Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

MySQL Not Accepting $Value That Contains Single or Double Quotes

by Milti (Beadle)
on Jan 18, 2014 at 00:18 UTC ( [id://1071038]=perlquestion: print w/replies, xml ) Need Help??

Milti has asked for the wisdom of the Perl Monks concerning the following question:

I use PERL and a form with a <text area> and CGI scripts to input text into a MySQL table. The script is something like this:

sub update { #!/usr/bin/perl -w use DBI; my ($dbh, $sth, $AccountID, $Input); $AccountID="$FORM{'AccountID'}"; $Input="$FROM{'Input'}"; $dbh = DBI->connect('dbi:mysql:membersdb','member','somepasswd') || di +e "cannot open"; $sql = qq`UPDATE memberinfo SET Input='$Input' WHERE AccountID='$Accou +ntID'`; $sth = $dbh->prepare($sql) or die "Cannot prepare: " . $dbh->errstr(); $sth->execute() or die "Cannot execute: " . $sth->errstr(); $sth->finish(); }
The text is input just fine as long as it doesn't contain single or double quotes. I know the quotation marks have to be escaped but have not been able to find a method to do that to a variable, i.e. $Input. Is there a simple way to do that with PERL? If so can someone point me to it or, better yet, provide the code I need in the above example. Thanks for any assistance!!

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://1071038]
Approved by Old_Gray_Bear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others wandering the Monastery: (3)
As of 2024-09-07 18:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?
    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.