|Think about Loose Coupling
Re: Re: Re: Somethings not rightwith my MySQL do()by Fastolfe (Vicar)
|on Jul 20, 2002 at 01:36 UTC
Add some basic debugging code to your script that prints out the value of $cat (and any other variable) before using it. I would suspect that this variable is not being properly set prior to being used in this query.
And note that the placeholder suggestion is also one of safety: if you are using variables that are provided by the user directly in your SQL, keep in mind that users can put single-quotes and SQL code in this variable and execute arbitrary queries against your database through insecure code like this.
use strict and taint-checking (perl -wT) when dealing with potentially unsafe data and Perl will (usually) get your attention when you try and do something that someone else could exploit.