Re: "ORDER BY" clause silently fails


Clear questions and runnable code get the best and fastest answer
	PerlMonks

Re: "ORDER BY" clause silently fails

by Corion (Patriarch)

on Sep 12, 2015 at 06:58 UTC ( #1141742=note: print w/replies, xml )

Need Help??

in reply to "ORDER BY" clause silently fails
in thread HTML::Template Tutorial

A placeholder can only be a value, not the name of a column, so you will have to dynamically create the SQL for your case.

To be safe from SQL injection, I recommend setting up the allowed values in a hash and validating against that:

my %sortby = (
    title => 'title',
    recorded => 'recorded',
    songwriter => 'songwriter',
    length => 'length',
    title_desc => 'title desc',
);

my $column = $sortby{ $user_column } || 'title';
my $sql = <<SQL;
   select @{[join(',', @COLS)]}
   from songs
   order by $column
SQL
[download]

Comment on Re: "ORDER BY" clause silently fails Download Code

In Section Tutorials

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://1141742]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others romping around the Monastery: (3)

As of 2023-06-08 14:58 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

Notices^?