Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Answer: My query works fine from the command line, but it fails in my script!

( #7617=categorized answer: print w/ replies, xml ) Need Help??

Q&A > database programming > Why does my query work on the command line, but fail in my browser? contributed by Jonathan

I find it easier to build up the query string in a series of sprintf statements where the single quotes can be easily embedded :)

Comment on Answer: My query works fine from the command line, but it fails in my script!
RE: Answer: My query works fine from the command line, but it fails in my script!
by athomason (Curate) on Jun 28, 2000 at 23:42 UTC
    This is a common mistake, but don't be tempted to commit it. While it's easier to add your own quotes, you're bound to run into trouble when the string you're quoting has quotes of it's own. While an accidental inclusion of a stray quote will probably only break your script, a malicious user could attempt to modify your query to get information you never intended to be public. Also, quoting mechanisms are different across databases. What works on the platform you're developing with may not work with another when you need to change down the road. The DBI quote method always properly quotes strings by respecting the particular database's conventions for escaping metacharacters and enclosing quoted strings. Placeholders automatically use DBI quotes and make like easier in the long run, so you're much better off using them.
Log In?
Username:
Password:

What's my password?
Create A New User
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (17)
As of 2014-10-23 16:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (126 votes), past polls