Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Re: How to add quotes to comma separated values in a String (updated)

by haukex (Archbishop)
on Feb 12, 2018 at 22:06 UTC ( [id://1209024]=note: print w/replies, xml ) Need Help??


in reply to How to add quotes to comma separated values in a String

because I'll be passing it to a sql statement as part of an "IN" clause

My first suggestion is to not re-invent the wheel, have a look at SQL::Abstract (example).

DBI provides quote* and quote_identifier, this is the very least you should do - don't go and try to quote the strings yourself.

Also, as an aside, you should always use placeholders wherever possible - see Bobby Tables.

* Update:

use warnings;
use strict;
use DBI;

# just using an SQLite in-memory DB as an example here
my $dbh = DBI->connect("dbi:SQLite:dbname=:memory:", '', '',
    { RaiseError=>1, AutoCommit=>0 } );

my @values = qw/ CAT DOG BIRD COW bl'ah /;
my $str = join ',', map { $dbh->quote($_,'VARCHAR') } @values;
print $str, "\n";

__END__

'CAT','DOG','BIRD','COW','bl''ah'

[download]

Replies are listed 'Best First'.
Re^2: How to add quotes to comma separated values in a String (updated)
by Laurent_R (Canon) on Feb 12, 2018 at 23:57 UTC
    don't go and try to quote the strings yourself.
    Come on, why not? This is being a bit dogmatic, isn't it?

    While I certainly agree that using the functionalities provided by DBI or other modules such as SQL::Abstract is a good idea (and I upvoted your post), knowing how to do it in core Perl is also a good idea, IMHO. After all, Perl is supposed to be a very good language at string handling. Do you really think that doing it the Java way is better?

    For example: 

    my $str = join ', ', map { "'$_'" } split /,/, "CAT,DOG,BIRD,COW";    
+ # -> 'CAT', 'DOG', 'BIRD', 'COW'

    [download]
    or even better: 
    my $str = "CAT,DOG,BIRD,COW";
$str =~  s/\b/'/g;     # -> 'CAT','DOG','BIRD','COW'

    [download]
    Both examples took me less than 10 seconds to write and test (under the debugger). Looking up the documentation for either of the two modules would probably take me at least 10 or 15 minutes, so 60 to 100 times longer.

    To me, using a module for something that can be done with a regex requiring less than ten keystrokes is a bit of over-engineering.

[reply]
[d/l]
[select]
      Come on, why not? This is being a bit dogmatic, isn't it?

      Not really. When you know the broken or wonky data you'll get 100% of the time, sure, why not. But data in the wild is rarely predictable and the best advice to that end is suggesting the most robust solutions. The same reason we don't recommend regular expressions for parsing HTML. Most of the time it is actually fine but most of the time is a lousy way to live. :P

[reply]
        The same reason we don't recommend regular expressions for parsing HTML.
        To me, this is quite different.

        The OP has an internal variable containing a (CSV) string and wants to quote the fields. It is really not like processing an HTML or XML external file, it is a variable within the program. The OP presumably knows how the string was generated and should presumably be sure of its content.

        The string was probably generated within the program. And even if coming from some external source, hopefully the string has been verified and possibly untainted, maybe sanitized, whatever is needed to be reasonably sure of the content. If the string is coming from outside the program and not generated by the OP, these checks are necessary anyway.

        Please note that I did not object to use the modules mentioned by haukex, quite to the contrary, but only to the advise "do not to try to quote the strings yourself". I believe that there are many cases where you know exactly what your data is like and where you really can quote the strings yourself. Sometimes, you don't need heavy artillery when a fly-swatter will do the job.

[reply]
Re^2: How to add quotes to comma separated values in a String (updated)
by dirtdog (Monk) on Feb 12, 2018 at 22:27 UTC

    Thanks! Works perfectly

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1209024]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (7)
As of 2024-04-19 07:48 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found