you ! Placeholder works well

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1078085]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (21)
As of 2015-05-05 13:56 GMT
Find Nodes?
    Voting Booth?

    In my home, the TV remote control is ...

    Results (119 votes), past polls