in reply to What are placeholders in DBI, and why would I want to use them?

... you can't use placeholders for variable-length WHERE IN('foo', 'bar', 'baz') constructs.

PostgreSQL offers the following construct:

 where array[ column_name ] <@ ( ? )

you can then $sth->execute(), passing an arrayref (i.e.: ['foo', 'bar', 'baz'] ) to the single placeholder.

Replies are listed 'Best First'.
Re: Answer: What are placeholders in DBI, and why would I want to use them?
by MidLifeXis (Monsignor) on Dec 30, 2015 at 13:38 UTC

    You can, however, do something along the lines of:

    my $sql = '... WHERE foo IN (' . join(',', ('?') x scalar( @values ) +) . ') ...';

    in order to generate the proper placeholder-based statement that you can then pass your parameters into.

    See also DBIx::PreQL.

    Update: As per BrowserUK (below), in order to make use of this, you either need to prepare your query each time, cache your prepared query based on number of parameters using prepare_cached or some other method, or know that the number of parameters will be the same each and every time.

    --MidLifeXis

      You can, however, do something along the lines of: 01 my $sql = '... WHERE foo IN (' . join(',', ('?') x scalar( @values )) . ') ...'; in order to generate the proper placeholder-based statement that you can then pass your parameters into.

      Only if you will have the same number of parameters for each binding; and know that number a priori when you prepare the statement.


      With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
      Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
      "Science is about questioning the status quo. Questioning authority". I knew I was on the right track :)
      In the absence of evidence, opinion is indistinguishable from prejudice.

        Yes, absolutely. I made the assumption (probably poor) that this was not for performance, but to use placeholders in the SQL. Update to my response is in order done.

        --MidLifeXis